Skip to main content

NHS App privacy policy

Version 3.2, 28 May 2020

Information:

This minor update reflects notification services being made available in the NHS App.

How we use your personal information

This privacy policy relates to the service provided by NHS Digital, comprising a single point of access via an app (the "NHS App") – available both as a download (the "Native Version") and via a website (the "Browser Version") – through which you can access certain online NHS services.

Our commitment to protecting your personal information

Whenever you provide personal information to a third party, that party is legally obliged to use your information in line with data protection law.

We take the security of your personal information seriously. We've set up security measures, policies and procedures such as:

  • training all staff annually in data and security protection
  • monitoring our platform to keep your personal information secure
  • following good practice guidance provided by the National Technical Authority
  • always using legally binding agreements with all organisations we use
  • having security and confidentiality policies in place across the organisation, to which staff must agree before they’re given access to personal information
  • restricting access to personal information to only those staff who need access to perform their role

However no software or application can be completely secure. If you have any concerns that your account could have been compromised (for example, someone could have discovered your password), please follow the instructions on our help and support page.

This privacy policy explains the following:

  • the services available via the NHS App and who is involved
  • who the controller is for the personal data processed when you use the NHS App
  • what information is collected about you
  • what information is held about you and where that information is obtained
  • how your personal data is used and why
  • where your data is stored
  • your rights
  • points of contact for queries, objections and complaints

In this privacy policy the following terms have the following meanings:

  • Controller: "The person or entity which alone or with others determines the purposes or means or processing of personal data"
  • Processor: "Any person or legal entity who processes personal data on behalf of the controller"
  • Special Category Data: "Sensitive personal data given special consideration in data protection law including personal data about your health"

The NHS App services and who we are

The NHS App allows you to:

With NHS login mid-level identity verification:

  • check your symptoms
  • find out what to do when you need help urgently
  • receive messages from NHS Digital relating to the NHS App and services available within it

With NHS login high-level identity verification:

  • the above plus
  • book and manage appointments at your GP practice
  • order repeat prescriptions and select or change your nominated pharmacy from which you get them
  • view your GP medical record securely
  • send secure messages to your GP practice (if provided by your GP practice)
  • register to be an organ donor
  • choose how the NHS uses your data for research and planning purposes (feature not available through the Browser Version)
  • use online consultation services if provided by your GP practice
  • use personal health record services (if provided by your GP practice or hospital)

The level of identity verification you have depends on your NHS login account. Find out more about NHS login.

The key organisations involved in the NHS App and their respective roles are as follows:

NHS England

NHS England leads the National Health Service (NHS) in England. It sets the priorities and direction of the NHS.

A lot of the work NHS England does involves the commissioning of healthcare services in England.

It commissions the contracts for GPs, pharmacists and dentists, and supports local health services led by groups of GPs called clinical commissioning groups (CCGs).

NHS England wants everyone to have greater control of their health and wellbeing, and to be supported to live longer, healthier lives.

Find out more on the NHS England website

NHS England has directed NHS Digital to collect certain personal data in relation to users of the NHS App. The legal directions are titled NHS Digital (Establishment of Information Systems for NHS Services: NHS App) Directions 2018 dated 27 September 2018.

NHS Digital

NHS Digital was set up by the Department of Health and Social Care in April 2013 and is an executive non-departmental public body that provides national information, data and IT systems for health and care services.

We exist to help patients, clinicians, commissioners, analysts and researchers.

Our goal is to improve health and social care in England by making better use of technology, data and information.

Find out more about NHS Digital

NHS Digital has been directed by NHS England to provide the NHS App and to include the services that can be accessed via the NHS App.

NHS Digital is also responsible for managing (as well as many other services):

  • the national data opt-out, which allows patients to state their data sharing preferences (Native Version only)
  • the NHS.UK website, which provides health information
  • NHS 111 online, which allows patients to get triage advice based on their symptoms online

All of these services are available through the NHS App.

NHS Digital also provides a public-facing service desk for user queries relating to the functionality of the NHS App and the NHS login service (formerly called 'Citizen Identity').

Find out more about NHS login

GP practices

GP practices provide primary care services to the public.

