NHS HES Data
Sharing Agreement

We welcome you to our website.
We would like to inform you about the management of your personal data.
Last updated on 17th January 2025 v2.9

Introduction
We are Device Access UK Ltd, Kenneth Dibben House, Enterprise Rd, Chilworth, Southampton Science Park, Southampton SO16 7NS. A company registered in England and Wales with company number 07257316..

This privacy and cookie policy (“Policy”) describes Device Access UK Ltd (“Company,” “we,” and “our”) collect, use and share personal data when using this website https://www.deviceaccesseurope.com: (the “Site”) or when we have obtained it form a third party such as NHS England. Please read the following information carefully to understand our views and practices regarding your personal data and how we will treat it.

We encourage you to read the Privacy Policy in full. However, to summarise:

• we will always use your data within the law
• we will never sell your personal identifiable data
• we will always respect your wishes about how you would like to be contacted

We will post any modifications or changes to the Policy on our Site. We reserve the right to modify the Policy at any time, so we encourage you to review it frequently. The “Last Updated” legend above indicates when this Policy was last changed. If we make any material change(s) to the Policy, we will notify post a notice on our Site prior to such changes(s) taking effect. In the event that such a change could materially affect your privacy, you will be notified without delay by appropriate means.

If you want to request information about our privacy policy you can email us at compliance@deviceaccess.co.uk or write to:

Device Access UK Ltd,
Kenneth Dibben House,
Enterprise Rd,
Chilworth,
Southampton Science Park,
Southampton
SO16 7NS

This privacy notice tells you what to expect when Device Access collects personal information. It applies to information we collect about:

• people who download our brochure
• visitors to our website
• NHS England Hospital Episode Statistics (HES) data

When someone visits this site we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

We store the IP address transmitted by your web browser for a period of seven (7) days, strictly for the purpose of identifying, restricting and eliminating attacks on our website. After seven (7) days, we delete or anonymize your IP address. The legal basis for the processing of this personal data is provided for in Art. 6 para. 1 s. 1 lit. f GDPR.

When you visit our website, the data collected from the use of the website is temporarily stored on our web server for statistical purposes in the legitimate interest to improve the quality of our website. The legal basis for the processing of this personal data is provided for in Art. 6 para. 1 s. 1 lit. f GDPR. This data set contains:

• the IP address of the requesting computer shortened to such an extent that no reidentification of any persona data is possible.
• the name of the data file,
• the date and time of the query,
• the amount of data transferred,
• the page, from which the data is requested
• the access status (file transmitted, file not found),
• a description of the type of browser and operating system used (e. g. browser language, image resolution, type of browser, plugins),

The listed usage data is stored anonymously.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA), you have rights as an individual that you can exercise in relation to the information we hold about you.

Device Access tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:

• give you a description of it;
• tell you why we are holding it;
• tell you who it could be disclosed to; and
• let you have a copy of the information in an intelligible form.

To make a request to Device Access for any personal information we may hold you need to put the request in writing to the address provided below.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

If we do hold information about you, you can ask us to correct any mistakes.

In most circumstances we will not disclose personal data without consent.The exceptions to this are;

• circumstances where we can pass on personal data without consent for example, to prevent and detect crime and to produce anonymised statistics;
• our instructions to staff on how to collect, use and delete personal data; and
• how we check that the information we hold is accurate and up to date.

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

You have the right to:

Access the personal data which the Company holds about you. This is called a Subject Access Request (SAR) and can be made by calling us or in writing via email or at the address as provided in the “How to contact us” section.

You may use this process to exercise your right to:

• Have your personal data rectified if it is inaccurate or incomplete.
• Request that we erase information we hold about you.
• Restrict the processing of your personal data, for example ask us not to contact you.
• Object to the processing of your data for specific purposes such as communications or direct marketing.
• Ask for the transfer of your data electronically to be provided to a third party (data portability)

DAUK is the Data Controller and a Data Processor of NHS Hospital Episode Statistics (HES) data provided under a formal Data Sharing Agreement with NHS England.
Hospital Episode Statistics (HES) is a data warehouse containing details of all admissions, outpatient appointments and A and E attendances at NHS hospitals in England. See NHS England and DARS for further details.

