Sharing data held in electronic patient records impacts on patient care and is crucial to maintaining and improving health. Sharing data and information is particularly important for patients who suffer from long-term or chronic illnesses, as well as those with rehabilitation or palliative care needs.
Research and analysis of anonymised and pseudonymised NHS data provides valuable insights and information for those involved in regional and national decision making, business functions and population health management. In the past, models of sharing data and clinical records, to support these aims, has been patchy and not uniformly led by common principles of clinical communication and governance.
Strategic context
The NHS is made up of hundreds of separate, yet linked, organisations who between them shoulder the burden of managing complex interactions and data flows between providers, systems, and individuals.
The NHS Long Term Plan sets out a wide-ranging and funded programme to upgrade technology and digitally enabled care across the NHS. NHSX, now part of the Transformation Directorate of NHS England, led the digital transformation of health and social care for several years. It is expected that other more recent structural changes will enable joined-up projects, more sharing of technological advances, and uniform guidance on clinical communications and governance, whilst driving the digital transformation of the NHS and social care.
Patients are becoming increasingly aware of how their health data is used. The accelerated citizen access to GP data initiative being led by NHS England (NHSE) will bring patients closer to their health data. In some instances, patients can now choose to share their own records, for limited uses.
As a result of the opening up of record access, practices may well receive queries from patients about how their data is used. They can be directed to the following for more information and advice:
- NHS UK
- National Data Guardian
- Patients’ Association(telephone 020 8423 8999 or email helpline@patients-association.com)
Note: This article does not provide information on how data flows into the GP record from other services.
Purpose
Appropriate information sharing is essential for the provision of safe and effective health care. Patients could be put at risk if those who provide care do not have access to relevant, accurate, high clinical quality and up-to-date information about them.
Sharing data effectively within the NHS gives service providers the opportunity to free up time and resources to focus on providing patient-centred care at the point of need, as well as the wider opportunity to manage population health on local and national scales.
Ensuring that staff, patients, commissioners, decision-makers, and approved research organisations have access to the right data, at the right time, is vital to the NHS providing effective, safe, good value services.
Ensuring that the correct controls and standards are met, for both the provision of direct care and for planning and research is vital too. It’s important to understand that the controls and standards for each are different.
For direct care, the key clinical record sharing requirements, based on the Caldicott principles for sharing sensitive personal information, are:
- information can be shared only for legitimate purposes (such as the provision of care)
- sharing of no more information than is necessary for the purpose, i.e., information sharing does not equate to total disclosure
- when used for medical purposes, information will be accessible to health professionals, clinical or non-clinical, with a duty of care to keep it confidential
Key benefits of sharing data for direct care
The case for sharing data from health and care records is compelling. Current initiatives suggest that sharing accurate information safely and freely across organisations has the following potential benefits:
For patients:
- improves citizens’ experience by avoiding the need for them to provide the same information to different health and care professionals repeatedly, with the associated risks of forgetting something vital
- improves efficiency by reducing the need for unnecessary, repeated, tests
- improves safety and experience by making comprehensive and reliable allergy, medication, diagnosis, and social circumstance information readily available across all health and care settings, for example in A&E or when an ambulance is called
- improves citizens’ engagement in their own care and adherence to medication and care plans by providing individuals with access to shared clinical records
For clinicians:
- improves health and care professionals’ understanding of an individual’s condition, which enables clinicians to provide a personalised treatment plan, if appropriate
- may prevent unnecessary admissions, or support more appropriate admissions to hospital by giving health and care professionals more information about the individual when making their clinical decisions
- saves time by reducing the need to manually request information
For practices and primary care networks (PCNs):
- allows wider PCN members, such as a district nursing team, or mental health practitioners, to be better informed about an individual in their care
For service providers and commissioners:
- saves money by avoiding duplicate tests or assessments
- supports safeguarding by sharing alerts across multiple care settings for both adults and children
Patient consent and the risks of not sharing in relation to direct care
There is another article in this series on consent to using and sharing patient information.
Multidisciplinary and multi-agency teamwork is placing increasing emphasis on integrated care and partnership working. Information sharing is central to this, but information must be shared within the framework provided by law and ethics.
The usual basis for sharing information for a patient’s own care is with the patient’s consent, whether that is explicit or implied, or the consent of their nominated proxy should they be unable to give consent for any reason.
Asking for a patient’s consent to disclose information shows respect and is central to effective communication between doctors and patients. Under the common law duty of confidentiality (CLDC) consent may be:
- explicit (also known as ‘express’) given when a patient actively agrees, either orally or in writing, to the use or disclosure of information, to further support patient care, for example referral to secondary care or social services
- implied, in circumstances where it would be reasonable to infer that the patient agrees to the use of the information, even though this has not been directly expressed, for example, emergency admission to secondary care
In some circumstances clinicians may rely on implied consent to access relevant information about the patient or to share it with those who provide (or support the provision of) direct care. The General Medical Council (GMC) has guidance for clinicians for using and disclosing patient information for direct care.
Patient objections to sharing information for their own care
In the event of a patient objection, clinicians should not disclose the information unless it is requested by court order, is in the public interest, or is of overall benefit to a patient who lacks capacity to make the decision.
Clinicians must explain clearly to the patient the potential consequences of not sharing information to those providing care.
Consideration should be given as to whether a compromise can be reached. If, after discussion, the patient (with capacity) still objects to the disclosure, and the clinician believes the information is crucial to the further treatment of the patient, then the patient should be advised that onward referral and treatment may not be possible without the information being shared.
For further information take a look at the information sharing training through Health Education England’s eLearning for healthcare (elfh) programme.
Ways that data and information are shared
NHS services have historically had numerous ways of sharing, viewing, and moving information around. Sharing information has made use of different technologies, using different operating systems, different languages, system specific standards and confusing acronyms. This has led to a need for change, to progress to a point where language and definitions are the same or mutually understood.
The NHS Long Term Plan commits to ‘mandate and rigorously enforce technology standards … to ensure data is interoperable and accessible’ and ‘requiring every technology supplier to the NHS to comply with published open standards to enable interoperability and continual improvement’.
Interoperability will allow information to flow seamlessly across systems and organisational boundaries to enhance direct patient care.
Most patients registered for NHS services in England live within an area with an on-going shared care record project. You can read more about this work and read case studies in another article in this series about the shared care record.
National shared care records (shortened to ‘shared care record/ShCR’) and other local data sharing initiatives are continually emerging across England. Information technology (IT) developments such as SNOMED CT (a structured clinical vocabulary used in electronic health records) ensure that systems speak the same coded language making the exchange of information between systems easier, safer, and more accurate.
The UK edition of SNOMED contains all the clinical terms needed by the NHS, such as procedures, symptoms, screening, assessment scales, etc. This is a big step towards a consistent vocabulary for recording patient clinical information.
Outbound data flow
Outbound data flow from primary care electronic records can be grouped very basically into the following categories:
- data that sits on the NHS Spine, for example demographic databases such as the Patient Demographics Service (PDS) or Summary Care Record (SCR)
- data exchange through the NHS Spine, for example e-referral (e-RS) and electronic prescription services (EPS)
- data that feeds into national databases such as clinical research, NHS business services, appointment databases, links to payments such as the quality and outcomes framework (QOF), directed enhanced services (DES), etc.
- data sharing into the ShCR within an integrated care board (ICB) locality
The table below gives a brief overview of names, acronyms, and the purpose. Where appropriate, the table also provides a link to the related articles in this series. Whilst all the below are dependent on data in primary care systems, you may not necessarily come across them working in general practice.
Name |
Acronym |
Purpose |
GPG article |
SCR |
Electronic record of important patient information, created from GP medical records
| ||
PDS |
National database of NHS patient details held on the NHS Spine, such as NHS number, name, address, date of birth, related people, registered GP. It helps healthcare professionals identify patients and match them to their health records
| ||
e-RS |
Electronic referral system for managing advice and guidance requests, referrals and appointment booking. Used by referrers, providers, and patients
| ||
EPS |
The Electronic prescription service sends electronic prescriptions from prescribers to the pharmacy of a patient’s choice
| ||
eRD |
Electronic repeat dispensing (eRD) is a process that allows the prescriber to authorise and issue a batch of repeat prescriptions for up to 12 months with just one digital signature.
