NIGB Confidential Patient Information – Governance of secondary uses

Slides:



Advertisements
Similar presentations
Reconciling the sharing of research data with ethical review for research with people as participants Dr Veerle Van den Eynden UK Data Archive Data support.
Advertisements

JCAHO –A HIPAA Business Associate National HIPAA Summit
NIGB International Data Sharing Conference Oxford Tuesday 21 st September 2010 National Information Governance Board Alan Doyle - Director Karen Thomson.
NIGB Legal requirements for use of personal data in research OnCore UK / NRES Training workshop Ethical Principles relating to consent for use of samples.
NIGB Information Governance and Confidentiality Clinical Audit and Improvement Conference February 2011 Karen Thomson Information Governance Manager.
NATIONAL INFORMATION GOVERNANCE BOARD
NIGB NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE.
NIGB NATIONAL INFORMATION GOVERNANCE BOARD Harry Cayton, Chair, National Information Governance Board.
Good Medical Practice Evidence to use for Appraisal Good Medical Practice 2006.
DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Information Governance An Introduction. Information Governance Outline What is Information Governance What initiatives does IG cover.
Introduction to Information Governance (IG)
Data Protection: Health. Data Protection & Health Data Data on physical or mental health or condition or sexual life are ‘sensitive personal data’ with.
1 Confidentiality and data use in the NHS in Scotland Rod Muir, ISD.
Information Governance – Who Cares? Alistair Stewart Information Governance Co-ordinator.
Clare Sanderson Executive Director of Information Governance The NHS Information Centre for health and social care.
Confidentiality new guidance from the GMC. Statutory power to advise The Medical Act 1983 gives the GMC power to provide, in such manner as the Council.
Confidentiality & Records Management. What is Information Governance? What is Records Management?
Getting data sharing right for every child
Information Sharing Options Phil Walker. Outline I have been asked to present a range of options for lawful data sharing. There is unlikely to be one.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
Information Governance in Commissioning Mental Health Commissioners Collaborative.
National Smartcard Project Work Package 8 – Information Law Report.
Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.
The Nuffield Council on Bioethics Report : The collection, linking and use of data in biomedical research and health care: ethical issues. Martin Richards.
Audit of Practice Around Record Keeping and Partner Notification Maeve Cross & Martin Murchie.
Data Protection for Church of Scotland Congregations
Principles of medical ethics Lecture (4) Dr. rawhia Dogham.
Dealing with confidential research information and consent agreements in research Louise Corti Associate Director UK Data Archive University of Glamorgan.
Implementation of Security and Confidentiality in GP Practices.
Data Protection: An enabler? David Freeland, Senior Policy Officer 23 October 2014.
Confidentiality Dr Katherine Teare GP Educator Fellow Dr Katherine Teare GP Educator Fellow.
Information sharing: the legal framework Dr Caroline Ball Chair, Norfolk Safeguarding Children Board.
“What’s Ethics Got To Do With It” Presentation to the Canberra Evaluation Forum Gary Kent Head Governance Australian Institute of Health and Welfare.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
Processing personal health data: the regulator’s perspective Ken Macdonald Assistant Commissioner Information Commissioner’s Office.
Development of Information Sharing Guidance Richard Sewart Data Sharing and Privacy Specialist 3 rd June 2015.
Your health record How the local NHS uses and protects the information held about you Other ways that your records may be used Your local NHS services.
Access to data for local authority public health AGW Public Health Network Training Event: Public Health Data, Information and Intelligence 11 th November.
We are a group of national health and care organisations working together to provide a joined up and consistent approach to information governance. We.
Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC
Community surgery : staying out of trouble. Miss Nicola Lennard : 12 June 2015:
INFORMATION GOVERNANCE AND CONFIDENTIALITY Information Governance Facilitator.
NIGB Ethics and Confidentiality Committee Natasha Dunkley NIGB Approvals Manager NATIONAL INFORMATION GOVERNANCE BOARD.
Understanding the Mental Capacity Act David Neal Head of Policy, NRES.
Can you share? Yes you can!! Angus Council Adult Protection Maureen H Falconer, Senior Policy Officer Information Commissioner’s Office.
Partners in improving local health Slide 1 Information Governance & IT Security in the NHS Ian Davison, Director of Business Information Services Alison.
Getting data sharing right for every child Maureen H Falconer Senior Policy Officer Information Commissioner’s Office.
Data protection—training materials [Name and details of speaker]
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
Sharing Information Legally Lindsay Ould London Borough of Lewisham.
WHAT IS CONSIDERED CONFIDENTIAL PATIENT INFORMATION? Information that is not publically available that has been disclosed in confidence between a patient.
Uses of brain imaging data: privacy and governance implications Dr. Hester Ward Medical Director, Information Services Division, (ISD) Consultant in Public.
Key Knowledge Confidentiality Year 4 Medical Ethics and Law Thread Course The Ethox Centre, University of Oxford.
Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
Ethical, legal and social aspects of public health genomics Mark Taylor, School of Law, University of Sheffield 7 th November 2014.
Caldicott 2, IG and public health Julian Flowers – Director KIT (East) Confidentiality lead CKO directorate.
Data access for public health, the current position, next steps and implications of Caldicott 1 Presented by Andy Sutherland.
Information Governance A refresher for all staff who have previously gone through the full course.
Data Protection and Confidentiality
About the national data opt-out
Medical Imaging Data Access and Sharing Meeting
GENERAL DATA PROTECTION REGULATION (GDPR)
General Data Protection Regulation
New Data Protection Legislation
Operations Director, CTRU
Information for Patients Please return to reception
D3 Confidentiality.
Health Record Keeping.
Evidence to use for Appraisal Good Medical Practice 2006
Presentation transcript:

