The UK’s data protection regulator, the Information Commissioner’s Office, has published new guidance to provide regulatory certainty on how health and social care organisations keep people properly informed about the use of their personal information.