|
Electronic repeat dispensing | |
NRL |
The NRL works by acting as a registry by creating a pointer, or bookmark, to show a user that a patient record exists and where it is held. The user can then use the information held on the NRL to contact the organisation where the record is held to request more information, or directly retrieve the record if the user’s system is enabled to allow this
|
| |
NEMS |
A subscribed service which provides a notification of an event such as a birth, immunisation, or a death. Implemented on the NHS Spine
|
| |
Local events management service |
LEMS |
A locally used version of the NEMS |
|
LHCRE |
Local projects intended to provide reference sites for sharing patient data to support direct care and support regional population health management and the development of integrated care systems/ICBs
|
| |
Shared care record (previously National shared care record) |
ShCR |
As above but a national programme of work to create local shared records building on the exemplars of the LHCRE | |
PHR |
Information managed by the patient through digital services such as the NHS App
|
| |
GPES |
The General practice extraction service collects information for a wide range of purposes including providing GP payments
|
| |
GPDPR |
Planned general practice data collection using a single extraction service rather than multiple services. Currently (March 2023) under development.
|
| |
CQRS |
The Calculating quality reporting service is an approval, reporting and payments collection system for GP practices. It helps to track the next three systems: QOF, DES, Vaccination & Immunisation (V&I)
| ||
QOF |
A voluntary reward and incentive programme, rewarding GP practices for the quality of care they provide for long term conditions. It also aims to standardise improvements in the delivery of primary care.
| ||
DES |
A voluntary scheme offered to all GP practices via a primary care network
| ||
Vaccination and immunisation |
V&I |
Monitoring of achievement and payments for vaccination and immunisation services
|
|
Critical to the success of any these initiatives has been establishing trust with professionals and the public regarding the use of information. A crucial factor is the need to be transparent about who has the information, how it is to be used, stored, and for what purpose.
Practices need to provide information to patients about how the practice processes patient data in the form of practice privacy notices, displayed both in practice and on their website. The BMA provides templates that practices may use.
Data for planning and research
The NHS cannot analyse all data on its own, so it shares data safely and securely with researchers, analysts and organisations who are experts in making sense of complex information. At any given time, the NHS will only share what’s needed for a specific piece of research, and wherever possible, any identifying information is removed.
At all times there is a requirement to have a legal basis to process personal data for secondary uses. If there has been a breach of confidence, or a misuse of private information then this potentially is a breach of the law.
The new General Practice Data for Planning and Research (GPDPR) is planned to replace over 300 outdated data collections. NHSE is working with the British Medical Association (BMA), Royal College of General Practitioners (RCGP) and the National Data Guardian (NDG) whom, as part of the GP Data Check and Challenge Advisory Group, are key partners throughout the design process.
The Government has guaranteed that access to general practice data will only be via a trusted research environment (TRE) and never copied or distributed outside the NHS secure environment. Exceptions to this are where individuals have consented to their data being accessed e.g. via written consent for a research study. This is intended to give both GPs and patients confidence that their data will be safe, and their privacy protected.
The proposed NHS England TRE will be built in line with best practice developed in projects such as OpenSAFELY and the Office for National Statistics’ Secure Research Service, and approval will be sought from the BMA, RCGP and the National Data Guardian prior to any data uploads.
This TRE will be part of NHS Digital’s[1] Secure Data Environment (SDE) which is a data storage and access platform and is built to uphold the highest standards of privacy and security of NHS health and social care data when used for research and analysis. Only approved users, with approved projects, are allowed to access and analyse data and only approved outputs can leave the environment. There will also be transparency regarding who has accessed data and for what purposes.
Building public and professional trust in how the NHS uses data is vital. Fully informing the public will help patients make informed decisions about any opt-out they may choose to invoke.
Staff and patients alike expect that:
- data security measures and strict controls on the use of the data are in place
- data controllers can clearly show how data is used and demonstrate that there is a sound legal basis for any secondary use
- there are meaningful choices for people to make about how their data is used
- there is clear information to support people to make an informed choice
Individuals can currently choose to opt out of their data being shared for purposes other than for their own care, beyond their GP (Type 1 Opt-out). Further information on Type 1 Opt-outs is available on NHS transparency notice website.
Individuals can also, or alternatively, optout of their personal data being shared with other health and care organisations for planning and research purposes (National Data Opt-out). Importantly, if a patient chooses to sign up for the national data opt out, any existing data already held about that individual can be deleted.
