Clare SandersonExecutive Director of Information Governance

The NHS Information Centre for health and social care

Agenda

The NHS Information Centre for Health and Social Care

Who we are

What we do

Protecting Patient Confidentiality

Information Governance Controls

What

Who we are

Established in 2005,The NHS Information Centre is the central

authoritative source of health and social care information, acting

as a ‘hub’ for high-quality, national and local, comparative data

for all ‘secondary uses’

Our products and services

The NHS Information Centre provide a wealth of products and services

to help commissioners and providers improve patient and client care

within the following areas:

WorkforceWorkforceFinance and performanceFinance and performance

Social careSocial care

CommissioningCommissioning

ClinicalClinical Public HealthPublic Health

Our products and servicesOur products and services

What we do for Research

Medical Research Information Service

Current status

Long term follow up

List Cleaning

Studies include:

The Million Women Study

Mortality of Gulf War Veterans

Avon Longitudinal Study of Parents and Children (ALSPAC!!!)

What we do for Research

Trusted Data Linkage Service

Data Linkage Services

Linkage to Hospital Episode Statistics & ONS Death data

Pseudonymisation Services

Data linkage studies include:

Linking data on road traffic accidents to HES

Linking hospital prescribing data to HES

Lining GP data to HES & ONS

Patient Confidentiality – why bother?

Confidentiality is fundamental to medical practice

Enshrined in the hippocratic oath and international laws

The patient/ health care professional relationship is based on trust

Headlines that worry the public

'Unacceptable' level of data loss – NHS ‘worst offenders’ says Information Commissioner

THE

Daily PlanetPrime Minister Gordon Brown has said he "profoundly regrets" the loss of 25 million child benefit records

Over twenty years worth of personal information relating to workers at Queen Mary's Hospital in Sidcup has gone missing.

A hospital trust in Cambridgeshire has been ordered to tighten security after a memory stick with medical treatment details of 741 patients went missing.

The information commissioner has told the NHS to improve its data security, after breaches involving the loss of thousands of personal medical records

The ‘Confidentiality Continuum’

Patient Identifiable

Data

Effectively Anonymised

Data

Explicit Patient Consent / Section

251 support

De-identified / Pseudonymised / technology protected data

Terms and conditions to

protect & control use

Publicly available

Section 251 Support – for NHS data in England

Allows the Secretary of State for Health to make regulations to set aside the common law duty of confidentiality for medical purposes where it is not possible to use anonymised information and where seeking individual consent is not practicable.

Requirements for Section 251 Support

Details of the Organisation Details of the data required, what is to be done with it and for what

purpose Justification for using patient identifiable data How the proposed use of the data will improve patient care or

serve the wider public interest Justification for not obtaining patient consent Involvement of other stakeholders Details of security and audit measures used to secure access to,

and limit use of, patient identifiable information Details of system security Details of the exit strategy !

Legal Compliance in England

• Common Law Duty of Confidentiality• National Health Service Act 2006

• Data Protection Act 1998

• The Human Rights Act 1998

• Freedom of Information Act 2000 ???

• Copyright Designs and Patents Act 1988

• Re-Use of Public Sector Information Regulations 2005

What is Information Governance?

“the structures, policies and practice of the DH, the NHS and its suppliers to ensure the confidentiality and security of all records, and especially patient records, and to enable the ethical use of them for the benefit of individual patients and the public good”.

Information Governance Framework

In Collaboration with the Research Capability Programme

IG Framework Themes

• Organisational - standards that provide assurance that the organisations have good and reliable internal processes

• Security - standards that apply to processing, storing, reporting and transmitting information

• Service - standards that apply to key processes such as linkage and pseudonymisation

• Developmental – progress toward compliance with Internationally recognised standards

Organisational Theme

• Annually reviewed, board approved IG policies

• Appropriate job specific IG training

• Documented process for serious security incidents

• Assigned responsibility for DPA

• Processes to support confidential service

• Caldicott Guardian and resourced Caldicott function

• Contracts include IG requirements and staff understand

• Access to PID controlled, monitored and audited

• Appropriate disaster recovery plans

• Business continuity plans for business critical systems

Evidence required:• IGT 112 Level 3 113 Level 3 509 level 3 and /

or• Training programme and attendance lists• Measures to evaluate training effectiveness• Reviews and update of materials• Appropriate training for information quality

and records management staff• Quality system training for all staff• Confidentiality and security training for all

staff

IG Toolkit v9

• Includes a new organisation type –

Hosted Secondary Use Team

• Total of 14 requirements for this type

• For each requirement:Identifies the requirementDescribes the backgroundProvides a knowledge base for achieving targetThree levels of achievement

Overall achievement measured through % score

Hosted Secondary Use Team

• Responsibility for IG assigned to an appropriate member of staff• IG policy for overall requirements of IG• All contracts clearly identify IG responsibilities• All staff trained appropriately on IG• PID only used lawfully & dissent treated appropriately• Confidentiality audit monitors access to PID• PID outside UK complies with the DPA & DH policy• Transfer of PID & sensitive information is secure• Security of mobile computing & teleworking • Availability of information asset register• Security of premises, equipment, records & assets• Incident management & reporting• Pseudonymisation & anonymisation used where appropriate• Presence of Safe Haven

Ensure that appropriate IG training is made available to all staff, including temps, locums and volunteers. There should be a clearly documented andcommunicated process for making all staff aware of the availability and importance of training.

NHS IG Training Tool provides a valuable base. It comprises a structured e-learning programme withIntroductory, Foundation and Practitioner level modules covering all aspects of IG.

Exemplar materials include guidance available for use in training – e.g. Information Security - NHS Code of practice. Training scenarios provided for local adoption / adaption

Achievement Level0 – no evidence1 – appropriate training provided inc induction for starters2 - All staff have completed IG training & training needs are regularly reviewed3 - Staff understanding of IG tested & support provided where needs are identified. Training provision is regularly reviewed.

What is the Alternative?

Use of ‘Honest Broker’ Services including:• Anonymisation Services• Pseudonymisation Services• De-pseudonymisation Services• Derivation services• Cohort management• s 251 Application Support (where applicable)• Data linkage services – deterministic / probabilistic• Data sets management and expertise……..

Any Questions?

Security Theme

• Ability to detect and remove malicious code

• Secure operation of communications networks

• Secure and structured implementation of new assets

• Secure mobile working

• Controlled, audited access to PID

• New processes comply with confidentiality and DPA requirements

Security Theme ctd

• Independently audited Information Risk assessment & Management

• Formal Information Risk hierarchy

• Documented data flows for PID

• Safe Haven procedures implemented

• Effective management & control of software assets

• Effective encryption of PID

• Appropriate asset access control with regular reviews

Service Theme

• Confidentiality of PID protected through de-identification techniques

• Appropriate standard of data linkage adopted

• Documented records Management processes

• Board consideration of ethics and validity of research question

• Robust legal basis for processing

• IG included in contractual arrangements

• Board agreed protocol for sharing PID

• ALL PID processed outside EU complies with DPA; DH etc

• Documented and and available FOI process

Developmental Theme

Organisational commitment to achieving: • ISO 27001 Information Security Management

• Highest standards of business continuity and disaster recovery

• ISO 20000 - 1 IT service management Part 1

• ISO9000 – Quality Management Code of Practice

• Development of new standards when required