350 likes | 492 Views
Information Governance - Supporting National Systems ASSIST North West Branch Event Wrightington Conference Centre , Wigan. 24 th June 2008 Charles Yeomanson Acting Director of IT charles.yeomanson@uhcw.nhs.uk. Agenda. Information Governance requirements
E N D
Information Governance - Supporting National SystemsASSIST North West Branch EventWrightington Conference Centre, Wigan 24th June 2008 Charles Yeomanson Acting Director of IT charles.yeomanson@uhcw.nhs.uk
Agenda • Information Governance requirements • NPfIT Information Governance controls • Systems/products • Review of IG controls • Future implementations • Q & A
NPfIT Information Governance Requirements • OBS • NPfIT Contract Schedule 1.7 (730.) • Care Record Guarantee (CRG) • (www.connectingforhealth.nhs.uk/crdb/docs/crs_guarantee) • Statutory/legal – DPA, Access to Health records
NPfIT IG controls • Registration and Authentication • Role-Based Access Control (RBAC) • Legitimate Relationships and Workgroups • Patient Consent/Dissent • Sealed Envelopes • Audit • Alerts
RBAC • NHS Care Record Guarantee: • “Show only those parts of your record needed for your care” • Governs which functions are accessible and indirectly what type of data can be accessed • 3 attributes Job Roles, Areas of Work, Activities • Users must be granted relevant attributes by a trust nominated Sponsor • Activities may be granted automatically as a result of a user’s Job Role (and Area of Work) • Issue: Over-complexity
RBAC vision • RBAC rationalisation (V.23, V24) • Post-based allocation of access rights • Integration of HR/RA processes/technology • Further info:- • http://nww.connectingforhealth.nhs.uk/implementation/ • registrationauthorities/access-control/rbac
Patient Consent/Dissent to Share • Information sharing across organisational boundaries • NHS Care Record Guarantee: • “allow you to control whether the information recorded about you by an organisation providing you with NHS care can be seen by other organisations that are also providing you with care” • The patient consent status can have 3 values: • Consented • Dissented (implied dissent, if no NHS No.) • Not stated (implied consent)
Patient Consent/Dissent to Store • Following promises made by Lord Warner, and the recommendations of the Ministerial Taskforce a patient may choose not to have a Summary Care record • NHS Care Record Guarantee: • “Before we create your Summary Care Record, you can decide not to have a Summary Care Record at all.” • If there already was one, it will no longer be visible using the CSA • Further information: http://www.nhscarerecords.nhs.uk/patients/what-do-i-need-to-do-now/how-can-i-find-out-more/nhs-crs-summary-leaflets/summary_leaflet_online.pdf
Legitimate Relationships • Control who has access to a patient’s clinical record • NHS Care Record Guarantee: “allow only those involved in your care to have access to records about you from which you can be identified, unless you give your permission or the law allows” • A user cannot access a patient's clinical record without an LR • There can be more than one LR per patient • LRs have lifecycles(creation -> status change -> expiry) • Determined by Workgroup membership • Mostly “under the bonnet”
Legitimate Relationships • Types:- • patient referral • patient self-referral • patient registration • subject access request • patient complaint or litigation • expressed Patient Consent to access • Court Order or other legal demand • GP registration • Two types of LR enable a user working in a specific context • (defined by their profile) to gain access to a patient clinical record: • Self-Claimed • Colleague-Granted.
Receptionist may also be member of Workgroup Clinician is a member of Workgroup Workgroup Patient has “Self-referral” LR with Workgroup Clinician permitted access as has valid LR via the Workgroup to the patient Clinicians may also self-claim a direct relationship not related to any Workgroups but raising an alert Work Groups and LRs
Parent WG User is member of Parent WG Patient has LR with WG-1 WG-1 WG-2 WG-3 ‘Child’ Workgroups User permitted access as has a valid LR inherited via the Parent Workgroup to the patient Workgroup Hierarchies • LR granularity is a local Information Governance policy issue • Keep simple initially and expand with experience
Seal and Seal and Lock • NHS Care Record Guarantee: “Usually you can choose to limit how we share the information in your electronic care record which identifies you.” • Enable patient to restrict access to sensitive information • Access controlled by Workgroups • A patient has two levels of dissent to share: • Seal • Seal and Lock • Exceptional use • Alert sent to privacy officer, if someone accesses information that has been sealed by another Workgroup
Seal and Seal and Lock • Smallest unit that can be sealed is • a Clinical Statement • a document (Summary Care Record) • PACS study • Can be done at the time, or retrospectively • Acknowledged in Clinical Decision Support (CDS) and transfers between systems • RBAC controls are required for the management of sealing • Sealed data can be accessed with patient consent or with legal justification • Refusals carry a reason and a free text note (sent to PSIS)
Clinician Sealing • A clinician may feel that there is some information that they should seal from the patient • On sealing, information • is visible to all clinicians • should not be passed to PSIS • is not included in Subject Access Request/HealthSpace • Clinician seals do not expire on the death of a patient
Use of Clinician Sealing • Clinician seals can be used when:- • the disclosure of information is likely to cause serious harm • a child or person lacking competence has requested that the information is not disclosed to their guardian • confidential 3rd party information is present • a patient has explicitly asks not to know about it • Information needs to be temporarily withheld, which might otherwise alarm the patient • Test results will be automatically withheld for a standard period of time