There are circumstances, however, where personal data may still be used, i.e. when:
- required by law
- consent has been given
- there is an over-riding public interest, such as the COVID-19 pandemic or if there is Confidentiality Advisory Group (CAG) approval in place
- information that can identify an individual has been removed
- there is a specific exclusion, for example, for the Office of National Statistics’ population census
Key benefits of data for planning and research
Key benefits for patients include:
- development of new treatments for disease
- ensuring that local communities have the health services they need
- ensuring that patients such as diabetics are receiving the vital checks to manage their conditions
- ensuring that targets such as cancer targets are being met
- data helps to plan the workforce of the future, ensuring patients can get timely access to services
Benefits for practices and primary care networks include:
- support for accurate data collection for a wide range of purposes including GP payments through GPES, QOF and DES (a current list of GP data collections can be found here)
Benefits for service providers and commissioners include:
- more accurate understanding of local populations and their specific needs
- accurate data collection to help commissioners with planning local services, including the data from GP appointments which is used to identify workforce pressures
- a data dashboard which provides an overview of appointments at general practice and includes measures such as the total number of appointments, appointment status, the mode of delivery (such as face-to-face and telephone), the healthcare professional carrying them out (including GP, other practice staff and unknown) and the time between the booking and appointment. Sharing this data helps commissioners to make decisions about short-term support measures such as winter pressures funding, as well as for long-term strategy plans such as contract requirements for online, video consultations, etc. NHS Digital is working to improve the quality of general practice data, so it fairly represents appointment activity in England
- the collection of prescribing data, used by NHS England to identify national trends, also used by integrated care boards PCNs and practices to identify local trends, off-formulary prescribing, and cost saving benefits
Risk in information sharing
Information security is the responsibility of each individual local health and care organisation, from GP practices to hospital trusts. The Data Protection Act 2018 and UK GDPR place a legal duty on controllers to secure the personal data they process.
Personal data breaches are rare, but incidents can occasionally happen, such as:
- the loss or unlawful destruction of data, for example losing an unencrypted memory stick containing data
- alteration of data, for example a staff member or hacker changing something in a patient record
- unauthorised disclosure, for example an email containing information about a patient being sent to the incorrect email address
- unauthorised access, for example accessing information that is not relevant or appropriate to a given role
Organisations should ensure robust breach detection, investigation and internal reporting procedures are in place, and must follow the guidance on reporting incidents. If there is a breach to the security of patient information and an elevated risk to patients’ rights and freedoms, then the organisation should inform those involved. The health and care organisation will also need to inform the Information Commissioner’s Office (ICO) if, for example, personal information is lost in a public place.
NHS England has produced guidance to help health and care organisations deal with personal data breaches.
Ensuring health and care data is protected and used safely is a priority for the NHS.
Related GPG content
- Purpose of the GP electronic health record
- Population health management
- Information governance and data protection
- Smartcards and access control (RBAC)
- NHS Care Identity Service 2 (CIS2)
- Consent to record sharing
- Proxy access
- Subject access requests (SAR)
- Primary Care Networks (PCNs)
- Calculating Quality Reporting Service (CQRS) and Quality Outcomes Framework (QOF)
- Shared care records
- Clinical coding – SNOMED CT
- Summary care records (SCR)
- Personal demographic service (PDS)
- Electronic Prescription Service (EPS)
- Electronic repeat dispensing (eRD)
- Interoperability
Other helpful resources
- NHS England, Data saves lives and improves care
- NHS England, Joining up health and care data
- NHS England, Information governance framework: shared care records
- NHS England (NHS Digital), Access to patient records: Responses to commonly asked questions – NHS Digital
- NHS England (NHS Digital), SNOMED CT
- NHS England (NHS Digital), Data services: what we did in 2020-21
- NHS England (NHS Digital) What we discovered when designing an opt-out service – NHS Digital
- NHS England (NHS Digital) Appointments in General Practice
- NHS England (NHS Digital) Data Security and Protection Toolkit: GDPR information
- UK, Data sharing during the public health emergency
- UK Digital and data-driven health and care technology
- General Medical Council, Using and disclosing patient information for direct care
- British Medical Association, Sharing electronic patient records for direct patient care
- Information Commissioner’s Office, Data sharing code of practice
- Understanding patient data (You Tube) Patient data saves lives: the bigger picture
Contact Information
Please email the Good Practice Guidelines team here for more information on this subject.
This email address is not intended for use by members of the public, patients and their representatives who should instead contact the NHS England Customer Contact Centre – england.contactus@nhs.net
NHS colleagues and contractors should use this mailbox for queries relating to the management of the GPGv5 and should contact the relevant NHS England team or programme for further information on topic content.