NIGB Confidential Patient Information – Governance of secondary uses Dr Andrew Harris Chair – Ethics and Confidentiality Committee NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

Information Governance: NIGB Information Governance: “The structures, policies and practice used to ensure the confidentiality and security of health and social care records, especially clinical records, and to enable use of them for the benefit of the individual to whom they relate and for the public good” NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

The legal framework for disclosure of confidential information NIGB The legal framework for disclosure of confidential information Confidentiality - Common law duty of confidentiality (CLDC) Fair Processing - Data Protection Act 1998 (DPA) Privacy - Human Rights Act 1998 (HRA) NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

Ethics & Confidentiality Committee NIGB Ethics & Confidentiality Committee Advises whether disclosures of identifiable data meet conditions of s 251 NHSA 2006 Advise SoS - set aside legal risk of breach of CLDD Confidential and for “medical purpose” Only for 2° use: “Not solely or principally for determining care or treatment to individuals” Must comply with DPA Must be no practicable alternative NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE 4 4

NIGB Data Protection Act Principles of processing include Inform patients record may be used for secondary purpose and can dissent Docs/trusts must formally authorise disclosure Must respect law eg CLDC, HRA Processors’ “equivalent” duty of confidentiality Conditions for sensitive personal data include Explicit consent “Medical purposes” NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

The legal categories for disclosure of confidential information NIGB The legal categories for disclosure of confidential information Court order Statutory power Patient consent Public interest Anonymisation For secondary uses only: s251 statutory power NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

NIGB Consent Consent to treat explicit or implied Makes disclosure legal, but no right Temporary GP staff to anonymise or to get consent – no implied consent as CLDC Impossible sometimes – scale, bias, health Variety of guidance in research world Not consenting damages trust in doctors/NHS Ethics values autonomy – no override Diluted: Broad, Group, Opt out, authorisation If ID data and cannot consent, safest >>> s251 NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

NIGB Public interest Common law - to prevent crime or harm In Scotland no s251 - some disclosures use this basis for research In England insecure, as s251 exists and ECC advice will lower risk for patients s 251: either improving patient care or PI - “A system which all reasonable individuals approve” Balance benefits and risks: Exempting from CLDC needs v low risk of harm NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE 8 8

