National Data Opt Out exemption granted for NCAP


The National Institute for Cardiovascular Outcomes Research (NICOR) manages The National Cardiac Audit Programme (NCAP), which capture patient information from hospitals throughout England and Wales. The aim of these registries is to collect information on all patients admitted with a heart attack or heart failure, and all patients admitted for a cardiac procedure such as cardiac surgery, a stent procedure, a pacemaker or procedures such as transcatheter aortic valve implantation (TAVI). NICOR has been granted exemption from the National Data Opt-Out legislation for NCAP and the TAVI registry.

For further information and help in understanding the details of this legislation click the link:

The exemption has been granted for reasons of:

  • patient safety (the rational being that the more information we can gather the more we will know about the quality and quantity of the operations being carried out throughout England and Wales and spot possible problem areas more quickly,
  • accurate estimation of the variation in provision and performance of clinical services, and
  • the need for a full and fair understanding of the requirements for services across the population, for all patient groups.

NICOR has support from the Secretary of State for Health and Social Care, on advice from the Confidentiality Advisory Group (CAG), to collect information from hospitals without patient consent.  The Secretary of State for Health and Social Care has granted the NCAP and the TAVI registry exemption from the National Data Opt-Out legislation. This is because of the unequal numbers of patients in different areas opting out from sharing their data. This is across the whole country and as a result it makes it difficult to analyse the data. It is important that the NHS has a full understanding of the quality of services provided right across the country, wherever patients are treated. This opt-out exemption ensures the best chance we have to make sure patients are receiving a safe and effective service, whoever they are and wherever they are treated. However, NICOR can only use these data for the purposes of the national audit and registry functions. Careful processes are in place to ensure that data does not identify individual patients in any of the outputs or publications related to NICOR’s role.

In many circumstances, patients are entitled to opt out of the use of their personal data for NHS service provision or research. In practice, any hospitals that collect patients’ data must check for patient opt-outs against the National Data Opt-outs Service maintained by NHS Digital and remove details of any patients that have chosen not to share their data before passing information to another party. For the NCAP and the TAVI registry, hospitals do not have to check against the National Data Opt-outs Service for patient opt outs before sending their data to NICOR. NICOR can use these data for national audit purposes. NICOR does however have to check against the National Data Opt-outs Service for patient opt-outs and remove relevant data prior to sharing any NCAP or TAVI Registry data for research. Individual patients are still entitled to register a local Opt-Out with NICOR (for purposes other than those required for the national audit and registry function). This can be done by contacting NICOR via

You can find more information about NICOR and the National Cardiac Audit Programme on our website:

You might find the following pages especially useful:

The latter page gives you access to our current Privacy Notice and Patient and Public Information Leaflet. A combined previous version is available in Welsh, and we will arrange translations of the new versions of the separate documents as soon as possible.

NICOR is permitted to share data with applicants requesting data for research purposes, but this is done in a tightly controlled and secure way that does not allow any confidential information on individual patients to be released in any reports or publications. For example, researchers established the significant reduction of admissions to hospital of patients with a heart attack during the first wave of the COVID-19 pandemic. Where data need to be linked to other data sources (e.g., mortality data or evidence that a patient might have been re-admitted to hospital), this is done in a secure environment that ensures the applicants cannot identify any individual patient from the data provided.

Should you have any queries relating to the exemption from the National Data Opt-Out legislation, please contact us via the following email address: