Many of us have experienced a modern-day healthcare challenge: the complexities of the information governance (IG) processes that safeguard patient data. Data sharing is key for care provision, understanding how systems are working, and improving services delivered.

As a collective of clinical and technical professionals, the authors are calling for clinician engagement to help shape the future of NHS digital services, recognising their value as vital stakeholders, to help guide the much-needed digital transformation and promote collaboration across organisations.

Streamlining permissions

Cross-organisational collaboration requires robust IG processes which are often complex, fragmented, and require prospective assurance about data usage when the potential value of the data is often only understood after processing. This is analogous to obtaining consent for an operation, before the patient has been seen! We must therefore rethink IG and data sharing, whilst maintaining robust safeguards.

The technology needed is available but complex to understand (1). Secure data environments (SDE) such as OpenSafely, and the implementation of the TRELLIS framework (2), use technology to make IG processes more automated and transparent. OpenSafely makes the code used to build and run the system publicly available, and researchers using it can interact with synthetic (or “dummy”) data to refine their code. Automated testing confirms the safety of the code, and applies it against real patient data, returning the results to the researcher, thus minimising interaction with sensitive data. The TRELLIS framework uses data about datasets (metadata) and policies to automate approval of analysis with the bare minimum of required data for the use case. Approaches such as OneLondon’s SDE (3) will bring this kind of modern environment to stakeholders beyond researchers, with governance and tools which support clinicians and commissioners, in addition to the research community.

Data usability                                                           

Meaningfully sharing and using data faces challenges of non-standardised languages and access processes. Interoperability – the ability to share information between digital systems – is impacted by such non-standardised language. “Semantic” interoperability takes this further, allowing understanding of data between digital systems. Poor semantic interoperability negatively affects sharing of information, communication and workflows – increasing patient risk through incomplete or inaccurate information, as well as risking repeat investigations (if they are not visible to new health care providers) (4). In addition, poor quality information impacts service development and research. Interoperability between software is as low as 22% (5). As software can struggle to seamlessly share and understand patient information with other software, it may result in inadequate or non-existent access to historical clinical notes, test results, and discharge summaries for a patient if they have been seen at another hospital, potentially leading to incomplete medical histories and compromising patient safety. The need for standardisation is clear.

One good example of this standardisation is openEHR (6) which complements existing standards (7), and allows healthcare data to be understood across different software, enhancing data availability (8).

The human element

The UK’s NHS, the largest publicly-funded healthcare system, struggles to use its scale to drive interoperability, with national initiatives such as the Interoperability Toolkit (9) having limited success, often hindered by vendor resistance and business needs.

Many major electronic health record (EHR) vendors have historically adopted proprietary standards, data formats, and ways of programmes sharing information with each other (APIs), limiting interoperability unless costly integrations are commissioned (10). In some cases, vendors are financially incentivised to maintain market share and client dependency, disincentivising open data-sharing practices (11).

NHS Trusts often procure bespoke contracts, due to the decentralised digital infrastructure, which can lack enforcement of interoperability due to a lack of accountability.

Underpinning this lies a more fundamental and human challenge: there is a need for trust, shared purpose and commitment to change, as well as meaningful and sustainable cross-organisational relationships. These factors are often overlooked in national strategies yet must be addressed to sustain change.

It is vital that clinicians are actively involved: advocating for cross-organisational projects, demanding procurement that enables open standards and robust data-sharing capabilities, and engaging with digital working groups – the influence of our workforce is critical to enabling change. Gaining protected time for such work is key, as is sharing visible wins to generate momentum. Interoperability and collaboration are clinical necessities, and ones which affect patient care, safety, and the future of the NHS.

Policy levers and looking forward

The UK “Data (Use and Access) Act 2025” (12) seeks to enhance healthcare data sharing by mandating information standards in health and adult social care, enabling alignment with open standards, thus promoting interoperability, functionality, connectivity, and portability of data. The act improves accountability through publishing information about who holds data, who has access to it (and why), as well as the rights and obligations of third-parties involved. The government can censure those who are not compliant, ensuring accountability. With increased standards, trust in digital healthcare will improve: the Act facilitates creation of accreditation schemes for some digital systems, allowing visible alignment with standards of quality and reliability, improving confidence amongst both the public and staff.

While the Act does not name specific standards, accompanying policy documentation and prior NHS England guidance suggest that widely adopted specifications such as FHIR (13) (a standard for exchanging healthcare information electronically) and SNOMED CT (14) (a clinically-focussed healthcare terminology system) should be adopted. In addition open standards such as openEHR could form the basis of the mandated frameworks, facilitating semantic interoperability. While the Act provides a clear legislative framework, the real work now lies ahead: ensuring that these standards are meaningfully implemented, adopted by suppliers, and embedded into workflows across health and care.

Conclusion

IG is critical, but much can be done to improve data-sharing between ourselves to enhance patient care, and help understand and improve our practice. Advocating for streamlined permissions, better and more connected data, and leveraging legislation, clinicians are excellently placed to demand better for patients – and for the NHS. With 10 year health plan (15) published, it is more critical than ever to get the foundations and infrastructure right, in order to provide safe, effective and trustworthy data across all sectors.

References

1. Agnew T. Morley: ‘We need greater regulation of ambient voice technologies’ [Internet]. Digital Health. 2025 [cited 2025 Jun 29]. Available from: https://www.digitalhealth.net/2025/06/morley-we-need-greater-regulation-of-ambient-voice-technologies/
2. Francis Crick Institute: TRELLIS [Internet]. 2024 [cited 2025 Jun 29]. Available from: https://satre.uktre.org/en/evaluations/crick-trellis/
3. OneLondon [Internet]. [cited 2025 Jun 29]. Homepage. Available from: https://www.onelondon.online/
4. Li E, Lounsbury O, Hasnain M, Ashrafian H, Darzi A, Neves AL, et al. Physician experiences of electronic health record interoperability and its practical impact on care delivery in the English NHS: a cross-sectional survey study. BMJ Open. 2025 Jun;15(6):e096669.
5. Bernstam EV, Warner JL, Krauss JC, Ambinder E, Rubinstein WS, Komatsoulis G, et al. Quantitating and assessing interoperability between electronic health records. Journal of the American Medical Informatics Association. 2022 May 1;29(5):753–60.
6. Kalra D, Beale T, Heard S. The openEHR Foundation. In: Regional Health Economies and ICT Services [Internet]. IOS Press; 2005 [cited 2025 Jun 29]. p. 153–73. Available from: https://ebooks.iospress.nl/publication/10257
7. Pedrera-Jiménez M, García-Barrio N, Frid S, Moner D, Boscá-Tomás D, Lozano-Rubí R, et al. Can OpenEHR, ISO 13606, and HL7 FHIR Work Together? An Agnostic Approach for the Selection and Application of Electronic Health Record Standards to the Next-Generation Health Data Spaces. Journal of Medical Internet Research. 2023 Dec 28;25(1):e48702.
8. Leslie H. openEHR Archetype Use and Reuse Within Multilingual Clinical Data Sets: Case Study. J Med Internet Res. 2020 Nov 2;22(11):e23361.
9. NHS England Digital [Internet]. [cited 2025 Jun 29]. Interoperability Toolkit. Available from: https://digital.nhs.uk/services/interoperability-toolkit
10. Why Healthcare Interoperability Still Fails? UK’s EMR Systems in 2025 [Internet]. [cited 2025 Aug 31]. Available from: https://www.netguru.com/blog/healthcare-interoperability-uks-emr-systems
11. Li E, Lounsbury O, Clarke J, Ashrafian H, Darzi A, Neves AL. Perceptions of chief clinical information officers on the state of electronic health records systems interoperability in NHS England: a qualitative interview study. BMC Medical Informatics and Decision Making. 2023 Aug 12;23(1):158.
12. Data (Use and Access) Act 2025 [Internet]. King’s Printer of Acts of Parliament; [cited 2025 Jun 29]. Available from: https://www.legislation.gov.uk/ukpga/2025/18/enacted
13. NHS England Digital [Internet]. [cited 2025 Jul 2]. FHIR (Fast Healthcare Interoperability Resources). Available from: https://digital.nhs.uk/services/fhir-apis
14. NHS England Digital [Internet]. [cited 2025 Jul 2]. SNOMED CT. Available from: https://digital.nhs.uk/services/terminology-and-classifications/snomed-ct
15. GOV.UK [Internet]. [cited 2025 Jul 6]. 10 Year Health Plan for England: fit for the future. Available from: https://www.gov.uk/government/publications/10-year-health-plan-for-england-fit-for-the-future

Authors

Alexander James Churton, MBChB FRCA MAcadMEd

Dr Churton is a senior anaesthetic resident doctor in the East Midlands, currently undertaking a Post-Graduate Diploma in Digital Health Leadership at Imperial College London, with interests including perioperative medicine, major general surgery, sustainability and system innovation.

Kanthan Theivendran, BSc(Hons) MBBS MRCS FRCS (Tr & Orth)

Mr Theivendran is a Consultant Orthopaedic Surgeon currently undertaking a Post Graduate Diploma in Digital Health Leadership at Imperial College London.

Felix Peckitt, DipHE CertBA

Mr Peckitt is Assistant Director Data Engineering and Data Architecture, North Central London ICB and a trustee for Tourettes Action

Mohamed Elriedy, MBBCh FRCA EDRA FHEA FAcadMEd

Dr Elriedy is a Consultant Anaesthetist, and an associate professor and director of simulation at Nottingham University School of Medicine.

Declaration of interests

We have read and understood the BMJ Group policy on declaration of interests and declare the following interests:

Alexander Churton:

• Dr Churton serves on the editorial board for BJA Education. The journal has covered travel, sustenance, and accommodation expenses for internal board meetings. Dr Churton also contributes peer reviews for the journal.
• Dr Churton has secured charitable funding which is open to applications from others to support their environmental sustainability projects.
• Dr Churton has secured charitable funding to support access to advanced quality improvement education to other staff. Dr Churton may be offered access to this education as a gesture of appreciation.

Kanthan Theivendran:

• Mr Theivendran is a board member of the openEHR International CIC and openEHRUK CIC which are not for profit standards development organisations in an un-paid voluntary role.

Felix Peckitt:

• Mr Peckitt is a member of the OneLondon Secure Data Environment Technical Design Authority.

Mohamed Elriedy:

• Dr Elriedy has declared no conflicts of interest.