The report made several recommendations, one of which was the appointment of Caldicott guardians, members of staff with a responsibility to ensure that patient data are kept secure: Recommendation 3: A senior person should be nominated in each NHS organisation, including the Department of Health and associated agencies, to act as a "guardian".
The "guardian" should normally be a senior health professional or be closely supported by such a person.
The NHS IM&T Security Manual (Section 18.4) requires each organisation to designate a senior medical officer to oversee all procedures affecting access to person-identifiable health data.
The Department of Health should take the development of this role forward in partnership with interested parties.
The guardians are responsible for ensuring that their organisation adheres to the Caldicott principles.