Data use audits

CPRD carries out independent audits and where necessary, post-audit reviews, to ensure users of CPRD data abide by the terms and conditions set out by CPRD and are compliant with the obligations in their Data Licensing Agreements.

A summary of the most recent audits including any required actions or recommendations is available below. 

Date

Organisation 

Audit rating

July 2023

Pharmatelligence Limited

Satisfactory - recommendations
 

Data storage and use

Agreement terms complied with
 

Data security 

The review panel found that during the licence period Pharmatelligence had complied with licence requirements for data security and had met the standards expected by CPRD for patient level data. There are 2 recommendations made by the review panel.
 

Publications 

The review panel found that all licence obligations had been met though no studies within the licence period had progressed to the publication stage. The panel recommends an audit in FY24/25 on compliance with contractual clauses regarding publication and specific wording to be used in publications arising from use of CPRD and Linked Data.
 

Comments 

The review panel found that Pharmatelligence had complied with all licence obligations covered in the audit and had met the standards expected by CPRD. There are 3 recommendations that the review panel have put forward.

 

Date

Organisation 

Audit rating

October 2023

University of York

Satisfactory - recommendations
 

Data storage and use

Agreement terms complied with.
 

Data security 

The review panel found that the University of York had complied with the licence requirements for data security and had met the standards expected by CPRD for patient level data. The panel has made one recommendation.
 

Publications 

The review panel found that not all licence obligations had been met and has made one recommendation.
 

Comments 

The review panel found that University of York had complied with all licence obligations covered in the audit and had met the standards expected by CPRD. There are 2 recommendations that the review panel have put forward.

 

Date

Organisation 

Audit rating

November 2021

Brigham & Women’s Hospital

Satisfactory - recommendations
 

Data storage and use

The review panel found that during the agreement period Brigham had complied with the licence requirements for data security and had met the standards expected by CPRD for data storage and use.
 

Data security 

The review panel found that during the agreement period Brigham had complied with the licence requirements for data security and had met the standards expected by CPRD for patient level data. There are 2 recommendations made by the review panel.
 

Publications 

Rated as Satisfactory as there are no publications.
 

Comments 

During the audit it was discovered that an approved sub licence had not been fully signed off which was rectified immediately during the audit process. All data for this agreement have been confirmed as destroyed and appropriate certification provided to CPRD.

There are 2 recommendations that the review panel has put forward. CPRD will not be conducting any follow up to this audit and does not require a response to the recommendations.

 

Date

Organisation 

Audit rating

October 2021

Sir Mortimer B Davis Jewish General Hospital

Satisfactory - recommendations
 

Data storage and use

The review panel found that during the licence period Sir Mortimer B Davis Jewish General Hospital had complied with licence requirements and had met the standards expected by CPRD for data storage and use. The panel did have 2 recommendations.
 

Data security 

The review panel found that during the licence period Sir Mortimer B Davis Jewish General Hospital had complied with the licence requirements for data security and had met the standards expected by CPRD for patient level data.

The review panel have made 7 recommendations.

 

Publications 

The review panel found that all licence obligations had been met with a comprehensive list of publications provided.
 

Comments 

The review panel found that Sir Mortimer B Davis Jewish General Hospital had complied with all licence obligations covered in the audit and had met the standards expected by CPRD. 

There were 9 recommendations made.

 

Date

Organisation 

Audit rating

July 2021

GlaxoSmithKline Research & Development Limited

Satisfactory 
 

Data storage and use

All agreement terms fully complied with.
 

Data security 

All agreement terms fully complied with.
 

Publications 

All agreement terms fully complied with.
 

Comments 

The audit team found that the client had fully complied with all obligations required by the licence agreement. 

There were no recommendations to make.

 

 

 
Page last reviewed