janice abraham and paul allen: risk stratification, 30 june 2014
DESCRIPTION
In this slideshow, Janice Abraham, Information Governance, Policy & Engagement Manager, Enfield Council and Paul Allen, Older People’s Commissioner of London Borough of Enfield discuss risk stratification work in Enfield, and the importance of weighing up the benefits against any potential risks. Janice Abraham and Paul Allen spoke at the Nuffield Trust event: The future of the hospital, in June 2014.TRANSCRIPT
Risk Stratification Nuffield Trust - 30 June 2014
Janice Abraham
Information Governance, Policy & Engagement Manager Health, Housing & Adult Social Care
Enfield Council
Paul Allen
Integrated Care Programme Manager
Enfield CCG
www.enfield.gov.uk
Striving for excellence
Our risk stratification work
• Commenced November 2013
• Provider was selected by Enfield CCG through a
formal tendering exercise
• Information governance proved to be the most
contentious issue to overcome
• We did it
• But we had to be pragmatic – weighing up the
benefits against any potential risks
• Else we would never have gotten this far
Risk stratification work – so far & planned
• Original algorithm used was King’s Fund
Combined PARR algorithm
• Moving to a Nuffield Trust PARR-30 algorithm
• We want to work with Nuffield Trust to identify
those at risk of intensive social care…
• …Applying some ideas elsewhere to Enfield
• We also want to work with Council/CCG-wide
data to identify those at risk of social isolation
• And to make sure they have the opportunity to
get in touch with the voluntary sector as part of
our “integrated care offer”
What data is included in the risk
stratification tool? • Primary care dataset
45 out of 52 GPs are
currently providing a monthly
data extract
• Adult Social Care
dataset (not currently
used in the algorithm),
but included in the
output reports
• Secondary care
dataset (SUS)
– Four acute hospitals
that serve the Enfield
community are
submitting a monthly
data extract
Data output includes
• Primary care
• Secondary care
• Adult Social Care
• GPs receive a list of their own
patients, from very high, high,
moderate, through to low risk
(depending on the type of
algorithm requested)
• Only GPs can identify people and
only their own patients
• Everyone else can only see
aggregate reports
Information Governance
• Informed consent
– Para included in winter flu campaign letters to over 65s
– Posters on electronic display screens in hospitals
– Posters in GP surgeries
– Who to contact if people have any questions or concerns
about how their data is used
– Privacy Notices on partner websites
– Access to records policies
– These cover current uses of people’s personal
information and how they can ‘opt out’
Information Governance
• Privacy Impact Assessment
• Operational Process Agreement
• Contract agreed between commissioners
(Enfield Council and Enfield CCG) and the
risk stratification provider, with Enfield CCG
representing GPs. Trusts also represented
• Data Supply Agreement between the GPs
and the contract commissioners
– to allow the provider to extract a monthly primary
care dataset directly from the GP system
– linked to the contract in which Enfield CCG
represents participating GPs
Information Governance
GP
Data Supply Agreement (x 52)
Enfield CCG / Enfield Council
Hospital & MH Trusts
Data Supply Agreement (x 3)
Contract with
provider
Information Governance
• Same pseudonymisation tool is used by all parties
• All data is transferred via N3. Data is uploaded monthly
to the provider upload portal on N3. Output is available
from the provider’s reporting portal on N3
• Primary care dataset is extracted by the
provider and pseudonymised
• Secondary care dataset is supplied by
the hospitals already pseudonymised
• Adult social care dataset is supplied by
the Council already pseudonymised
Information Governance
Under the Data Protection Act:
• GPs are Data Controllers
• Enfield Council is a Data Controller
• NHS Trusts are Data Controllers
• The provider is a Data Processor
• CCGs are neither
• But CCGs can commission on behalf of GPs
and NHS Trusts
What next?
• Include mental health data
• Make the data output available to the Older People’s Assessment
Units (in identifiable format)
• Stop pseudonymising the NHS
Number so that parties can identify
their own patients and service users.
The NHS Number is ‘weakly’
pseudonymised data
• By linking the NHS Number to the
record (in particular the user’s
postcode), we can make services
available where they are most
needed. We will open another MDT
in the North West of the borough if
the data indicates a need
Information Governance
• The data is useful for a number of other
purposes
• Most of the time aggregate/anonymised data is
sufficient
• But where the data is necessary to provide or
refer people for direct care, we need to provide
identifiable data
– to GPs
– to Older Peoples Assessment Units
– to Public Health
Is this data sharing legal?
• We use informed consent
• We try to reach people in a number of different ways
• All systems that the data is extracted from include an opt out code
and this is used to ensure that where someone has opted out, their
record is not included in the extract
• We have a robust contract in place with the provider, which
includes a detailed managed service specification, and this covers
the IG requirements
• Identifiable data is only shared with GPs, about their own patients,
for direct care related purposes
• Other parties will be able to identify their own patients and service
users through the NHS Number (weakly psuedonymised data), to
help with service planning, including public health
• We think this is justified and in the public interest
• So the answer is ‘Yes’