Third Party applications to use the National Pupil Database (NPD) are only progressed if they are compliant with the Education Act and Data Protection Act. As part of the approvals process, officials including legal experts and senior civil servants with data expertise assess the application for public benefit, proportionality (ensuring the minimum amount of data is used to meet the purpose), legal underpinning, and that the strict information security standards have been satisfied.
Onward data sharing of data requested by approved third-party organisations is only possible where this is made explicit within the NPD application form. The application form specifically states that the requestor ‘will not further disclose, publish or pass on the data without the prior written approval of the department’. Any additional organisation receiving any NPD data would also be required to satisfy the same security controls as the original requestor.
The Department for Education typically process approximately 350 requests a year for individual level data per year. The vast majority of these do not involve onward sharing of individual level data. A full review of each underlying NPD data request to definitively quantify the number of instances which have involved sub-contracting or onward data share arrangements from an approved third-party organisation could only be provided at disproportionate cost.
The Department does not charge for access to data from the National Pupil Database.