As part of the NHS App, GP practices can enable their patients to see their medical information, book appointments, order repeat prescriptions, send secure patient to practice messages, and select or change their nominated pharmacy. GP practices may also provide additional services such as online consultations and personal health record services, and will normally engage a specialist organisation to provide these additional services on their behalf. Your GP practice remains in charge of your personal information and decides what health information from your health record, appointments and prescriptions is displayed to you.

Personal data - who controls its use

The organisation that is the controller or processor of your personal data will depend on the service to which it relates. For example:

Providing and managing the NHS App

NHS England describe, in a legal direction to NHS Digital, what personal data is required to provide and manage the NHS App. For example, user registration details and audit data. NHS England and NHS Digital are joint controllers for this personal data.

Using the services available through the NHS App

If users wish to use the NHS App to access a service, then the organisation that controls your personal data is responsible for managing access. For example, to view your GP practice records; then your GP controls this.

If you wish to log into an online service linked to through the NHS App then NHS Digital will, with your consent, provide your login details to the online service you wish to use i.e. you can use the details stored by NHS Digital to save you time completing their online form (or you can enter the details yourself if you so wish).

The table below lists different situations and which organisation(s) control the personal data in each situation. In some situations, there is more than one controller. To find out more about the information falling within each of the below categories, please see the section "What information we collect about you".

Who the data controllers and processors are for different categories of information
Category of information Controller(s) Processor(s)
NHS App audit data NHS England; NHS Digital N/A
NHS App mailing list membership(s) NHS England; NHS Digital Contracted bulk emailing and list management service provider
NHS App messaging NHS England; NHS Digital N/A
NHS App performance data NHS England; NHS Digital Contracted analytics service providers
NHS App service desk information NHS England; NHS Digital N/A
NHS App service desk feedback & surveys NHS England; NHS Digital N/A
NHS Login account information NHS England; NHS Digital (a separate service from the NHS App) N/A
Your data sharing preferences (only in the Native Version) Department of Health & Social Care; NHS Digital (a separate service from the NHS App) N/A
Information inputted into 111 Online symptom checker service NHS Digital (a separate service from the NHS App) N/A
Information within your GP medical record Your GP (as custodian of your records) NHS Digital
Information relating to GP appointments Your GP NHS Digital
Information relating to the repeat prescription service and your nominated pharmacy Your GP; Your pharmacist NHS Digital
Information relating to patient to practice messages Your GP NHS Digital
Organ donation preferences NHS Blood and Transplant NHS Digital
Information inputted into NHS.UK NHS Digital (a separate service from the NHS App) N/A
Online consultation responses Your GP NHS Digital; a contracted Online Consultation Provider
Information in personal health records not supplied by you Your GP or hospital(s) A contracted personal health records provider
Information in personal health records supplied by you A contracted personal health records provider; Your GP or hospital(s) if you direct such data to be shared with them Refer to the privacy policy applicable to the personal health records service available to you for more information
User research panel membership & survey responses NHS England; NHS Digital Contracted survey service provider

Processors

When organisations are engaged to process your personal information on behalf of a different controller organisation, there will always be a contract in place. These processor organisations must have agreed to keep your information secure and only use it for the purpose they have been instructed to.

For example your GP practice or the Clinical Commissioning Group which it belongs to may have contracted with one or more commercial online consultations providers or personal health records providers for the provision of services on the GP's behalf. See online consultation services and personal health record services for more details of this. Other processors are described in the table above.

Passwordless authentication feature

Registered users of the NHS App are able to use the passwordless authentication feature if their mobile phone supports this. This feature is not available through the Browser Version of the NHS App.

Passwordless authentication is voluntary, and does not stop you using your existing method to access the NHS App. Passwordless authentication is based on technology in your device. Your device may support passwordless authentication using different types of biometric data, including fingerprint and facial recognition. We do not have access to or control over the biometric data stored on your device.

The NHS App performs passwordless authentication against NHS login in accordance with the Fast Identity Online (FIDO) standard.

Nominated pharmacy feature

Registered users of the NHS App are able to select, view and change their nominated pharmacy to which their electronic prescriptions are sent. This feature is only available if your GP practice has enabled it.

As a result of changing your nominated pharmacy, your personal information needed to verify and dispense your electronic prescription will be shared with the selected pharmacy. Find out more about electronic prescriptions.

