The controversial care.data programme has been killed off following the release of Dame Fiona Caldicott’s latest report on security and information governance in the NHS, which recommends sweeping changes to NHS data protection.

A statement from the Department of Health and minister for life sciences George Freeman, released on Wednesday afternoon, said: “NHS England has taken the decision to close the care.data programme” in light of the report.

While no specific alternative has been offered, the statement said the government remains “committed to realising the benefits of sharing information, as an essential part of improving outcomes for patients.”

Earlier in the day, Dame Fiona had said greater “clarity” is needed about care.data’s future following the release of her report this morning. “We do think it would help the public if there was clarity on the future of the care.data programme.”

The care.data programme was first approved in 2012 as an ambitious project to expand the Hospital Episode Statistics and to link them to other data sets, starting with GP data, and to make this available to researchers and others.

It quickly came under heavy criticism for confusion over what the data would be used for and how patients could opt out, including suggestions that the psuedonymised data could be sold to insurers and marketing companies.

These concerns were further exacerbated when NHS England attempted to run a public information campaign in January 2014. The campaign was criticised by clinicians for sending out a ‘junk mail’ leaflet that failed to mention the project by name, or include an opt-out form.

Although four pilot sites were named to test care.data and its information campaign in particular, these were “paused” late last year, when health secretary Jeremy Hunt asked Dame Fiona to undertake her review.

While the care.data programme was not explicitly within the purview of the report, it hung heavily in the background and the report addresses many of underlying shortcomings that engulfed the programme.

Overall, Dame Fiona’s third review has recommended more central oversight of security and information governance issues, for trusts to take these issues more seriously, for tougher sanctions for data breaches, and a new, simple opt-out option for patients over the use of their identifiable data beyond direct care.

Speaking on Wednesday morning, Dame Fiona said many of the patient consent concerns raised during care.data controversy would be addressed by the review’s proposed opt-out system.

This would ask patients, either in person or online, whether they wanted to share their identifiable data for a range of purposes beyond direct care.

At the King’s Fund’s Digital Health and Care Congress late in the afternoon, Dame Fiona said there was still a debate to be had over whether patients should be given one opt out or two – to their identifiable data being used for both administration and research or for these separately.

“Some people have asked why we don’t have more options, but the problem is that would not be simple, and that is what we wanted,” she added. In a straw poll at the event, most people voted for two opt-outs.

More engaged conversations with the public to help them understand how their data was being used were also needed, Dame Fiona stressed at the various launch events. “It’s a completely different approach in terms of a dialogue with the public compared to the one that was used with care.data.”

Addressing concerns raised about sharing data with commercial companies, Dame Fiona said the law was clear that “personal identifiable data cannot go to commercial organisations unless it is for the use of health and care, and certainly not to insurance companies.”

However, this did not mean some private companies that were furthering health and care should not have access to this information, she said.

“It’s not just about private bad, health services good,. It is more about what is the purpose for which a health organisation wants the information. If they want it purely for profit, or purely for insurance purposes that is against the law.”

Anonymous information is covered by guidance from the Information Commissioner’s Office.

In a short statement, NHS England simply said: “We welcome Dame Fiona’s review because sharing data saves lives and improves care; but doing so requires maintaining patient trust on confidentiality.”