NIGB Anonymisation Superficial Partial Remove name and address Also remove number identifiers Might not identify immediately but easy with other data Cannot identify from data alone Clinical, Teaching Local audit – not 2ry Plans needing postcode, Monitor attendance Train staff, Confidentiality in contracts, Local procedures, Caldicott advice NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE 9 9

Anonymisation or Deidentification NIGB Anonymisation or Deidentification DPA only applies to personal data Identifiable from data held or likely to come into possession Adequate anonymisation exempts ID conceivably possible, but unlikely, with sufficient effort reasonably used (ICO interpretation DPA) Risk of ID does not affect professional conscience (CLDC) Level of security from technological treatment or handling of data appropriate to harm that might result from its release (7th data principle) NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE 10 10

Levels of Pseudonymisation NIGB Levels of Pseudonymisation Reversible (Disclosive) Irreversible (linked anon) /Unlinked Remove postcode Key code and encrypt e.g. sex, disease, hosp, ethnic, dates diag /episode, birth year Cannot identify with reasonable effort and resource ID impossible from published sources; DPA exempt National audit Research, Surveillance DH, Care quality Commission, publications IG of recipient org Risk assess links Use of RECs and ECC Small group data Inference controls NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

Deidentification governance NIGB Deidentification governance Public sceptism and re-identification risk NHS pilots and toolkit, Standards Board, Information Commissioner Parallel with mainstreaming evidence based medicine in ‘80s Apply academic computer science Health professional Caldicott responsibility NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

Common law duty of confidentiality NIGB Common law duty of confidentiality Obviously private to a reasonable person of ordinary sensibilities if in the same position Affects conscience of person who receives info in knowledge communicated in confidence Detriment including damage to trust NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

NIGB Human Rights Act 1988 Duties on public bodies to uphold ECHR A8 Respect for private, family life, home, correspondence Interference necessary for… protection of health.. proportionate to harm Should not stop disclosures otherwise OK (if ethical, scrutiny of unique, or v sensitive data, and inferential risk, even though de-identified) NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

NIGB Legal Framework of information rights CDC Confidentiality DPA Data Protection HRA Privacy Patient data + Superficial and partial anon Reversible key coded - May not Irreversible/ fully anonymised NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

Informational Risk Management NIGB Informational Risk Management Importance of purpose Nature of data (how sensitive) Nature of recipient (outside NHS) Appropriateness of sharing data to recipient IG of recipient organization (corporate, Caldicott) Restrictions on usage in contract Data Sharing Agreements Scope of data (minimum for purpose) Legal risk (police, potential harm, A8??) Adherence to guidelines (GMC, REC, ECC) NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

No practicable alternative >> Section 251 NIGB No practicable alternative >> Section 251 Specific regs: cancer and communicable disease Class: anon, to consent, geog, linking, audit/analysis Confidential patient info’ – ID ascertainable even with other info likely to come into possession of processor Medical purpose necess / expedient in the interests of improving patient care or in the public interest Only if not reasonably practicable to achieve in other way, having regard to cost and technology available Maximum anonymity requirement NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

NIGB Public Opinion Surveys Support research but why and integrity REC+ECC approval 46% never 30% maybe Need surveys which objectively assess risk Find basis for reasonable expectation in CLDC Can’t imply consent without evidence Awareness and debate to change opinion Trust in doctors: public interest to preserve NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE

Supporting secondary uses NIGB Supporting secondary uses ECC not regulator but governance and legal advice ECC advises SoS - must operate within law Interpretation – reas practicable test, equiv duty, PI 100 applctns/yr (40/7) Fast track (15 – 20 days) ? New regulations - honest brokers, commissioning, national audit More anonymisation; raise IG profile, new standards Duty to balance preservation of public trust in records custodianship with other public needs NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE ]

NIGB Ethics and Confidentiality Committee www.nigb.nhs.uk/ecc Tel: 020 7633 7052 NIGB nigb@nhs.net ECC eccapplications@nhs.net Chair ECC chairecc@adrharris.co.uk NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE 20 20

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.