Proxy Access feature

As described in clauses 6.23 to 6.25 of the NHS App terms of use, "Proxy Access" enables you to view parts of the GP medical record, book or cancel appointments, and order repeat prescriptions online or send patient to practice messages in relation to someone else (e.g. their child or someone you care for) as authorised by your GP from time to time.

Note: you cannot create new Proxy Access relationships through the NHS App. To create new relationships or change existing ones, please contact your GP practice.

You are responsible for any personal data that you access on behalf of the person you are using Proxy Access in respect of, and must keep it safe and secure.

You must, to the extent possible bearing in mind their age, condition and capacity:

  • make the person you are using Proxy Access on behalf of aware of, and seek their consent to, your Proxy Access and any steps you take on their behalf; and
  • make the person you are using Proxy Access on behalf of aware of this privacy policy and other applicable terms and conditions.

View medical record documents feature

Where available, if a GP practice has permitted access to files (sometimes called letters) attached to your medical record or that of a person you are using Proxy Access on behalf of, you will be able to view and download these files through the NHS App.

Once downloaded it is your own responsibility to keep the files secure. If you use a shared computer or mobile device to access the NHS App, make sure you delete any downloaded files when you are finished.

NHS App messaging

NHS App messaging enables us to send you general communications and updates relating to the NHS App and services available within it. These messages are not personalised messages or specific to you or your care. You cannot use this feature to send messages (to NHS Digital or to your GP) or reply to these messages.

NHS App notifications

You can choose to activate push notifications to alert you to receipt of NHS App messages. You can opt out of push notifications at anytime. Messages will continue to be sent and available via the NHS App whether or not push notifications are activated. This functionality may differ from device to device. If you use the NHS App across more than one device push notifications must be enabled on each one.

What information we collect about you and how it is used

The information processed for the purposes of the NHS App can be split into a number of different categories.

Details of the information and personal data falling within each of the categories where NHS Digital is the controller are set out below.

Categories of information and personal data
Category of information Personal data Special categories of personal data
NHS App audit data Information captured against your NHS Number about your use of the NHS App, such as the time of use, actions you took using the NHS App, and associated technical log events. None
NHS App performance data IP addresses are transmitted to Adobe Analytics and Hotjar as part of performance data, but aren't stored so users can't be identified. None
NHS App messaging We send bulk messages and use your NHS App account to do this. None
NHS App mailing list membership(s) We contract a specialist organisation to send out bulk emails and manage our lists of email subscribers. We use only your email address and mailing preferences needed to operate this service. None
NHS App service desk information The personal data you provide if you contact the service desk; could include information about your use of the NHS App and services. In order to diagnose and resolve problems we may sometimes securely share this information with other organisations who operate the ‘Connected Services’ described in clause 1.3 of the Terms of Use None
NHS App service desk feedback & surveys The personal data you provide if you provide feedback such as responding to one of our surveys. None
NHS login account information If you're a new user of the NHS App, you may be asked to provide additional information, such as your NHS number or a picture of your passport, to set up a new NHS login account with high-level identity verification. As a registered user, login information consisting of your email address and password will be processed to enable you to use the NHS App. Logins to the NHS App are managed by NHS login, a separate NHS Digital service. Find out more about NHS login Yes
Your data sharing preferences (only in Native Version) Personal data provided in order to identify you and retrieve or set your data sharing preferences. None
111 Online symptom checker service Personal data will only be captured if you elect to have 111 Online contact you, otherwise the symptoms you enter will be anonymous. Health data (symptoms information entered in response to questions, but only if contact information is provided, otherwise anonymous)
Information inputted into NHS.UK Personal data will only be captured if you elect to provide it, otherwise your use of NHS.UK will be anonymous. None
User research panel membership & survey responses Personal data will only be captured if you elect to provide it as part of participating in user research relating to the NHS App. We will ask general questions about your health and background in order to ensure we are inclusive in our research.

How NHS Digital uses your personal data and why

The processing of your personal data is necessary to provide you with NHS App services and ensure the functionality of the NHS App works.

You won't be able to use the NHS App unless you have agreed to its terms of use and this privacy policy.

The organisation that's the controller and/or processor of your personal data will depend on the information in question.

We may need to share your personal information if we are required to do so by law.

