In most large provider organisations, such as NHS trusts, staff will continue to record patient safety events on to their organisation’s local risk management system (LRMS) which will then upload directly to the new national Learn from patient safety events (LFPSE) service  – once local systems have been upgraded to LFPSE compliant software.  

Organisations without a LRMS, and their staff, will need to register for a LFPSE account before they can access the system and begin to record patient safety events. This is done via the Learn from patient safety events online service.  

There are four main external user account types in the LFPSE web application, which each allow the user different privileges relating to what data they can record and/or edit, and what data they can access to view.  

Once registered, you will be able to request upgrades to your account type. To help you chose the right one, we have listed details of each account type below.  

Account type summaries 

Standard

A standard account is suitable for the majority of users, and provides the ability to:  

• Submit patient safety events  
• Save drafts of patient safety events to be accessed and completed later  
• Access patient safety events already completed by that user, to review or amend the details.  

Access to records on the online service:

• Only has access to records they themselves have created. 
• Free text is scanned and PII removed before it is made available to the user.  

Access controls:

• Users applying with an nhs.net email address are auto-approved for the organisation they are registered with in NHS England Applications (Okta) and any organisations they add within the LFPSE web application.   
• Users applying from other email domains need to be approved by super admins (NHS England internal team).   

Organisational

An organisational account type is suitable for users who have responsibilities for reviewing, updating or overseeing patient safety events completed by any user within their organisation. These are likely to be individuals working in the patient safety or risk management teams, where they exist; or other individuals with responsibilities for monitoring or responding to patient safety events in their organisation or wider area of responsibility; or quality assuring the information provided by the people creating the initial records.  

An organisational account provides the same abilities as a standard account, plus the ability to:  

• Search for, review and update records of patient safety events submitted by any user within their organisation or wider area of responsibility.  
• See who within the organisation or wider area of responsibility has submitted and updated the record, but only view anonymised free text, with names and other identifiers redacted from the event descriptions.  
• Complete a review of an event record.  

Access to records on the online service:

• Has access to records they themselves have created. Free text is scanned and personally identifiable information (PII) removed before it is made available to the user.  
• Read/write access to the main details of any record created from within their registered organisation(s), read-only access to the statutory and national policy information, and read-only access to their child organisations’ records*.   
• Free text is scanned and PII removed before it is made available to the user.  
• The name and the organisation of the user who created the record is visible, unless they have recorded anonymously.  

Access controls:

• A standard user can apply for an organisational account and the request will be approved or rejected by the local admin user. If no local admin is yet assigned, the user is informed to contact their organisation to allocate an admin user or request to be an admin user themselves. 

Admin 

Admin accounts have the widest access to functions and responsibility within the system. Admin accounts are designed to be used by people within an organisation who have responsibilities for the highest level of oversight of patient safety events, including the authorisation to declare Never Events and Serious Incidents; responsibility for ensuring statutory reporting requirements are met; and the ability to approve account access for other users within their organisation or patch.  

An admin account provides the same abilities as an organisational account, plus the ability to:  

• Complete statutory and national policy reporting and response requirements for all events submitted within their organisation.  
• Approve and reject requests for organisational access and admin accounts from users within their organisation and external commissioner “read-only” users.  

Each organisation might decide to approve more than one admin user to split responsibilities for account management and event oversight between different individuals, and to ensure cover during periods of leave. 

Access to records on the online service:

• Has access to records they themselves have created. Free text is scanned and PII removed before it is made available to the user.  
• Read/write access to the full details of any record created from within their registered organisation(s), including the ability to complete or amend the Statutory and National Policy Information, and read-only access to their child organisations’ records.   
• Free text is scanned and PII removed before it is made available to the user.  
• The name and organisation of the user who created the record is visible unless they have recorded it anonymously.

Access controls:

• A standard or organisational user can apply for an admin account.  
• If their organisation has a nominated admin, the request will be approved/rejected by them.  
• If no local admin is yet assigned, it can be approved or rejected by super admins within NHS England. 

Commissioner – ICB/Regional user (organisational or admin accounts for ICBs and/or regions)  

With the advent of ICBs and their evolving commissioning roles, LFPSE has an organisational or admin user type specifically for ICBs. The only difference with these account types is that it is read-only access.

Access to records on the online service:

• As well as access to their own ICB’s data, organisational and admin users from ICBs will have read-only access to the records relating to organisations within their commissioned area as defined by ODS (e.g. primary care, acute trusts etc).  

Access controls:

• This is controlled by the LFPSE ‘parent/child’ hierarchical data supplied by ODS. Approved users within regional teams and ICBs will now be able to view record-level data from organisations within the system to support their remit under the Patient Safety Incident Response Framework (PSIRF). 

Commissioner read-only user (cross-boundary commissioning arrangements)

ICBs and regional users may also require oversight for some organisations outside of the ODS hierarchical framework (e.g. cross-boundary commissioning arrangements).

Access to records on the online service:

• Once permission is requested and granted, users will have read–only access to these specifically selected organisations.

Access controls:

Any user can apply for a “read-only” account.  

• If the organisation has a nominated admin, the request will be approved/rejected by them.  
• If no local admin is yet assigned, the user is informed that their request cannot be approved, and they will need to approach the organisation directly to allocate an admin user. 

Super admin

Super admins sit within the NHS England National Patient Safety team, with operational responsibility for the LFPSE service. They can delegate permissions within internal NHS England apps, as well as supporting provider and commissioner user permissions.

Access to records on the online service:

• This varies by post. Some users with responsibilities for e.g. quality assurance or clinical review will have full access to all LFPSE data via internal LFPSE tools (Anonymisation App; National Review Deep Dive tool).  

Access controls:

• Super admin users can approve other super admin users within the National Patient Safety Team. However, super admins cannot alter their own permissions. 

Full account type permissions 

The table below summarises the full list of activities each account type can perform, including accessing data, editing rights and fulfilment of governance activities. 

*Commissioner admin/organisational users will be provided with all of the data within their area automatically, according to the national ODS hierarchies. Where an organisation’s data is not provided, please use the ‘read-only’ user type to request access to it. 

**Exceptional circumstances – when there is a genuine requirement to see an organisations data during cross-boundary commissioning arrangements 

These arrangements will be kept under review with users to ensure they are appropriate and fit for purpose.  

Accessing aggregate data 

In addition to the above account-based access, the forthcoming Recorded Data Dashboard will allow anyone to see aggregate data (with small-number suppression to ensure the data remains non-identifiable) from all organisations using LFPSE, to support learning, improvement and prioritisation.