Patient Information

Please click on the links below to download a copy of the NELA Fair Processing Privacy Policy or Patient Information Leaflet. You can also see the individual FAQs for further information.

What is an emergency laparotomy?

An emergency laparotomy is a major operation where the surgeon has to cut open the abdomen (stomach area). It is called "emergency" because it must be done very soon or even immediately and cannot wait until a later date. It might be carried out for several reasons including internal bleeding, perforation (burst), obstruction (a blockage) or infection. In many cases it might be the only option available in order for the patient to get better.

What is NELA?

NELA stands for National Emergency Laparotomy Audit. The NELA is commissioned by the Healthcare Quality Improvement Partnership (HQIP) as part of the National Clinical Audit Programme on behalf of NHS England and the Welsh Government. A clinical audit like NELA is undertaken by an independent body to assess the quality of care in hospitals by looking at how it treats its patients and the outcomes of those patients. NELA is a national clinical audit, so that means it is being carried out in over 180 hospitals in England and Wales. NELA will look at the quality of care received by patients undergoing emergency laparotomy.

Is my local hospital participating?

All hospitals in England and Wales that carry out emergency laparotomy are expected to participate in this audit. We want to improve the care that patients undergoing emergency surgery receive. To do this, we will collect important information on how well your hospital is providing care to you. We will then give hospitals all the valuable information we have obtained. This will highlight areas of their service where they are doing well, and areas in which they can improve. It will also allow hospitals to compare themselves with others all around the country.

What information does NELA collect about me and how is it used?

We collect information about the care patients receive whilst in hospital. This includes information about the investigations and treatments received, how long it took for different parts of treatment to be given, and whether a patient went to a critical care bed after surgery. The personal information we collect is name, date of birth, NHS number, postcode and sex.
NELA patient data is submitted directly to NELA by clinical teams treating the patient or from the hospital records.

NELA will not publish information that can enable individual patients to be identified.

By collecting and sharing this information, we are able to highlight areas where hospitals are doing well, and areas in which they can improve the quality of care for patients so that they can put plans in place to achieve this. It will also allow hospitals to compare themselves with others in England and Wales and in doing so improve the quality of care by sharing examples of good practice.

Full details of what is being collected can be found the NELA website -

Do you keep my information confidential?

The patient information received and managed by the NELA team is treated as confidential. The information is only available to the NELA team in a pseudonymised format, with individual patients only distinguishable by a computer-generated sequence of numbers. This data will be retained for the duration of the audit and 5 years after it is completed.

We maintain the confidentiality and security of patient information in the following ways:
• All reports are produced at an aggregate level (national, regional, hospital).
• In each audit publication, the statistical information is reviewed to ensure the risk of identification is minimised, and where necessary, small numbers are suppressed. This assessment follows guidelines issued by the Office for National Statistics:
 confidentialityguidanctcm77181864.pdf (2.41 MB).

How is my information managed by the NELA team?

The NELA team are based at the Royal College of Anaesthetists (RCoA) and the Royal College of Surgeons of England (RCS). Both the RCoA and RCS conform to the General Data Protection Regulation (GDPR) and other legislation that relates to the collection and use of patient data, and has strict security measures in place to safeguard patient information. NELA stores the pseudonymised patient data on a secure computer to which only authorised audit team members have access. The IT system has various levels of security built into it, including:

• ID password security: the data is stored on a password protected system, which prevents unauthorised users gaining access.
• The stored data files are encrypted.

Who does NELA share data with?

NELA only shares patient-level data following a strict governance procedure to ensure compliance with the General Data Protection Regulation (GDPR).