For all outputs produced by DAUK, these must be approved by the Device Access UK Limited (DAUK) Data Access Review Group (DADARG). The following is the review and approval numbers of DADARG for the previous 5 years:

• 2024 – 30 Reviewed, 28 Approved
      
• o Areas of work: Breast cancer, Electrocardiogram, Coronary heart disease, Preterm births, Glaucoma, Hospital and ventilator acquired pneumonia, Prostate cancer, Liver cancer, Pancreatic cancer, Prostate cancer, Kidney cancer, Calculus of kidney and ureter, Bacterial and viral infections, Lung cancer, Gastrostomy, Ophthalmology, Otitis media, Diabetes, Angioplasty and stenting, Surgical bypass, Amputation, Atherosclerosis, Peripheral vascular disease, Embolism, Colectomy, Esophagectomy, Renal failure and chronic kidney disease, Arteriovenous shunts, Graft fistulas, Colorectal cancer
• 2023 – 30 Reviewed, 27 Approved
      
• o Areas of work: Obesity, Type II Diabetes, Heart attacks in hospital, Lung cancer, Gonarthrosis, Hospital and ventilator acquired pneumonia, Heart failure, Cardiomyopathy, Myocardial infarction, Neurostimulator for spinal cords, C-sections, Vascular procedures, Bowel resections, Sleep apnoea, Heart valve replacement, Staphylococcus infections, Bladder cancer, Kidney Injury, Macular degeneration, Coronary artery bypass graft, Otits Media, Breast cancer, Pancreatic cancer, Bile duct cancer, Cardiac procedures, Radiotherapy, Chemotherapy
• 2022 – 24 Reviewed, 22 Approved
      
• Areas of work: Obesity, Radiotherapy, low birth weight and hypothermic newborn patients, Hospital and ventilator acquired pneumonia, Age-related Macular Degeneration, C-sections, Vascular procedures, Pancreatic cancer, Bile duct cancer, Kidney Transplants, Skin cancer, Skin grafts, Breast cancer, Lung cancer, Stroke rehabilitation, Prostate cancer, Endometriosis, Brain cancer, Cardiac procedures, Colorectal procedures, Hip and Knee and Shoulder replacements, Lung Nodules, Ascities
• 2021 – 31 Reviewed, 28 Approved
      
• Areas of work: Obesity, Cardiac endovascular treatments, Angioplasty, Hospital and ventilator acquired pneumonia, Functional Endoscopic Sinus Surgery, Functional Endoscopic Nasal Surgery, Chronic Ischemic Heart Disease, Myocardial infarction, AMD, C-sections, Vascular procedures, Peripheral vascular disease, Oral Mucositis, Head and Neck cancer, Artery procedures, Electrocardiography, Replacement of mitral valve, Paralysis of vocal cords, Varicose Veins, Gall Bladder, Gastric Bypass, Breast procedures, Bladder Disorders, Lung cancer, Endoscopy, Epilepsy, Spine fractures, Chronic rhinitis
• 2020 – 30 Reviewed, 26 Approved
      
• Areas of work: Hospital and ventilator acquired pneumonia, Meningitis, Neurostimulator for spinal cords, Injury to nerves, Peripheral Nerve Operations, C-sections, Vascular procedures, Polyp of colon, Colon cancer, Epilepsy, Cardiac Arrest, Gastro-oesophageal reflux disease, Atrial fibrillation, Palpitations, Kidney transplants, Fistula of Intestine, Enterostomy, Myocardial infarction, Angioplasty, Glaucoma, Glucose monitoring, Cranioplasty, Pressure ulcers, Delirium, Sepsis, Surgical complications, Breast cancer

