Data Analytics Guidelines

BHBIA Legal and Ethical Guidelines for Healthcare Data Analytics: Your essential guide

The UPDATED September 2024 BHBIA Legal and Ethical Guidelines for Healthcare Data Analytics are now available.
Click on the DOWNLOADS link on the right hand side of this web page to view/download your copy.

BHBIA guidelines are designed to help us all reduce risk, improve performance and make life a little simpler by drawing key information together in one place. 


We have previously offered a series of short guides for analysts and these have now be consolidated into this comprehensive document. It contains all the information that was in the previous short guides, and more, but everything has been organised into sections to make it easy to navigate, and duplication has been removed. 

Following a special resolution at the BHBIA AGM on Monday 16th May 2022, it is now a requirement of membership that “New and existing members will agree to adhere to the BHBIA Legal and Ethical Guidelines for Healthcare Market Research, BHBIA Legal and Ethical Guidelines for Healthcare Data Analytics and ABPI/BHBIA Adverse Event Reporting Guidance when carrying out business intelligence within the UK.” The addition of the data analytics guidelines brings analytics in line with market research, meaning that all members need to follow the relevant guidance for their work when conducting business intelligence in the UK. 

We also strongly recommend that analysts take the Legal and Ethical Guidelines for Data Analysts online training, which has been updated to reference the new guidelines.

The Guidelines:
  • Focus on the collection, processing and storage of secondary data for UK healthcare BI use
  • Help make sure things go smoothly from a legal and ethical point of view
  • Protect you, your data and those that provide the data, which can save you time and trouble
  • Have GDPR / UK Data Protection Act 2018 requirements built in throughout
Other guidance:

For the other resources specifically designed to help you with implementation of the GDPR (General Data Protection Regulation) / UK Data Protection Act 2018 see the Privacy and Data Protection section of the website.

These guides are particularly pertinent to data analytics:

  • International data transfer mechanisms under the UK GDPR
  • Due Diligence and New Technologies - Compliance: The New Normal 
  • Sharing Personal Data - Quick Guide 
  • Data Security including Breaches and International Transfers 
  • Risk and Privacy Impact Assessment 
Materials from recent meetings: