Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, what role Senior Information Risk Owners and Caldicott Guardians play in overseeing data governance for the Federated Data Platform (FDP) within Integrated Care Boards and NHS trusts; and whether those roles are held by executive board members.

Every integrated care board and National Health Service trust board, who are data controllers for data held within their own individual instance of the NHS Federated Data Platform, has responsibility for data governance and managing risk.

Integrated care boards in the NHS are mandated to appoint both a senior information risk officer and a Caldicott Guardian. These roles are essential for ensuring compliance with patient data confidentiality, information governance, and the secure handling of information within the organisation.

Information on whether or not Caldicott Guardians are Executive Board members is not held centrally.