Personal data for which NHS Digital is the controller within the scope of the NHS App

Legal basis for using each category of information and how long NHS Digital hold the data for
Category of information Legal basis for using this data Retention period
NHS App audit data Legal obligation – processing is necessary for compliance with the legal obligation to which NHS Digital is subject 6 years after the audit event occurred
NHS App mailing list membership(s) Your consent specifically provided when you opted to join a mailing list Varies depending upon which mailing list you are joining
NHS App messaging Legal obligation - processing is necessary for compliance with the legal obligation to which NHS Digital is subject 12 months
NHS App service desk information Legal obligation – processing is necessary for compliance with the legal obligation to which NHS Digital is subject 12 months
NHS App service desk feedback & surveys Your consent via acceptance of our Privacy Policy and giving your agreement to take part in a survey 12 months
NHS App performance data Your consent via acceptance of our Cookies Policy 12 months
User research panel membership & survey responses Your explicit consent via acceptance of our Privacy Policy and giving your agreement to take part in a survey and/or join the NHS App User Research Panel Varies depending upon which survey you are responding to, we shall tell you specifically before we ask you for your consent

Find out more about the directions issued to NHS Digital

Where this data is stored and processed

We only store and process your personal data within the UK and European Economic Area (EEA).

Personal data for which NHS Digital is the controller outside the scope of the NHS App

In respect of certain Connected Services NHS Digital has a role outside the scope of the NHS App as NHS Digital also provides these services. They are separate from the NHS App and subject to their own privacy policies which you should read before use.

Categories of personal data information, how the data is used, and how the data is handled
Category of information How the data is used and handled
NHS login account information See the NHS login privacy policy
Your data sharing preferences (Native Version only) See the National Data Opt-out Service privacy notice
111 Online symptom checker service See the 111 Online privacy policy
Information inputted into NHS.UK See the NHS.UK privacy policy

Personal data for which NHS Digital is the processor only

The table below provides a number of links and explains who you need to contact if you have queries regarding a particular service or the use of your information.

Privacy policies for each category of information
Category of information Privacy policy
Information within your GP medical record Contact your GP practice for a copy of their privacy policy.
Information relating to GP appointments Contact your GP practice for a copy of their privacy policy.
Information relating to the repeat prescription service and your nominated pharmacy Contact your GP practice and pharmacist for copies of their privacy policies.
Information relating to patient to practice messaging Contact your GP practice for a copy of their privacy policy.
Organ donation preferences This service is managed by NHS Blood and Transplant (NHSBT), which is separate from NHS Digital. Find out more about NHSBT.
Online consultation responses This service is contracted by your GP practice with an online consultations provider. Find out more about online consultation services.

Personal data for which NHS Digital is neither the controller or processor

In respect of certain Connected Services NHS Digital's role is simply enabling you to access the services in the same format as the NHS App. NHS Digital is neither the controller nor processor for personal data that you submit or view in such Connected Services. Such services are separate from the NHS App and subject to their own privacy policies which you should read before use.

Categories of information and respective privacy policies
Category of information Privacy policy
Information in personal health records (whether supplied by you or not) This service is contracted by your GP practice or hospital with a personal health records provider. Find out more about personal health record services.

Your rights

Data Protection laws provide a number of rights to you. These rights are listed below.

You can exercise your rights by contacting the appropriate controller.

If you wish to contact NHS Digital, please use the contact details at the bottom of this page.

The personal data NHS Digital holds as a controller within the scope of the NHS App is limited to:

  • NHS App audit data
  • NHS App mailing list membership(s)
  • NHS App messaging data
  • NHS App service desk information
  • NHS App service desk feedback & surveys
  • NHS App performance data
  • User research panel membership & survey responses

Your rights applicable to audit data, mailing list membership(s), NHS App messaging data, service desk information, service desk feedback & surveys and user research panel membership & survey responses are:

  • to know how your data will be collected, processed and stored, and for what purposes
  • to withdraw your consent (which applies to your participation in user research panel membership, survey responses and unsubscribe to mailing list membership
  • to request a copy of your personal data
  • to correct your personal data errors or omissions
  • to data portability. This means you can obtain a copy of your data in a structured, commonly used and machine-readable format (applies only to your participation in user research panel membership, survey responses and to mailing list membership).
  • to request we delete your personal data (only applies for mailing list membership(s); NHS App service desk feedback & surveys and user research panel membership & survey responses)
  • to request we restrict our use of your personal data (for example, if you think it's inaccurate and needs to be corrected before it's used)

You can also manage the NHS App performance data ("analytic cookies"). See our cookies policy for details on how to do this.

