NDP Audit Service

The NDP Audit Service provides a single source of truth when a person or software accesses a patient's sensitive information.

Service catalogue

About

The NDP Audit Service is a central, platform-level capability. Its main purpose is to support:

  • assurance
  • compliance
  • investigation
  • transparency

The service stores audit events in a standard way, which helps interpret data consistently. This supports the detection and investigation of inappropriate or unauthorised access.

By following this process, this service can identify, assess, and mitigate risks to personal data arising from a process or project. 

The NDP Audit Service is available for all NDP Services.

Who the Audit Service is for

The Audit Service is for:

  • teams investigating access or responding to freedom of information (FOI) requests
  • NDP services that access, disclose, or process personal or sensitive data
  • platform teams requiring a consistent audit capability rather than bespoke implementations
  • approved internal consumers requiring read-only access to canonical audit data for compliance or monitoring

This service does not work as an analytics tool and cannot provide information such as user journeys or screen views.

What information is available

The Audit Service responds to the following questions:

  • Who accessed the data?
  • Which data did they access?
  • When did they access it, and through which service?
  • What action did they perform?

Status, service level and current usage

This Audit Service is only for internal use and is currently In Production.

All our APIs have specific standards that determine their availability and the speed at which we address any problem.

For more details, visit:

Get started with this service

To start working with this service get in touch and tell us more about your project and organisation.

Contact us

What do you think of this page?

© NHS Education for Scotland 2026