1. Histosonics – IDAP Program
Histotripsy uses pulsed sound waves to induce “bubble clouds” from gases naturally present in targeted tissue. These bubble clouds form and collapse in microseconds, creating mechanical forces strong enough to destroy tissue at cellular and sub-cellular levels in a non-invasive and non-thermal method. Edison® is a sophisticated platform that delivers pulsed sound energy into the body, without any incisions or needles, and has the ability to destroy tumours at the sub-cellular level, all while the treating physician continuously monitors the “bubble cloud” and treatment effect in real-time. HistoSonics ®, the manufacturer of the Edison ® System and novel histotripsy therapy platforms, announced today that the company’s Edison System has been selected to participate in the UK’s newly created Innovative Devices Access Pathway (IDAP) Pilot Program designed to accelerate the development of cost- effective medical devices and their integration into the UK market. Applications to compete for one of the 8 available places in the highly sought after UK program began in 2023 and was open to UK and international commercial and non-commercial developers with new health technology solutions. The IDAP Pilot Program was designed and developed by a partnership of the Department of Health and Social Care, The Medicines and Healthcare products Regulatory Agency (MHRA), The National Institute for Health and Care Excellence (NICE), NHS England, Health Technology Wales, and Scottish Health Technology Group to test the IDAP pathway and to expedite the incorporation of novel medical technologies that have demonstrated the potential to meaningful address the UK’s top healthcare concerns of today, as well as in the future. The Edison Histotripsy System was measured against four distinct eligibility criteria that were required of applicants for consideration in the IDAP program. Applicants must have met the following in order to be considered for the IDAP Pilot Program; 1) the technology addresses a life-threatening or seriously debilitating condition and there is a significant patient need, 2) the technology is innovative and transformative, 3) the technology will provide system wide benefit, and 4) the technology clearly helps to address one of the following Life Sciences Vision’s Healthcare Missions. In addition to meeting the eligibility criterion set, the IDAP program enlisted patient experts in the shortlisting and selection of the eight innovative and transformative medical devices that were eventually chosen to participate. Device Access analysed HES data on patients showing diagnostic codes for both liver cell carcinoma and secondary malignant neoplasms of liver to understand the population size within NHS England. The primary treatments of these patients including chemotherapy, radiotherapy and surgical treatments to see how the patient pathway currently looks within the system. This showed long lengths of stay and high readmission rates for large populations of patients where an earlier and novel treatment of cancer would reduce burdens to NHS hospitals.

2. Stryker Sage – Oral care to reduce the risk of pneumonia
Every hospitalised patient is at risk of contracting pneumonia during a stay in hospital. This is increased for ventilated, elderly or ICU patients but all patients are at risk throughout their stay. Stryker Sage sets out to improve patient oral hygiene which can significantly impact the risk factors of pneumonia. Device Access carried out in depth analysis nationally and at an individual trust level to understand the risks associated with patients developing pneumonia in two separate cases – Hospital acquired pneumonia (HAP) and ventilator required pneumonia (VAP). Patient cohorts showing diagnostic codes for these conditions were compared to similar patient cohorts without these specific complications. Various factors of patients were studied, showing average length of stay increases for HAP of 4.9 days to 13.6 days and 9.7 days to 14.8 days for VAP. Additionally, mortality, sepsis and readmission rates were analysed showing increases in all factors across both types of pneumonia.

3. Sierra Medical
Sierra Medical is producing a promising test for early detection of lung cancer which is carried out by analysing cells from a simple cheek swab. Using cloud based analytical methods, diagnostic labs can process the data from these swabs automatically. AI algorithms automatically process and analyse sample data in the cloud to generate a tailored diagnostic report where no specialist operators are not required. Data analysis was carried out on two main cohorts of patients, those diagnosed with lung cancer and those who underwent diagnostic testing for lung cancer without a positive diagnosis. The former allowed understanding of the patient pathway of lung cancer detection and gave insight into how earlier detection and therefore earlier treatment would be beneficial to the NHS and to patients, for example via reduced secondary cancers developing. The latter cohort was studied to understand the impact of ruling out lung cancer earlier in the process of testing. This reduces the impact on patients and the NHS trusts by requiring less diagnostic imagining as well as reducing more invasive surgical procedures such as biopsies.

4. MTG64 AliveCor – KardiaMobile
https://www.nice.org.uk/advice/mtg64
The AliveCor KardiaMobile ECG is a single-channel cardiac event recorder. It consists of a device and app that enables you to record and review electrocardiograms (ECG's) anywhere, anytime. The device attaches to the back of most iOS and Android devices, and communicates wirelessly with the free Kardia app, providing powerful display, analysis and communication capabilities. Device Access carried out data analysis on patients diagnosed with atrial fibrillation and palpitations. Comorbidities of these patients, including breathlessness, dyspnoea, syncope, chest pain, heart failure and chronic ischaemic heart disease were identified as subset of cohorts of patients of interest, showing high lengths of stay, readmission rates and emergency admissions. By allowing earlier detection of heart issues, NHS trusts would be able to treat these patients before they develop further medical problems. This helps reduce readmissions to hospital as well as length of stay for patients who receive this earlier treatment, saving bed days and allowing trusts to treat additional patients.

