Further information on PHIN's mandate and governance, such as voting members and Board structure.

Our Mandate

An investigation in 2014 by the Competition and Markets Authority (CMA), the UK regulator of business competition, found that people considering private healthcare did not have clear information available to help them make an informed choice of which consultant or hospital is right for them.

In response, the CMA published a series of remedies which required all hospitals and consultants offering private treatment to submit data to PHIN us as the Information Organisation (IO) for private healthcare.

We publish information based on 11 performance measures to help people consider their options and provide peace of mind when choosing where to receive private treatment.

The information we publish includes simple information, such as what procedures are undertaken and where, information about patient experience and how successful treatments have been. As the data we receive from hospitals matures over time, we will continue add further information.

For more on the Order, visit the CMA’s website.

Corporate governance

We are an independent, not-for-profit organisation working with the private healthcare industry on behalf of patients. From the outset, hawse have embedded a balanced and independent approach into our governance structure and processes, and this was recognised and formalised by the Competition & Markets Authority (CMA) in approving us as the Information Organisation for private healthcare in 2014.

Board of Directors

We have an independent Board of Directors that hold us accountable and help steer our work. Our Board reflects a range of expertise and experience, reflecting a range of stakeholder interests including patients, hospital operators, doctors, insurers and the wider healthcare community.

Among our Non-Executive Directors we have medical experts, people who have previously held leadership positions in private healthcare, and patient and consumer advocates. This includes members who have been nominated by the medical profession, hospitals, private medical insurers and the Competition and Markets Authority. Our Board members cannot be current directors or employees of any hospital provider or insurer, and must declare any conflicts of interest.

Voting Members

PHIN was established in 2012 as a Company Limited by Guarantee without shareholding. In accordance with Company Law, we have voting Members who play a formal role in governance similar to shareholders, but do not own the company and do not benefit from any profits or remuneration. The voting Members were originally the hospital groups that founded PHIN, but private medical insurers and organisations representing consultants are now also being invited to participate, as required by Article 24.2 of the Order.

The duties of voting Members includes rights to:

  • vote at general meetings, including the Annual General Meeting
  • call a general meeting (the board also have this right)
  • appoint or remove directors (the board also have this right)
  • receive the Annual Report and accounts

Who are our voting members?

Our funding

The CMA has placed a duty on private hospital operators to fund our work through subscriptions (Article 21.4). Subscriptions are based on a fixed fee for every recorded episode of privately funded care. We receive no funding from consultants or private medical insurers (PMIs). We carry no advertising on the website and so receive no revenue from marketing. Our focus is to provide value for our members and free, quality information for patients.

Information governance and personal data

Data privacy, confidentiality and security are essential for us. Although no patients can be identified using our data alone, we hold sensitive data which we treat with the upmost sensitivity. We operate to the highest standards to ensure that any data collected about patients receiving private healthcare is secure and used appropriately.

We are subject to the Data Protection Act 2018, have completed the NHS Information Governance Toolkit process and been accredited under the ISO27001 Information Security Management Systems standard since August 2016. The ISO27001 accreditation includes people, processes and IT systems by applying a risk management process.

Hospitals are required by law to send us detailed records of every episode of care that they deliver. These records contain basic demographic information (like the ages of patients treated) but have specific details like names and dates of birth removed.

To produce some of the most important performance measures we need to know for sure whether we are looking at the same patient appearing more than once in the data, or to join data from different sources. For that reason, hospitals are required to send us NHS Numbers or equivalents associated with each record, and these must be validated by an approved process.

Was this article useful?