Compliance action so far and next steps
With the 1 September deadline is behind us, the Competition and Markets Authority have
started moving forward with compliance action.
Hospitals not yet submitting data
Encouragingly, more than 60 organisations have begun submitting data to PHIN. We estimate that
this represents around 85% of privately funded care. However, there is a ‘long tail’ of hospitals that
have either not engaged with PHIN or yet to submit any data. The CMA have written to these
hospitals as the first step of compliance and enforcement. In the letter they have outlined a fall-back
timeframe to meet the information remedy obligations in the Order.

No later than 31 October 2016
Pay any subscription fees due to PHIN in accordance with the Order, which may apply
retrospectively. Provide any preliminary information and sign and return such paperwork as
PHIN may reasonably require precedent to submitting information, for example their
Subscription & Information Sharing Agreement.

No later than 1 January 2017
Begin systematic collection of information on a basis fully compliant with the Order, as
specified by PHIN, for every private episode of care delivered, noting the likely necessity to
obtain consent from patients for the sharing of data.

No later than 31 March 2017
Begin successful submission of that information to PHIN on a no-less-than-quarterly basis,
with ‘successful’ being defined by PHIN with reference to submission of files by the specified
means and the completeness, validity and accuracy of the information therein contained.
If you hospital has received this letter it is important to adhere to these timeframes to avoid further
action.
Hospitals submitting data
For providers that have now submitted data, the focus now turns to ‘data maturity’ - improving the
validity of data submissions and data quality.
In November you will be invited to access to our member portal. This is a secure online platform
where you will be able to review your submitted data, whether there is data missing from any sites
or time periods, and the records and fields that failed data validity.
These reports will, in effect, make up your compliance and data maturity reports which will be
shared with the CMA. The CMA will use these to decide if sufficient progress has been made towards
compliance.
2