clare sanderson executive director of information governance the nhs information centre for health...
TRANSCRIPT
Clare SandersonExecutive Director of Information Governance
The NHS Information Centre for health and social care
Agenda
The NHS Information Centre for Health and Social Care
Who we are
What we do
Protecting Patient Confidentiality
Information Governance Controls
What
Who we are
Established in 2005,The NHS Information Centre is the central
authoritative source of health and social care information, acting
as a ‘hub’ for high-quality, national and local, comparative data
for all ‘secondary uses’
Our products and services
The NHS Information Centre provide a wealth of products and services
to help commissioners and providers improve patient and client care
within the following areas:
WorkforceWorkforceFinance and performanceFinance and performance
Social careSocial care
CommissioningCommissioning
ClinicalClinical Public HealthPublic Health
Our products and servicesOur products and services
What we do for Research
Medical Research Information Service
Current status
Long term follow up
List Cleaning
Studies include:
The Million Women Study
Mortality of Gulf War Veterans
Avon Longitudinal Study of Parents and Children (ALSPAC!!!)
What we do for Research
Trusted Data Linkage Service
Data Linkage Services
Linkage to Hospital Episode Statistics & ONS Death data
Pseudonymisation Services
Data linkage studies include:
Linking data on road traffic accidents to HES
Linking hospital prescribing data to HES
Lining GP data to HES & ONS
Patient Confidentiality – why bother?
Confidentiality is fundamental to medical practice
Enshrined in the hippocratic oath and international laws
The patient/ health care professional relationship is based on trust
Headlines that worry the public
'Unacceptable' level of data loss – NHS ‘worst offenders’ says Information Commissioner
THE
Daily PlanetPrime Minister Gordon Brown has said he "profoundly regrets" the loss of 25 million child benefit records
Over twenty years worth of personal information relating to workers at Queen Mary's Hospital in Sidcup has gone missing.
A hospital trust in Cambridgeshire has been ordered to tighten security after a memory stick with medical treatment details of 741 patients went missing.
The information commissioner has told the NHS to improve its data security, after breaches involving the loss of thousands of personal medical records
The ‘Confidentiality Continuum’
Patient Identifiable
Data
Effectively Anonymised
Data
Explicit Patient Consent / Section
251 support
De-identified / Pseudonymised / technology protected data
Terms and conditions to
protect & control use
Publicly available
Section 251 Support – for NHS data in England
Allows the Secretary of State for Health to make regulations to set aside the common law duty of confidentiality for medical purposes where it is not possible to use anonymised information and where seeking individual consent is not practicable.
Requirements for Section 251 Support
Details of the Organisation Details of the data required, what is to be done with it and for what
purpose Justification for using patient identifiable data How the proposed use of the data will improve patient care or
serve the wider public interest Justification for not obtaining patient consent Involvement of other stakeholders Details of security and audit measures used to secure access to,
and limit use of, patient identifiable information Details of system security Details of the exit strategy !
Legal Compliance in England
• Common Law Duty of Confidentiality• National Health Service Act 2006
• Data Protection Act 1998
• The Human Rights Act 1998
• Freedom of Information Act 2000 ???
• Copyright Designs and Patents Act 1988
• Re-Use of Public Sector Information Regulations 2005
What is Information Governance?
“the structures, policies and practice of the DH, the NHS and its suppliers to ensure the confidentiality and security of all records, and especially patient records, and to enable the ethical use of them for the benefit of individual patients and the public good”.
IG Framework Themes
• Organisational - standards that provide assurance that the organisations have good and reliable internal processes
• Security - standards that apply to processing, storing, reporting and transmitting information
• Service - standards that apply to key processes such as linkage and pseudonymisation
• Developmental – progress toward compliance with Internationally recognised standards
Organisational Theme
• Annually reviewed, board approved IG policies
• Appropriate job specific IG training
• Documented process for serious security incidents
• Assigned responsibility for DPA
• Processes to support confidential service
• Caldicott Guardian and resourced Caldicott function
• Contracts include IG requirements and staff understand
• Access to PID controlled, monitored and audited
• Appropriate disaster recovery plans
• Business continuity plans for business critical systems
Evidence required:• IGT 112 Level 3 113 Level 3 509 level 3 and /
or• Training programme and attendance lists• Measures to evaluate training effectiveness• Reviews and update of materials• Appropriate training for information quality
and records management staff• Quality system training for all staff• Confidentiality and security training for all
staff
IG Toolkit v9
• Includes a new organisation type –
Hosted Secondary Use Team
• Total of 14 requirements for this type
• For each requirement:Identifies the requirementDescribes the backgroundProvides a knowledge base for achieving targetThree levels of achievement
Overall achievement measured through % score
Hosted Secondary Use Team
• Responsibility for IG assigned to an appropriate member of staff• IG policy for overall requirements of IG• All contracts clearly identify IG responsibilities• All staff trained appropriately on IG• PID only used lawfully & dissent treated appropriately• Confidentiality audit monitors access to PID• PID outside UK complies with the DPA & DH policy• Transfer of PID & sensitive information is secure• Security of mobile computing & teleworking • Availability of information asset register• Security of premises, equipment, records & assets• Incident management & reporting• Pseudonymisation & anonymisation used where appropriate• Presence of Safe Haven
Ensure that appropriate IG training is made available to all staff, including temps, locums and volunteers. There should be a clearly documented andcommunicated process for making all staff aware of the availability and importance of training.
NHS IG Training Tool provides a valuable base. It comprises a structured e-learning programme withIntroductory, Foundation and Practitioner level modules covering all aspects of IG.
Exemplar materials include guidance available for use in training – e.g. Information Security - NHS Code of practice. Training scenarios provided for local adoption / adaption
Achievement Level0 – no evidence1 – appropriate training provided inc induction for starters2 - All staff have completed IG training & training needs are regularly reviewed3 - Staff understanding of IG tested & support provided where needs are identified. Training provision is regularly reviewed.
What is the Alternative?
Use of ‘Honest Broker’ Services including:• Anonymisation Services• Pseudonymisation Services• De-pseudonymisation Services• Derivation services• Cohort management• s 251 Application Support (where applicable)• Data linkage services – deterministic / probabilistic• Data sets management and expertise……..
Security Theme
• Ability to detect and remove malicious code
• Secure operation of communications networks
• Secure and structured implementation of new assets
• Secure mobile working
• Controlled, audited access to PID
• New processes comply with confidentiality and DPA requirements
Security Theme ctd
• Independently audited Information Risk assessment & Management
• Formal Information Risk hierarchy
• Documented data flows for PID
• Safe Haven procedures implemented
• Effective management & control of software assets
• Effective encryption of PID
• Appropriate asset access control with regular reviews
Service Theme
• Confidentiality of PID protected through de-identification techniques
• Appropriate standard of data linkage adopted
• Documented records Management processes
• Board consideration of ethics and validity of research question
• Robust legal basis for processing
• IG included in contractual arrangements
• Board agreed protocol for sharing PID
• ALL PID processed outside EU complies with DPA; DH etc
• Documented and and available FOI process
Developmental Theme
Organisational commitment to achieving: • ISO 27001 Information Security Management
• Highest standards of business continuity and disaster recovery
• ISO 20000 - 1 IT service management Part 1
• ISO9000 – Quality Management Code of Practice
• Development of new standards when required