Recording Clinical Data

Slides:



Advertisements
Similar presentations
Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.
Advertisements

NIGB Legal requirements for use of personal data in research OnCore UK / NRES Training workshop Ethical Principles relating to consent for use of samples.
DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Principle 1 Principle 1 Processed fairly and lawfully + only with a legitimate basis There should be no surprises, so … inform data subjects why you are.
Confidentiality & Records Management. What is Information Governance? What is Records Management?
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales   
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
The Legal Framework Can you work out which slide each bullet point should go on?!
Data Protection for Church of Scotland Congregations
Implementation of Security and Confidentiality in GP Practices.
Recording Clinical Data Robert Pickard Professor of Urology Newcastle University, UK
Health & Social Care Apprenticeships & Diploma
The Data Protection Act 1998 The Eight Principles.
Data Protection Act AS Module Heathcote Ch. 12.
BTEC ICT Legal Issues Data Protection Act (1998) Computer Misuse Act (1990) Freedom of Information Act (2000)
Data Protection Property Management Conference. What’s it got to do with me ? As a member of a management committee responsible for Guiding property you.
Computer Laws Data Protection Act 1998 Computer Misuse Act 1990.
INFORMATION GOVERNANCE AND CONFIDENTIALITY Information Governance Facilitator.
DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,
Your Code of Conduct: Data Protection & Compliance Your Code of Conduct: Data Protection & Compliance for Charities.
Key Knowledge Confidentiality Year 4 Medical Ethics and Law Thread Course The Ethox Centre, University of Oxford.
Protection of Personal Information Act An Analysis on the impact.
Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
Ethical, legal and social aspects of public health genomics Mark Taylor, School of Law, University of Sheffield 7 th November 2014.
Data Protection Laws in the European Union John Armstrong CMS Cameron McKenna.
Information Governance A refresher for all staff who have previously gone through the full course.
General Data Protection Regulation (EU 2016/679)
REFLECT: Recovery Following Intensive Care Treatment
Issues of personal data protection in scientific research
Research on human biological materials: Lithuanian perspective
General Data Protection Regulation
Data protection issues in regulatory investigations
Museums + Heritage webinar, 30 November 2017
GDPR Overview Gydeline – October 2017
Data Protection Legislation
Medical Imaging Data Access and Sharing Meeting
GDPR Overview Gydeline – October 2017
EU Directive 95/46/EC (Paragraph 2) “Whereas data-processing systems are designed to serve man; whereas they must Respect their fundamental rights.
Data Protection & Freedom of Information- An Introduction
GENERAL DATA PROTECTION REGULATION (GDPR)
General Data Protection Regulation
The General Data Protection Regulation (GDPR)
New Data Protection Legislation
Appropriate Data Sharing in Health and Social Care
Information Governance
G.D.P.R General Data Protection Regulations
ScHARR Bite Size Research Ethics and GDPR: legal requirements for research - what you need to know.
General Data Protection Regulation
Data Protection principles
Information for Patients Please return to reception
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
Recording Clinical Data
How we use Your Health Records
Information management and communication
GDPR Workshop MEU Symposium Prague 2018
General Data Protection Regulations 2018
The General Data Protection Regulation Six months on – What’s changed
Recording Clinical Data
Welcome IITA Inbound Insider Webinar: An Introduction to GDPR
This project is funded by the European Union
GDPR – General Data Protection Regulation
Good Spirit School Division
ScHARR Bite Size Research Ethics and GDPR: legal requirements for research - what you need to know.
GDPR Workshop – Partnerships for Jewish Schools
Getting Ready For GDPR Simon Marks Director
GDPR what do we need to do?
Presentation transcript:

Recording Clinical Data Richard Oliver Head of Information Governance Newcastle upon Tyne Hospitals NHS Trust Additional slides: Professor Rob Pickard Introduce myself

Plan General points to consider Documentation Storage Sharing What I will be talking about

General points to consider Compliance with Data Protection Act 2018 (GDPR) Necessary approvals (REC, NHS Trusts) Where NHS patients, data or facilities are involved: Compliance with policies and standards of NHS organisation (inc. Caldicott) Status of data collector with NHS organisation . Will need R&D approval plus Caldicott guardian.

Points to consider: study specific REC submission and study protocol Patient information sheets and consent forms REC asks to set out: what data will be collected, how it will be stored, who can access, how long it will be stored for (need to justify if longer than 12 months)

Documentation – What data to record? Collect enough but no more From NHS records (can include name, address to contact patient) Data collected during study From NHS records – remains their property, cannot share with 3rd party

Consent Research is classed as secondary use of data and where possible should not include identifiable data. Consent should be a two part process. The Trust should get initial consent from patients to use their data for research. Get explicit, informed consent from the patient for the actual study. However a follow on study wouldn’t necessarily require further consent from the patient.

Consent Requirements The information that must be provided when data is obtained from the data subject includes:   Name of controller and contact details (including of data protection officer) Purposes of the processing, as well as the legal basis. The recipients or categories of recipients of the personal data, if any. The period for which the personal data will be stored. The data subject’s rights, including, where processing is based on consent, the right to withdraw consent at any time. *

Requirements continued The right to lodge a complaint with the ICO Whether the provision of personal data is part of a statutory or contractual requirement or obligation and possible consequences of failing to provide the personal data Any automated decision-making, and, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject How appropriate or suitable safeguards are achieved in relation to any personal data transferred out of Europe

Legal Basis Under Article 6, processing is permitted where - necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (Article 6(1)(e)) Public authorities with research as either an incorporated or statutory purpose (including NHS Trusts, Boards and Universities) may process personal data where necessary to fulfil their public research function.

Legal Basis Continued It is important to be clear that reliance upon Article 6(1)(e), and the need for processing for the performance of a task carried out in the public interest, does not automatically mean that the requirements of the common law duty of confidentiality have been met. The requirements of data protection legislation apply alongside the requirements of the common law duty of confidence: both must be satisfied.

Storage Medium Identifiers Paper, electronic, audio, samples – BACK-UP Anonymous (no audit trail) Pseudoanonymous (audit trial) – most usual Patient-identifiable data (to be avoided if possible) PID = names, numbers or other details sufficient enough to identify them. Keep in separate location

Storage: University Policy Adequate, relevant and not excessive Accurate Not kept for longer than is necessary Kept safe from unauthorised access, accidental loss or destruction Secure rooms/lockable cabinets Password protected Lockable filing cabinet/drawer; secure room; password protected; if on disk then disk must be kept securely

Sharing – You need permission! The patient (consent) Research Ethics Committee Caldicott Guardian HTA: anything that contains cells Caldicott – protection of PID in health service. May allow us to access data but agreement generally not to share with any third party!

Key Point Know what you are allowed to do REC application / protocol Patient information sheets / consent forms Agreements with NHS bodies University Policy and legislation: http://www.ncl.ac.uk/res/research/ethics_governance/ethics/toolkit/data/

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.