Points of contact for queries

Should you have any queries in relation to the use of your personal data within the NHS App, or on the NHS App generally, you should refer to the table below to find out where to direct your query.

Who to contact for queries about use of your personal data in the NHS App
Query Who do I contact?
Queries about the content of your medical records and/or the medical records you can view via the NHS App Your GP surgery
Queries about your healthcare, such as GP appointments or repeat prescriptions Your GP surgery
Queries about your ordered prescriptions or nominated pharmacy Your GP surgery or pharmacist
Queries about the NHS App functionality and how to use the NHS App See our help and support page
Queries about login information or issues See our help and support page
Queries about the 111 symptom checker service See our help and support page
Queries about the NHS.UK website Contact us
Queries about your data sharing preferences See the National Data Opt-out Service privacy notice
Queries about your organ donation preferences See NHS Blood and Transplant's organ donation FAQ
Queries about your online consultation responses Your GP surgery. NHS England (if applicable). See online consultation services for details.
Queries about personal health record services Your GP surgery or hospital(s); a contracted personal health records provider. See personal health record services for details.
Queries about user research panel memberships & survey responses See our help and support page

Objections and complaints about the NHS App

We will investigate and attempt to resolve any data privacy objections and complaints relating to the NHS App.

We will make every reasonable effort to allow you to exercise your rights as quickly as possible and within the timescales provided by data protection laws.

You can contact our Data Protection Office to make a complaint:

By email

enquiries@nhsdigital.nhs.uk

By post

Information Governance Compliance Team
NHS Digital
1 Trevelyan Square
Boar Lane
Leeds
LS1 6AE

We ask that you try to resolve any issues with us first, although you have a right to lodge a complaint with the Information Commissioner's Office (ICO) at any time about our processing of your personal information.

The ICO is the UK regulator for data protection and upholds information rights.

Contact the ICO

Changes to the privacy policy

The terms of our privacy policy may change from time to time. We will inform you via the NHS App and request your continued agreement if we make any significant changes to our privacy policy, cookies policy or terms of use.

Previous versions

Version 3.1, 12 May 2020

This minor update reflects messaging services being made available in the NHS App.

Read version 3.1

Version 3.0, 30 March 2020

This minor update reflects personal health record services being made available in the NHS App.

Read version 3

Version 2.9, 3 March 2020

This minor update covers nominating a pharmacy and patient to practice messaging.

Read version 2.9

Version 2.8, 17 February 2020

This minor update covers proxy access and viewing documents in GP medical records.

Read version 2.8

Version 2.7, 10 January 2020

This minor update reflects the release of proxy access and viewing documents in GP medical records.

Read version 2.7

Version 2.6, 28 November 2019

This minor update covers the use of a service to manage user research panel membership and surveys.

Read version 2.6

Version 2.5, 14 November 2019

This minor update reflects the release of new features for:

  • online consultations
  • changing your nominated pharmacy
  • accessing the NHS App through a web browser

Read version 2.5

Version 2.4, 29 May 2019

This minor update clarifies that "NHS App audit data" also includes associated technical log events.

Read version 2.4

Version 2.3, 30 April 2019

This minor update clarifies that we may securely share NHS App service desk information, which can include personal data, with other NHS organisations who provide "Connected Services" to diagnose and resolve technical problems.

Read version 2.3

Version 2.2, 20 February 2019

This minor update covers:

  • the introduction of a new passwordless authentication feature in the section entitled "Personal data"
  • bringing data retention periods in line with NHS Digital policies in the section entitled "Personal data for which NHS Digital is the controller within the scope of the NHS App"

Read version 2.2

Version 2.1, 19 December 2018

This minor update adds a clarification regarding data processing locations.

Read version 2.1

Version 2, 18 December 2018

Significant update for the app's public release in the Apple and Google Play stores.

Read version 2

Version 1, 26 September 2018

Original version for the app's private beta release.

Read version 1, 26 September 2018

Page last reviewed: 28 May 2020
Next review due: 28 May 2021