National Major Trauma Registry Transparency Notice

Traumatic injury is a global burden and contributes largely to death and disability across the UK.  For every trauma death at least two people are left with severe and permanent disability and the effects of traumatic injury have considerable long term implications upon the quality of life of its survivors.  As a result of traumatic injury, there is also a significant impact upon the associated costs to the NHS.

The National Major Trauma Registry (NMTR) is an established national clinical audit for trauma care across England, and supports 170 trauma receiving trusts in England by providing each trauma unit with Casemix adjusted outcome analysis, performance of key process measures and comparisons of trauma care.

The NMTR, will include data from the Trauma Audit and Research Network (TARN). TARN has been owned since 1988 by the Academic Health Science Centre at the University of Manchester (UoM) and there will a transfer responsibility for and operation of TARN to NHS England.

This collection supports the development of a single Outcome Registries Platform, to enable the national reporting of trauma services.

NHS England will facilitate the collection, processing, and dissemination of NMTR data for use in developing the trauma system and trauma care research and to provide analyses that drive improvements in services and overall patient care and safety.

The NMTR forms part of the NHS England Outcomes and Registries programme

This notice should be read alongside the main Outcomes and Registries Transparency Notice

NMTR collects data about patients who meet a set inclusion criteria: 

Trauma patients – any age, who meet one of the following:  

• 3 days plus length of stay or 
• died or 
• transferred to another healthcare provider or setting
• and have sustained an NMTR eligible traumatic injury 

Your personal data, including data related to your health will be collected regarding your injury from the incident to your discharge, this data will include:

• your NHS number
• your family name
• your first name
• your current postcode
• your date of birth
• the surgeon, and other clinicians involved in your care
• information about your injury, and your health pre and post treatment

Data is submitted securely to NHS England by trauma receiving NHS Trusts. These organisations are legally obliged to provide us with the information as set out in the Data Provision Notice issued to them under section 259(1)(a) of the Health and Social Care Act 2012. The National Major Trauma Registry Data Provision Notice is published. 

Improving patient safety

Patient identifiable data collected from health care providers will be limited to use and stored within the Outcome Registries Platform and will only be accessed where it is necessary to provide direct patient care or to support public functions related to patient safety and the improvement of patient outcomes. These include:

• access to submitted data for clinical data validation, practice review and appraisal
• patient-event linkage across settings and providers for continuity of care
• recall/alert flagging and feedback to providers
• clinical direct care feedback
• patient feedback and GP continuity of care

Quality checking

The data we collect is checked and quality assured by skilled analysts. If necessary, they will check with the organisation who sent us the data to make sure it is correct and complete.

Analysis and linkage

We analyse and link the data we collect to other patient data NHS England already holds, so that we can identify how well your device is working and investigate the longer-term effects of surgical devices and implants on your health.

Publishing statistics

We will use the data to publish national statistics and data outputs that contain only anonymous data which cannot be used to identify individuals. We never publish any data that could identify you. 

NHS England treats the data we hold with great care. All data which is shared by NHS England is subject to robust rules relating to privacy, security and confidentiality and only the minimum amount of data necessary to achieve the relevant health and social care purpose will ever be shared.

Wherever possible, de-personalised data or anonymous data is used and shared to protect patient confidentiality. We also apply the National Data Guardian’s Caldicott Principles to ensure we only provide the minimum amount of data necessary for the purpose for which it is to be used. To support your direct care, personally identifiable data can be shared, but this is always done in accordance with the law and subject to safeguards to ensure that the data is kept safe and secure.

Data is shared or is expected to be shared with organisations such as health care organisations, clinicians, commissioners of NHS services. 

For example the organisation that provided your care: to assess the effectiveness of your care, to improve the services they offer and in the event you need to be contacted about issues affecting your device that require follow-up action, and for the purposes of:

• correcting data validation errors to ensure the completeness and quality of the submitted data: and
• direct care, including enabling local monitoring of key care metrics for trauma patients such as measuring outcomes and to support local benchmarking for assurance of safe and high-quality care and treatment through local audit, the management of untoward or adverse incidents, person satisfaction including measurement of outcomes undertaken by one or more registered and regulated health or social care professionals and their team with whom the individual has a legitimate relationship for care

Aggregate Reporting - Aggregate reports (which do not identify you) will be also supplied to the following organisations via dashboard reports, for the purposes of Data Quality, Operational Measures and Clinical Reporting:

• the organisation the provided your care
• Department of Health and Social Care
• regulatory bodies
• National Institute for Health and Care Excellence (NICE)
• Healthcare Quality Improvement Partnership (HQIP)
• National Advisory Group for Clinical Audit and Enquiries (NAGCAE)
• Royal College of Surgeons
• British Orthopaedic Association
• Society of British Neurological Surgeons (SBNS)
• Headway and the Care Quality Commission (CQC)

Other organisations may be able to apply to access the data we have collected, linked and analysed under the Directions following an application through NHS England’s Data Access Request Service (DARS). Any data sharing will be subject to the organisations applying to access the data having a lawful basis to process it, and NHS England having a lawful basis to disclose it. Each organisation we share data with must sign a Data Sharing Framework Contract and a Data Sharing Agreement and we carry out audits to check they are using the data as agreed. Where a DARS application is approved, data may be shared for analysis through the Data Access Request Service and NHS England Secure Data Environments, in line with NHS policy on Secure Data Environments

We may also publish anonymised data we have. This enables the NHS and other organisations to use this anonymous data for statistical analysis and for planning, commissioning and research purposes. We never publish any data that could identify you.

Details about the NMTR shared with other organisations, except for anonymous data, are published in the Data Uses register

If you have registered a National Data Opt-Out, NHS England can still collect your data under the Outcomes and Registries data collection Direction 2024. 

When NHS England shares Outcomes and Registries data

For any data we share with other organisations through our Data Access Request Service, we will apply the national data opt-out in line with the National Data Opt-Out Operational Policy Guidance.

You can find out more about and register a national data opt-out or change your choice on nhs.uk/your-nhs-data-matters

The minimum retention period for Outcomes and Registries data is 8 years after the closure of the Outcomes and Registries programme.  This retention period will be reviewed regularly to ensure that the data is only held as long as is necessary our purposes in accordance with the Records Management Code of Practice 2021 and our Records Management Policy. 

Other organisations we share your personal data with must only keep it for as long as is necessary and as set out in their Data Sharing Agreement. Information about this will be provided in their privacy notices on their websites.

NMTR will be stored and processed within the United Kingdom (UK).

We have been given a legal instruction to collect and analyse data about NMTR.

This legal instruction is known as a direction, which we received from the Secretary of State for Health and Social Care, under section 254 of the Health and Social Care Act 2012. The direction is called the  Outcomes and Registries Directions 2024 It provides the legal basis for NHS England to collect and use data for the purposes set out above.

Under the UK General Data Protection Regulation (GDPR), NHS England can only collect and use personal data if there is a legal basis under Articles 6 and 9 of the UK GDPR.

Our legal basis for collecting and analysing personal data is Article 6(1)(c) - legal obligation: the processing is necessary to comply with the law, as NHS England is required to do this by the direction.

Our basis for processing personal data related to health (special category data) is Article 9(2)(g). This is because the processing of the data is substantially in the public interest and in accordance with the law, for the purposes of NHS England exercising its statutory functions under the direction. It is substantially in the public interest to collect and use as the aims are to improve patient safety, to improve future treatments. This processing is also permitted under paragraph 6 of Schedule 1 of the Data Protection Act 2018.

You can read more about the health and care information collected by NHS England, and your choices and rights in

• The Outcomes and Registries Transparency Notice
• how we look after your information
• Transparency Notice: how we use your personal data and its NMTR GDPR registry entry

Our Data Protection Officer is Jon Moore who can be contacted at [email protected]

NHS England may make changes to this Transparency Notice. If so, the 'last edited' date on this page will also change. Any changes to this notice will apply immediately from the date of any change.