Sharing

Many of the contacts you will have with the health service will involve more than one person providing your care and many of these will be undertaken by organisations working together. Each organisation puts in considerable effort to ensure that any sharing of information is done in an appropriate and secure manner. The scenarios below describe what data is shared, why it is shared and how.

When your doctor refers you to the hospital or a specialist
Following discussion with you, your doctor will make contact with the staff providing the service you need. They will pass relevant information about your health and condition, to enable the service to set up the further care you require. This is often done by means of computerised booking systems that book you into a timeslot on the relevant clinic. On other occasions your doctor will write a letter to the service.

When your care with the other organisation is finished, they will routinely contact your doctor and inform them of the care they have provided to you, how it has gone and any parts of the care your doctor now needs to pick up.

Sharing with council services such as Social Care and Housing
Often where care is provided for you outside of hospital, there is a need to work with other agencies, so the whole package of care you require is provided. Your health can be affected by factors such as your social welfare, and your housing situation. Where it is necessary or beneficial to share some of your information with other services, staff will discuss with you what they need to share and why.

Many of the agencies work as integrated teams and share key details about you to avoid having to ask you lots of times. Often a ‘common assessment’ or ‘single’ assessment is undertaken, particularly for services for children or older people and these assessments shared between the services that work together for the person in question. This means the staff have access to information that is consistent, relevant and up to date and each member of staff does not have to ask the same questions as each other.

Sharing in emergency or urgent situations
There can on occasion be issues that need acting upon swiftly. In such circumstances it isn’t always possible to talk to you beforehand. If there is a concern that you or someone else might come to some harm or suffer avoidable distress, then information can be shared lawfully. For example if an elderly patient is visited by a care worker, who has serious concerns about their state of health, they may well speak to the person’s GP, nurse or call emergency services or if there are concerns of possible abuse or domestic violence, staff may discuss such cases to check whether their concerns need acting upon.

Sharing where there is a legal duty
There are a number of situations that can arise where the law makes it a duty that information is shared. In cases where children need to be protected organisations are duty bound to work together. If any suspected terrorist activity is identified, then organisations are duty bound to inform the authorities. If an individual contracts particular ‘communicable diseases’ then their Doctor is duty bound to notify authorities to ensure the spread of any disease is limited as far as possible (this includes cholera, plague, smallpox and others).

All these duties to share information are set out in specific laws.

Working

Quality monitoring
Whilst most treatments are effective and administered properly, occasionally things can go wrong. Staff can make mistakes and work is undertaken to monitor staff performance to identify and address problems. One activity that is undertaken is a periodic audit of patient records, to ensure that they are up to date, accurate and a reliable source of information for staff to use when caring for a patient. Out of date, inaccurate or otherwise unreliable information can cause mistakes to be made with treatment. Most checks on the quality of records are done by colleagues within the teams providing your care. Occasionally the checks are undertaken by other health professionals. 

Developing services
In order to develop both new and existing services, information from patient records needs to be extracted and analysed. Virtually all of this is done from electronic information and done on information where the identity of the person has been removed. 

Sometimes where a service is delivered across a number of organisations, such as a GP, a hospital and other health services, it is necessary to link the information from different records together, so what happened to individuals can be established. This is only possible if there is some information that can link the data from different systems. This is often done by use of the NHS number, which is a number unique to each patient, but used across different oranisations and systems and can be used to link records and information together. Where this is undertaken the personal details, such as name and address are removed and only the NHS number used to link the other details together. Whilst the NHS number is linked to the identity details of an individual, it is effectively a pseudonym to prevent their identity being obvious.

Research
The Health Service undertakes and participates in a large number of research programmes. These vary in size and complexity, some are undertaken by extracting and analysing available data, whilst many need to identify individuals with specific illnesses and conditions and engage them in trials of new treatments and methods.

Fundamental to all research is a number of stringent checks. These include checks on the potential use of patient records. Where a study wishes to use information from records, the details are extracted by an individual, such as GP or nurse who already has access to the records and are then provided to the researcher in an anonymous format.

Where a researcher wishes to contact patients with particular conditions related to the subject of the research, they will ask a surgery or hospital to identify relevant patients and will give them some information for the surgery or hospital to send to the patient. The patient then chooses whether to respond. On this basis, the researchers do not know the identity of the individuals with the condition until the patient themselves decides it is ok for the researcher to know.

Research programmes are also checked to ensure the use of the information is ethical, appropriate and conducted in a manner that ensures the security of information that is recorded and shared.

Records and information are also used to educate new staff, but again the identifying details are removed from these records, or on occasion where this may not be easily achieved, the consent of the patient is sought and respected.

All organisations in the Health Service take the security and confidentiality of information very seriously and significant effort is put into ensuring that uses of information are as secure as they can be. Each organisation is required to do the following:

• Assess their security arrangements and report to the Department of Health twice a year. The assessments are also checked by auditors once a year.
• Ensure all staff are trained how to handle information and receive regular updates.
• Run regular checks on the use of computerised records to ensure they are being used appropriately
• Have processes to report concerns or issues and ensure they are addressed swiftly.
• Ensure that controls around use of information are considered when developing and improving services.
• Check the quality of information recorded on paper or on computer systems.