graph TD;
Conditions{Do Any of these conditions apply}
Grounds["#bull; Counts from 1 to 9 exist\n#bull; Columns and rows dominated by zeroes or 100% rates\n#bull; Population or geography classed as small (e.g, island Boards, hospital, GP or clinics\n#bull; An individual (or groups) can be identified OR \nadditional personal or sensitive information about an individual (or groups)\n can be gained from the data (e.g. age,postcode, sexual orientation, ethnicity)"]
style Grounds text-align:left
RiskAssessment(Complete disclosure risk assessment)
LessThan4(Risk Assessment score <4)
MoreThan4(Risk assessment >= 4)
Sensitive{Sensitive information \nabout an individual revealed}
Release(Release)
Protect(Protect)
Conditions --> Grounds
Grounds -- Yes --> RiskAssessment
Grounds -- No --> Release
RiskAssessment --> LessThan4
RiskAssessment --> MoreThan4
Sensitive -- No --> Release
LessThan4 ----> Sensitive
Sensitive -- Yes --> Protect
MoreThan4 ----> Protect
NHS Education for Scotland Statistical Disclosure Control Policy
1 Introduction
1.1 Aim
The aim of this policy reflects NES’s commitment to T4 of the Code of Practice, which involves releasing statistics in an open and transparent manner that promotes public confidence.
It describes how the confidentiality of individuals within data published by NHS Education for Scotland (NES) are protected by way of statistical disclosure control methods.
The policy is necessary to ensure that NES complies with the UK Statistics Authority Code of Practice for Official Statistics, and UK Data protection legislation; the Data Protection Act (2018) and General Data Protection Regulation (GDPR, 2017).
The NES Privacy and Data Protection Notice describes how the data NES holds is processed and stored.
1.2 Code of Practice
Within the “Transparent” Principle of the UK Statistics Authority code of practice is:
In particular:
1.3 Scope
All statistical outputs, whether for publication or specific recipients, are assessed for disclosure risk and controlled as necessary.
2 Statistical disclosure control
2.1 Statistical disclosure control methods
Assessing outputs for disclosure risk is key to assessing the level of risk and selecting proportionate and appropriate methods to mitigate it.
Although eliminating disclosure risk entirely while maintaining statistical usefulness is nearly impossible, applying appropriate disclosure controls can reduce the risk to an acceptable level.
The Office for National statistics describes multiple factors that may influence what statistical disclosure control methods are used:
- the mode and legal basis of data collection
- any written or verbal confidentiality pledges to responders
- the data subjects included in the data
- the source of the data
- the type and content of the data
- the specific benefits for releasing statistics or outputs
- the medium of publication (for instance, a website, an academic journal, or the answer to a parliamentary question)
This policy does not provide a complete list of factors affecting the disclosure control of data as statistical disclosure control methods examine outputs on a case-by-case basis. Details of methods used must be listed in the relevant publication or output.
Data controllers can also specify confidentiality safeguards for their data, and any processing of data within NES must comply with these agreements.
The Public Health Scotland Statistical Disclosure Policy lists some commonly used statistical disclosure methods.
2.2 Disclosure flowchart
All decisions on outputs released should be logged, including the data involved, the recipient, the statistical disclosure control decisions and their justifications. This practice is essential in reinforcing our commitment to protecting confidentiality of data subjects as well as maintaining transparent processes.
The decision to proceed to completing a disclosure risk assessment form is dependent on whether any of the following is true of the output:
- counts 1-9
- columns and rows dominated by zeros (or 100% rates)
- population or geography classed as small
- an individual can be identified or additional personal or sensitive information about an individual can be gained from the data
The decision tree is shown in the statistical disclosure control flowchart shown below.
The flowchart has been designed to help NES staff assess the risk of disclosure and decide on whether disclosure control is necessary. When assessing the risks of disclosure in data for management information purposes the same considerations will apply as for published data or data released to a customer.
Should you have any queries, please contact the NES IG Team by filling out a project initiation template that can be found at the NES IG sharepoint site
3 Roles and Responsibilities
- All staff should adhere to the processes and procedures set down in the Statistical Disclosure Control Policy.
- The Lead Official is responsible for ensuring staff are aware of the guidance and providing support and advice within the organisation.
- The PHS Statistical Governance team and Head of Profession is responsible for providing advice on disclosure control issues.
- The Information Governance team within NES is responsible for providing guidance and advice on all matters relating to compliance with data protection, information security and records management legislation. The team will provide specific advice on UK GDPR issues including where individual personal data is identifiable.
Version History
| Date | Author | Notes |
|---|---|---|
| 01/10/2025 | Ben Tait | First Draft |
| 17/03/2025 | Ben Tait | Comments received from NES IG Team |