NELA has permission to link patient-level data with other national databases on a case-by-case basis. NELA holds a current Data Sharing Agreement with:
- NHS Digital for the English hospital data (Hospital Episode Statistics)
- Office for National Statistics (ONS) for the death register
- National Wales Informatics Service (NWIS) for the Welsh hospital data (Patient Episode Database for Wales - PEDW)
- Intensive Care National Audit & Research Centre (ICNARC) for critical care data

Linkage with HES and PEDW data enables NELA to compare the number of records submitted to NELA with the number recorded retrospectively in HES to ensure high data quality. This linkage also enables analyses on the associations between those undergoing emergency laparotomies and other medical conditions. Linking with ONS data allows NELA to report mortality rates in the first 30 days after patients are admitted to hospital. Linking NELA data to ICNARC data allows longer-term analysis into critical care data.

Researchers may apply to NELA's Data Controller - the Healthcare Quality Improvement Partnership (HQIP) - for access to NELA data. These requests undergo a stringent approvals process as outlined here:

Who are the data controllers for NELA?

As funders and commissioners of the NELA, NHS England and HQIP are the joint data controllers for the patient data submitted to the audit i.e., they are the organisations in control of processing the data.

What is the legal basis for processing personal data for NELA?

Under GDPR the following legal bases apply: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (Article 6 (1) (e and (Article 9 (2)(i processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy.

Under the Common Law Duty of Confidentiality (CLDC), NELA uses Section 251 as its legal basis to meet the CLDC.

NELA currently has approval under Section 251 to collect patient level data (reference number: CAG 5-07(d)/2013) for all emergency laparotomy patients admitted to hospital.

The rationale for this is that as many emergency laparotomy patients are extremely unwell before and after they have had an emergency laparotomy, it would not be feasible to ask all patients for their consent.

How does NELA protect my data?

The RCoA takes the security of your data seriously. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Local clinical teams enter patient data into a secure web-based tool provided by Netsolving Ltd. Only the hospitals participating via the doctors, nurses and clinical audit staff and the NELA project team will have access to the web-based tool. Security and confidentiality is maintained through the use of passwords and a person-specific registration process.

What other benefits may arise from the use of my information?

Occasionally, the NELA is asked to support medical research to improve surgical care. Researchers make these requests directly to HQIP who will then contact NELA after the application has been reviewed to ensure it is in the public interest. More information on this process can be found at the:

In supporting medical research, we take care to ensure there are appropriate safeguards in place to protect patient confidentiality and ensure the data are used securely.

Why haven't I been asked for permission to use my information?

Because some patients are very sick before and after they have had an emergency laparotomy, it would be very hard to ask all patients for their consent. It is important that we get information from all patients, not just those that are well enough to give consent. That's how we can provide an accurate overview of quality. It can be a distressing time for patients and their families, and asking them about this project at this time would not be their most important priority.

What if I do not want my information included used by the Audit?

As a patient, you can choose to opt out of NELA. Opting out will not affect the care a patient receives. Please email and put "Patient request to opt-out" in the subject line. We will then contact the hospital to request that they do not enter your details into the audit. Alternatively, please notify a member of your local care team that you wish to opt out.
If your details have already been entered into the NELA database, your rights to access, change or remove your information may be more limited, as we need to manage your information in specific ways in order for research and reports to be reliable and accurate. If your data has not yet been used for analysis, it will be removed from the NELA database. If your data has already been used for analysis, we will not be able to remove information about you that we have already obtained and used. To safeguard your rights, we will use the minimum personally-identifiable information possible.

If you prefer you can also call the NELA Helpline on 020 7092 1683.

Changes to our privacy policy

We keep our privacy policy under regular review and we will always include the latest version on this web page.

The privacy policy was last updated on February 2020

Who can I contact with questions about the privacy policy?

RCoA has a Data Protection Officer who can help you with any queries about the information in the privacy notice:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the supervisory authority in the UK responsible for the implementation and enforcement of data protection law, if you have concerns about the way your personal data is being handled. You can contact the ICO via their website - or by calling their helpline - 0303 123 1113.

Additional Research

If you had surgery between March 2014 and October 2015 in a participating hospital, your non-personal data may be shared with a study team at Queen Mary University London for the purposes of research. This data will be combined with information from the Office for National Statistics and Hospital Episode Statistics in order to investigate long term outcomes. The study is called EPOCH. Please visit their website for more information: