Health tech chief medical officer Dr Shaun O’Hanlon offers some best practice advice on sharing patient data.
“The duty to share information can be as important as the duty to protect patient confidentiality.” Dame Fiona Caldicott
It’s been four years since Dame Fiona Caldicott made this statement which perfectly encapsulates both the opportunity and the challenge of sharing patient data between NHS services.
So how far have we come in recent years?
Remember the benefits
Let’s start by remembering the reasons why we want to share information. Quite simply, sharing data is essential if we are to provide the very best care we can to patients. It also enables our stretched healthcare services to work in the most efficient way possible.
Reducing pressure on urgent care services is a good example of the very tangible benefits of data sharing. In East London, one urgent care centre has significantly reduced avoidable admissions to A&E by giving clinicians access to the patient’s GP record – enabling them to make a full assessment of the patient’s needs before they are admitted.
The result: just 20 per cent of patients go on to A&E, with the remainder diverted to more appropriate services.
In Bristol, a pioneering GP-led service has shown how sharing information can transform the care of some of the most vulnerable in society. People attending a walk-in homeless healthcare service don’t have to repeat their complex stories each time they meet a new doctor; instead, with their consent, the duty GP can access their complete medical record.
Dr Mike Taylor, who heads up the programme, said: “In this siloed world, this is something of a miracle.”
Looking ahead, it is clear that data sharing will become an ever more important element of the changing NHS and social care landscape. Two key elements of the NHS Delivery Plan – ‘front door’ clinical streaming in A&E and effective accountable care systems – will certainly depend on it.
What does good data sharing look like?
If we accept the many benefits of data sharing, the big question becomes how do we do it safely?
Here, I can offer three core principles.
Firstly, good data sharing must be transparent, and this transparency needs to run throughout the whole process. Great care needs to be taken when setting up data-sharing agreements so that the data controller understands the rules for what will be shared, when it will be shared and with whom. Importantly, the patient must also understand who is doing what with their medical information.
There is a strong legacy of best practice to follow here. The Merseyside health economy is well known for its pioneering work in creating successful data-sharing agreements.
Transparency should include making the sharing agreement accessible for the public to view and there should be clear and prominent information about how patients can remove themselves from the process if they wish to.
It should also extend to enabling patients to see when and where their data has been shared. GP suppliers have recently started adding this functionality to their online patient record access tools. This will help increase patient trust.
Secondly, good data sharing must be secure. That means the person accessing the record needs to have a legitimate reason to do so and to have a legitimate relationship with patient. The capability to deliver a full audit trail is essential, and auditing should not just be retrospective – proactive auditing is also important to identify any patterns of use that suggest data is being wrongly accessed, and to act on this.
Finally, within my organisation, we have a saying that ‘all but only’ the information that is needed should be shared. Data sharing is never a ‘one size fits all’ arrangement.
For example, a pharmacist giving advice to a patient in a community pharmacy shouldn’t need access to the whole medical record. At the other end of the spectrum, a consultant geriatrician caring for an elderly patient with multiple co-morbidities is likely to need access to the whole medical record, ideally including the GP record and information from community services.
Then we come to the issue of patient consent to sharing medical information – one of the thorniest challenges. The furore over care.data has shown just what a minefield this can be.
Dame Fiona Caldicott found that most patients are happy for their information to be shared when it supports their care, and my own experience endorses this. Indeed, most (but not all) are surprised the NHS isn’t already sharing their data.
The challenge is to find a mechanism for capturing consent that will satisfy concerns but also not stand in the way of important treatment. I like Caldicott’s idea for a new national consent or opt-out model. However, I wonder whether, as an additional safeguard for patients, best practice might also include a double check: the clinician asking the patient for permission to access the shared record, at the point of care.
Whatever the mechanism, it is clear that much more work is needed to explain to patients the reasons why clinicians caring for them want to share their data – and to build their trust.
We have seen a sea change in attitudes to data sharing in recent years. It’s not about ‘if’ but ‘how’ we can safely share data for the benefit of patients and the service as a whole.
However, we’re not there yet and while attitudes are changing, there are still many complex issues to negotiate along the way. The forthcoming introduction of the EU’s General Data Protection Regulation may be one of the bumps in the road ahead.
I’m confident that if we all remember what we’re trying to achieve – safer, more efficient care – and work closely with patients, we can reach our final destination.
Dr Shaun O’Hanlon is chief medical officer at EMIS Group. Follow Shaun and EMIS Group on Twitter @drshaun @EMISGroup
Like this post?
Share it on Twitter