Audit • NHS Care Record Guarantee: “keep a note of everyone who accesses the records about you” “Every time someone accesses your record, we keep a record of who they were and what entries they may have made.” • Who has done what, when and to whose record • Audit of creation, viewing, updates and soft deletions of records • Outputs and configuration changes • Contractual requirement, but different degrees of implementation • Current systems mainly lack user reporting capability • Comprehensive audit functionality in Lorenzo Rel. 1 • Currently work being undertaken with suppliers on national audit
Alerts • NHS Care Record Guarantee: • “There may be times when someone will need to look at • information about you without having been given • permission to do so beforehand. This may be justifiable, for • example, if you need emergency care. We will tell you if the • action cannot be justified.” • Privacy Officer alerted when anyone accesses sealed information without (electronic) permission, with or without patient consent • Patients must be alerted (via HealthSpace) of any: • change in sealing status • access that triggers an alert • Alerts are through TES (Transaction Event Service) • Generated now for Self-claimed LRs with Clinical Spine Application (for accessing PSIS with Spine release 2006-B)
Data Sharing with Lorenzo • NME single database instance • Data sharing from Release 2 onwards • Require LRs to control access • LRs require PDS-traced NHS number • Must acknowledge Consent to Share • Access to untraced patients in the MPI restricted to the organisation that created them
Surveillance & Screening Surveillance & Screening GP GP Protocols Protocols Document Mgt Integration Document Mgmnt Integration Mobility Mobility Integrated Care Pathways Integrated Care Pathways Release 4 Releae 4 Stock Management Stock Management Commissioning Commissioning Interactive Charting Interactive Charting Non Non - - Patient Requests Patient Requests Device Integration Device Integration Tray/Instrument Management Tray/Instrument Management SystmOne Integration Social Care Messaging Social Care Messaging Inpatient Prescribing Inpatient Prescribing Medication Administration Medication Administration Release 3 Enhanced PSIS Enhanced PSIS Theatres Theatres Multi Multi - - Resource Scheduling Resource Scheduling Inbound ADT Messages Inbound ADT Messages Maternity Maternity Advanced Bed Management Advanced Bed Management Emergency Care Emergency Care Coding and Grouping Coding and Grouping Caseload Management Caseload Management Daycare Management Daycare Management Contact Management Contact Management Care Plans Care Plans Patient Confidentiality Patient Confidentiality Patient Identity including PDS Patient Identity including PDS TTO/OPD Prescribing TTO/OPD Prescribing Release 2 Referrals Referrals Outpatients Outpatients Mental Health Administration Act Mental Health Administration Act Access Planning Access Planning Contract Management Contract Management Mental Health Reviews & Tribunals Mental Health Reviews & Tribunals PSIS View & Initial PoC Inpatients Inpatients Document Tracking Document Tracking PSIS View & Initial PoC Consent to Treatment Consent to Treatment Requests & Results Requests & Results Clinical Documentation Clinical Documentation LRS LRs Release 1 Task Management Task Management Clinical Coding (inc SNOMED) Clinical Coding (inc. SNOMED) Multi Multi - - Campus Campus EPR Views EPR Views Core LORENZO Framework Core LORENZO Framework Inbound ADT Messages Inbound ADT Messages Lorenzo Releases – Functional Summary
Workgroups and LRC Artefacts SDS Workgroup Hierarchy NHS Trust NHS Trust Associating an Artefact with a Workgroup enables record access control in the application workflow Lorenzo Operational Artefact Oncology Seafield Oncology Clinic NT1 CL1 SF3 Clinics Clinics Specialties Users can be grouped into teams and associated with artefacts Seafield Antenatal SF1 NT1 Oncology Oncology Landscale Dermatology SF2 NT2 Dermatology 1st Wednesday Team Oncology Oncology 3rd Wednesday Team SF3 NT3 SF3 Cardiology SF3 Registered Users
Deployment of Legitimate Relationships • Can be enabled on a Trust by Trust basis subject to the consent of each individual Trust. • The design of LORENZO allows a CSC administrator to turn on LR creation and update separately to • Turning on LR confirmation for each NHS Trust that is going to support use of legitimate Relationships at Release 1.
Update on SHA-Hosted PCT Events • Pilot consultation January • 10 events February • Follow-up March • Attendees:- • Heads of IG, IM&T, Information Security, Compliance & Governance, Performance & Information, RA Managers, Auditors, Data Quality, Primary Care Facilitators, … and a Caldicott Guardian
SHA-Hosted PCT Events – Issues Raised • Operating Model/Implementation Support: • Mis-alignment of IM&T DES and IGT • Lack of resources • Lack of skills/vacancies • Lack of importance given to IG • Variety of job roles/fragmentation of IG • Lack of national direction • Inaccuracy/lack of clarity around IGT • Lack of IG training • Lack of Tracking Database training
SHA-Hosted PCT Events – Issues Raised • Communications: • Lack of internal comm’s to PCT and via SHA • Lack of mandate to communicate to GPs
SHA-Hosted PCT Events – Suggestions • Materials: • SoC in a Box • Checklist of actions for PCTs • Timeline of activities for PCTs
SHA-Hosted PCT Events – Suggestions • Events: • IGSoC team to attend IG forums • Hold National IG forum • IGSoC team to attend regional PRIMIS forums to make facilitators aware of latest developments • Include rep from DIPU in future events • Include someone who has successfully tested things out to share lessons learnt in future events • Hold workshops for PCTs to share best practice
SHA-Hosted PCT Events – Suggestions • Communications: • More regular comms (mailing lists) • Sharepoint site for SHA • Membership and contribution to eSpace • Be more interactive with GPs / give them more info of IGSoC requirements • Contact IGT administrators directly • Establish communication links with PCTs
SHA-Hosted PCT Events – Contacts • David Stone – Communications Manager • david.stone@nhs.net • Jan Birley - Migration Manager • jan.birley@nhs.net • IGSoC Team • 0113 397 3646 • IGSoC@nhs.net