5. MIB286 - The Insides System for managing intestinal failure
https://www.nice.org.uk/advice/mib286
The Insides System (The Insides Company) is a chyme reinfusion system designed to help people with high-output fistulas or stomas after bowel surgery. The system aims to infuse the effluent of the fistula or stoma into the distal gut. The system works by chyme and intestinal fluid being pumped back into the distal intestines using an Insides Driver. The driver is a handheld battery‑powered device that connects magnetically to the Insides Pump found in the stoma bag. The driver powers the pump to refeed the content of the stoma bag back into the distal intestine. An Insides Tube is inserted into the distal intestine and connected to the Insides Pump as a tube to transport chyme. Five driver speed options are available to allow the person to control the rate of infusion manually, depending on tolerability and viscosity. Patients undergoing enterostomy, ileostomy or showing the diagnostic code for fistula of intestine were identified to understand differences in length of stay, readmissions, comorbidities and complications within these groups and across subsets of patients with parenteral nutrition. returning to hospital at least three times withing twelve months. This showed the operation gain available to NHS England and NHS trusts, by allowing patients earlier mobility, comorbidities that arise from immobile patients would not occur, reducing the treatment patients required and their subsequent length of stay. Additionally, patients could be discharged earlier, since patients would be able to rehabilitate at home, further decreasing length of stay and freeing up beds for additional patients to be treated.

6. Liquid Biopsies for Faster Diagnosis in Pancreatic and Bile Duct Cancer
  DAUK worked with clinicians at Royal Marsden NHS Foundation Trust to understand how the implementation of liquid biopsies could affect patients undergoing diagnosis with pancreatic or bile duct cancer. DAUK analysis has contributed to technology that decreases time for diagnosis of pancreatic or bile duct cancer therefore allowing patients to be treated faster leading to fewer complications, shorter lengths of stay and reduced waiting lists.

7. DAUK has worked with over 10 NHS Hospitals in England, including Manchester Royal Infirmary, Charing Cross Hospital and Southampton General Hospital, in helping them decide if they should adopt a new mechanism of reducing admissions and length of stay through a technology that replaces treats patients with chronic rhinosinusitis following ethmoid, frontal or maxillary sinus surgery. DAUK identified the numbers of treatments performed and the number of repeat episodes that patients returned for in specific hospitals. This was then entered into a costing model which was provided to the NHS Hospital as part of an adoption business case that summarised the patient and hospital benefits of adopting the new technology. The benefits for the patients are they may have improved sinus surgery outcomes from reduced inflammation, removing the need for readmissions for further treatment.

To contact our data protection officer Gus Davidson, please email Gus.Davidson@ajdweb.co.uk

We receive and process this data as a result of the Data Sharing Agreement with NHS England and our legitimate interest in conducting scientific and statistical research in order to enable medical device providers to achieve NICE approvals and accreditation and subsequent NHS Adoption, and thus positively impact patients Hospitals and the NHS.

This is covered under GDPR as the most appropriate lawful basis for processing under Article 6 being “Legitimate interest”; coupled with Article 9 condition: – Article 9(2) (j) following a formal assessment to ensure that this meets the purpose, necessity and balancing test criteria.

The preparation and delivery of the bespoke anonymised, aggregated dataset to any medical device manufacturer is only processed; following a formal approval process to ensure it meets the Purpose, Necessity and balancing test criteria for each particular recipient.

The NHS HES data we receive is pseudonymised special category “health data” and non-identifiable; which means individuals cannot be identified from the data.

We never give direct access to unprocessed NHS HES data to any third parties. We do aggregate and anonymise the data at appropriate levels level in accordance with the NHS England HES Analysis Guide Methodology to provide insight and build analytical models into bespoke data sets. These are provided to medical device manufacturers following formal external approval process to ensure the requirements for purpose and benefit are met.

We have been able to identify where new technologies could replace the current standard of care and show significant benefits to patients, providers of care, and payers of care. This has been the foundation of the success in over 30 NICE evaluations since 2010.

The HES data sets containing the pseudonymised data are retained for four (4) years after which they are securely destroyed. These data sets are downloaded stored and processed securely in conformance with the NHS England Toolkit requirements and the Data Sharing Agreement conditions.

DAUK only has access to pseudonymised NHS HES data for the past four years and cannot remove individuals from the datasets.