Table 2.
Summarising some key differences between IG regulations, and associated organisations and principles
| IG regulations, organisation and principles | Key differences |
| Data Protection Act 2018 (DPA) versus General Data Protection Regulation (GDPR) |
The DPA 2018 and GDPR are two essential regulations that govern data protection and privacy in the UK. The DPA 2018 is the UK’s implementation of the GDPR, and it provides the legal framework for processing personal data. Researchers must adhere to the principles of data protection outlined in these regulations, such as obtaining valid consent, ensuring data security and providing individuals with rights over their data. |
| NHS Digital versus Caldicott Principles |
NHS Digital, the national information and technology partner to the health and care system in England, has specific guidelines for handling patient data. They provide detailed guidance on data standards, IG and security management for researchers working with health data. The Caldicott Principles, established in 1997 and revised in 2013, define the guidelines for protecting patient information and ensuring its confidentiality. |
| Confidentiality versus Security |
Confidentiality and security are crucial aspects of healthcare IG in the UK. Researchers must comply with regulations that aim to protect patient information from unauthorised access, disclosure or breaches. They must adopt appropriate security measures to safeguard data, including encryption, access controls and secure storage. |
| Research Ethics versus Research Governance |
Research involving human subjects must comply with ethical standards. Independent research ethics committees review and approve research proposals to ensure that they meet ethical guidelines. Additionally, the Research Governance Framework provides a framework for researchers to navigate ethical considerations, governance and best practices in research. |
| National Institute for Health Research (NIHR) versus Health Research Authority (HRA) |
The NIHR is a UK government-funded organisation that supports and funds health research. It provides a wealth of resources, funding opportunities and guidance for researchers conducting clinical trials, studies and health-related research. Researchers can access the NIHR’s infrastructure, expertise and support services to navigate the regulatory landscape effectively. The HRA plays a crucial role in regulating health research in the UK. It provides guidance and resources for researchers, including the Integrated Research Application System, which streamlines the process of gaining approvals and permissions for health research projects. The HRA ensures that research studies adhere to ethical standards and safeguards the rights, safety and well-being of research participants. |
| Local variations versus Devolved administrations |
It is important to note that while the UK has a unified healthcare IG framework, there may be variations in specific regulations or guidelines across different regions. Devolved administrations in Scotland, Wales and Northern Ireland have some autonomy in healthcare governance, which may lead to nuanced differences in regulations and guidelines. |
IG, information governance; NHS, National Health Service.