Transcript Data Protection Issues - Breathe! Berkshire West

DATA PROTECTION ISSUES
Dr Julian Brown
Diabetes Manager – Caldicott 1


Justify the Purpose
Developed for three reasons:
 My
Diabetes Patients were not getting the information
they needed to optimise their care.
 Integrated Care was not happening in my PCT
 Patients at risk were not being picked up in both my
surgery and in my PCT (I have been Prescribing Lead
since 2006)
 Diabetes Manager will improve Patient Care, Reduce
waiting times, Improve Education, Empower the
Patients and Save Lives.
Diabetes Manager – Caldicott 2


Don’t Use Patient Identifiable Data Unless
Absolutely Necessary.
Every Other Patient Summary Records Uses PID
 This
is not acceptable for any cloud based technology.
 It is not necessary.
 No Patients Names, Addresses, Telephone Numbers,
NHS numbers are stored on our Remote Server.
NHSpatient.org was Carefully Created to allow maximal
integration of care whilst protecting the privacy of the
Patient.
Diabetes Manager – Caldicott 3

Use the minimum necessary patient-identifiable
information.


No Name, DOB, Address, Telephone Number, email,
Hospital Number
After Discussion with GPs, Diabetes Consultants,
Diabetes Nurses and Patients:
All conditions Read Codes
 All medications
 All Blood Results
 Patient’s Treatment Plan
 Risk Alerts
 Users with Access to the Patients Record

Specific Concern


I don’t think you can justify extracting someones HIV
status/sexual history etc (for a DM project)
“because we might use it for other CDM in the
future.”
Diabetes affects or is affected by most conditions.
SPC sheets Kaletra (lopinavir)



Special Warning – “Hyperglycaemia”
“New onset diabetes mellitus, hyperglycaemia or
exacerbation of existing diabetes mellitus has been
reported in patients receiving protease inhibitors. In
some of these the hyperglycaemia was severe and in
some cases also associated with ketoacidosis. Many
patients had confounding medical conditions some of
which required therapy with agents that have been
associated with the development of diabetes mellitus or
hyperglycaemia.”
Blood Glucose Elevation reported as common
SPC Norvir (ritonavir)


Special Warning
Diabetes mellitus and hyperglycaemia: New onset
diabetes mellitus, hyperglycaemia or exacerbation of
existing diabetes mellitus has been reported in patients
receiving protease inhibitors. In some of these the
hyperglycaemia was severe and in some cases also
associated with ketoacidosis. Many patients had
confounding medical conditions, some of which required
therapy with agents that have been associated with the
development of diabetes mellitus or hyperglycaemia
SPC Atripla
(efavirenz,emtricitabine,tenofovir)




Boxed Special Warning
“Lactic acidosis, usually associated with hepatic steatosis, has been
reported with the use of nucleoside analogues. Early symptoms
(symptomatic hyperlactataemia) include benign digestive symptoms
(nausea, vomiting and abdominal pain), non-specific malaise, loss of
appetite, weight loss, respiratory symptoms (rapid and/or deep
breathing) or neurological symptoms (including motor weakness).
Lactic acidosis has a high mortality and may be associated with
pancreatitis, liver failure or renal failure. Lactic acidosis generally
occurred after a few or several months of treatment.”
Common SE “Hyperglycaemia”
Interacts with Statins
Diabetes Manager – Caldicott 4

Access to PID should be on a strict need to know basis.
Only those that need it.
 Only have access to the information they need.







PID!
Access Controls
2 factor authentication
Data Splitting
Read Code Filtering
Complete log file of who accessed who at what time.
Diabetes Manager – Caldicott 5
Everyone with Access to PID should Be aware of their
responsibilities:
 Within Our Organisation.
 Within the Hosting Company.
 Within Your Organisation.


Only Steven and James have access to the database
which contains no PID.
Your Data will be stored a maximum security UK server.
(the bunker.net) with full ISO27001 governance.
Diabetes Manager – Caldicott 6

Understand & Comply With the Law
 Diabetes
Manager, Eclipse Solutions and
NHSpatient.org all comply with the Date Protection Act,
NHS regulations and the NHS confidentiality code of
practice.

Many alternative programs do not
Extra Issues - 1


Patients that Have signed out of the NHS Spine will
not have any data extractions.
There is an ability for these patients to sign back in
using a specified read code.
Data Should be Hosted Securely







ISO27001
24 hour security
Nuclear Bunker
NHS Approved
Proven Track Record
Stand Alone Server
http://www.thebunker.net/wpcontent/uploads/2013/02/casestudyCimarFINAL.pdf
Should Be Excellent Disaster Recovery





SAN Hard Drives
Industrial Level Servers
Onsite Back up
24 hour support
Continual Automated Tracking
Clear Data Protection Statements





We look after your Patient’s data securely and
reliably.
Your GPs have complete governance over who has
access to data relating to their patients.
Phase 2 will allow patients to control this.
No data is passed onto third parties without
permission.
Currently most GP systems already do this.
Projects with Third Parties




NHS England – David Cousins, David Garrett and
Professor Tony Avery (Patient Safety Project)
Cambridge Cancer Research Network.
Imperial College Global Research Unit (Sir Tom
Hughes-Hallett)
Opt in only
Projects with Pharmaceuticals






Essential for the future of R&D
Anonymised Data Only.
Can create significant revenue for the Practices and the
CCG.
Similar Principles to Dispensing.
Opt in only.
The aim is to have IT creating revenue for your
organisation whilst improving patient care not utilising it.
Data Integration


It is essential that any IT databases utilised by the
NHS can be used by standard equipment and
integrate with secondary databases.
Diabetes Manager links with:
 Prescribing
Data
 Referral / Admission Data
 Blood Glucose Meters
 BP machines.
Data Integration needs to be Accurate


Link through Patient Card
N3 Server integration
 Links
hospital number and nhspatient.org number
 Allows secure mapping in restricted environment.
 Allows removal of PID from admissions data whilst
maintaining audit.
 Needs
Secondary Consent