In this guest blog, Dr Tony Calland MBE explains the role of the Confidentiality Advisory Group (CAG) and the live recruitment drive for lay members. Understanding Patient Data is supportive of CAG, and the role it plays in creating and maintaining an ecosystem where public trust is at the heart of the use of health data. 

The UK has one of the most comprehensive medical record systems in the world. Most people will be aware of the information they give to their GP or at the hospital, but many may not be aware of the power that this medical information, combined with that of other patients, has to unlock new treatment pathways or deliver ground-breaking research. Even for those who do know this information is used, they may wonder how decisions are made about its use, such as who can access it and why, whether people have to consent or not, and whether the benefits of the research are worth the risks.  

Much of this research happens with patient consent – e.g., a doctor might mention to a patient that there is a trial they can take part in, and data needs to be collected as part of that trial so the researchers can determine the results. Or people might see adverts for research on TV or social media, and sign up.  

Sometimes this research needs data about patients to be joined up, in ways that it currently isn’t. For example, sometimes researchers will request access to identifiable medical records, so that an individual’s GP record and hospital record can be linked together. For research, it’s often important to do this on a large scale, for hundreds, thousands or millions of people. The Law allows this to happen. but doing this means that getting everyone’s individual consent is impossible. So, there is a compromise. 

Researchers in England and Wales requesting identifiable records, without consent, must set out the process and reasons for this in an application. This application is reviewed by an independent  group of professional and lay volunteers called the Confidentiality Advisory Group (CAG).  

This independent group, managed within the Health Research Authority, ensures that any use of identifiable medical record information without consent has the potential to bring significant public benefits and is used in a way which keeps the data safe. As part of this work  the members of the group  look closely at how the public will be informed of this work, as well as ensuring the applicants involve the public by seeking their advice to establish public trust. Most applications are for medical research projects, with the remainder relating to NHS functions and management.  

Lay members bring a crucial voice to the group – that of the public. Members of the public might be patients, carers, users of services. They might never have taken part in research before, and might not know much about data. Despite this, they bring an incredibly useful perspective and lived experience.  

That is why we are now recruiting new lay members to join our group. We define a CAG lay member as someone who could develop an interest in the ethical use of confidential healthcare data for research and NHS management but may not have had specific experience in this field.  

If you are interested in joining the CAG as a lay member you can view more information on the role and access the application form here. The closing date for applications is 03 May 2024 and our Confidentiality Advice Team ( would be happy to speak to you if you have any questions. 

No specific knowledge is required as all newly appointed members will receive appropriate training. If contributing to maintaining public trust in the safe use of patient information is something you may be interested in, we look forward to your application. 

Dr Tony Calland MBE – Chair of the Confidentiality Advisory Group 

For more information about the work of the Confidentiality Advisory Group, see:

Dr Tony Calland's blog on the role of CAG in 2024

Our 'Who Decides How Patient Data is Accessed?' page

The Health Research Authority's web page on CAG