CPRD carries out independent audits and where necessary, post-audit reviews, to ensure users of CPRD data abide by the terms and conditions set out by CPRD and are compliant with the obligations in their Data Licensing Agreements.
A summary of the most recent audits including any required actions or recommendations is available below.
Date | Organisation | Audit rating |
---|---|---|
July 2023 | Pharmatelligence Limited | Satisfactory - recommendations |
Data storage and use | Agreement terms complied with | |
Data security | The review panel found that during the licence period Pharmatelligence had complied with licence requirements for data security and had met the standards expected by CPRD for patient level data. There are 2 recommendations made by the review panel. | |
Publications | The review panel found that all licence obligations had been met though no studies within the licence period had progressed to the publication stage. The panel recommends an audit in FY24/25 on compliance with contractual clauses regarding publication and specific wording to be used in publications arising from use of CPRD and Linked Data. | |
Comments | The review panel found that Pharmatelligence had complied with all licence obligations covered in the audit and had met the standards expected by CPRD. There are 3 recommendations that the review panel have put forward. |
Date | Organisation | Audit rating |
---|---|---|
October 2023 | University of York | Satisfactory - recommendations |
Data storage and use | Agreement terms complied with | |
Data security | The review panel found that the University of York had complied with the licence requirements for data security and had met the standards expected by CPRD for patient level data. The panel has made one recommendation. | |
Publications | The review panel found that not all licence obligations had been met and has made one recommendation. | |
Comments | The review panel found that University of York had complied with all licence obligations covered in the audit and had met the standards expected by CPRD. There are 2 recommendations that the review panel have put forward. |
Date | Organisation | Audit rating |
---|---|---|
November 2021 | Brigham & Women's Hospital | Satisfactory - recommendations |
Data storage and use | The review panel found that during the agreement period Brigham had complied with the licence requirements for data security and had met the standards expected by CPRD for data storage and use. | |
Data security | The review panel found that during the agreement period Brigham had complied with the licence requirements for data security and had met the standards expected by CPRD for patient level data. There are 2 recommendations made by the review panel. | |
Publications | Rated as Satisfactory as there are no publications. | |
Comments | During the audit it was discovered that an approved sub licence had not been fully signed off which was rectified immediately during the audit process. All data for this agreement have been confirmed as destroyed and appropriate certification provided to CPRD. There are 2 recommendations that the review panel has put forward. CPRD will not be conducting any follow up to this audit and does not require a response to the recommendations. |
Date | Organisation | Audit rating |
---|---|---|
October 2021 | Sir Mortimer B Davis Jewish General Hospital | Satisfactory - recommendations |
Data storage and use | The review panel found that during the licence period Sir Mortimer B Davis Jewish General Hospital had complied with licence requirements and had met the standards expected by CPRD for data storage and use. The panel did have 2 recommendations. | |
Data security | The review panel found that during the licence period Sir Mortimer B Davis Jewish General Hospital had complied with licence requirements for data security and had met the standards expected by CPRD for patient level data. The review panel have made 7 recommendations | |
Publications | The review panel found that all licence obligations had been met with a comprehensive list of publications provided. | |
Comments | The review panel found that Sir Mortimer B Davis Jewish General Hospital had complied with all licence obligations covered in the audit and had met the standards expected by CPRD. There were 9 recommendations made. |
Date | Organisation | Audit rating |
---|---|---|
July 2021 | GlaxoSmithKline Research & Development Limited | Satisfactory |
Data storage and use | All agreement terms fully complied with. | |
Data security | All agreement terms fully complied with. | |
Publications | All agreement terms fully complied with. | |
Comments | The audit team found that the client had fully complied with all obligations required by the licence agreement. There were no recommendations to make. |