Sharing Patient Records for Direct Care – No. 20

Sharing Patient Records for Direct Care – No. 20

A new NWL Information Sharing Agreement the ISS for Direct Care (in the new terminology) replaces the “MoU” for sharing data between primary secondary and acute care for organisations using SystmOne or EMIS clinical systems. Communications have been sent to GP practices confirming that the agreement has been ratified by the NWL IG Board (where there is also LMC representation). The ISS will be made available on the Data Controller Console and all practices across NWL are requested to sign, as will our community and acute trusts who use those clinical systems.

Allowing access to clinical records in Primary Care Networks

The emergence of PCNs and their inclusion within the GP contract has paved the way for them to become the organisations through which future primary care health services will be provided.  Increasingly PCN staff need to be able to access to clinical records to support the delivery of patient care.

The organisational unit of data controller-ship remains with General Practice. PCNs despite their pivotal nature have no legal status and are not data controllers.

The new ISS for direct care outlines the governance requirements for healthcare organisations using TPP and EMIS clinical systems when sharing data for direct care and now states that

Primary Care Networks (PCNs) are now a vehicle through which health care services are delivered. Trained staff from PCNs and their GP practices will now form part of each GP practice team and will have supervised and audited access to patient records when this is required to deliver patient care.”

and also, in relation to TPP (with equivalent arrangements in EMIS)

  • Only health care organisations who have a legitimate relationship to provide care obtained through a registration process can access the full patient record by ‘sharing in’ the full SystmOne patient record from the virtual pool.
  • At all new registrations, consent is required to ‘share in’ the full SystmOne patient record from the virtual pool. For existing registrations in Primary Care consent is not required.

This significant change will allow PCN staff to see the GP record without requiring consent and in effect this policy change provides them with a Legitimate Relationship where there is clinical need. Existing GP staff will also have a legitimate relationship to access the records of all patients within their PCN in the same way that they currently have access to patients in their own practice.

In order to access clinical records PCN staff must:

  • Have a Legitimate Relationship (LR) to provide care for the patient (or be working with or accountable to an organisation who has that LR)
  • Have completed training and be able to demonstrate that they understand their legal and professional responsibilities to protect patient confidence (IG training)
  • Have completed training and be able to demonstrate competence in the use of the clinical system
  • Have access to clinical records controlled with Role Based Access Control mediated through a smart card or similar method of authentication
  • Have a contractual link to a Caldicott Guardian whose role would be to oversee 1) 2) 3), sign an RA02 for 4) and provide accountability in the event of a breach in relation to data access or malpractice.

Informing Patients

The new ISS allowing sharing of records across PCNs is a significant change and practices can and should ensure that they have communicated these changes to their patients through a variety of media. There has already been public engagement via some PPG groups at practice, PCN and CCG level, also at the NWL IG board, and through other workshops. You should discuss the changes at your local Patient Participation Groups (PPGs) and direct them to a new section in your FPNs. You may wish to use the wording below as a basis for SMS, Email, website pages or practice noticeboards:

“We are working closely with neighbouring practices within our Primary Care Network (PCN) to support your care. PCNs and their constituent GP practices are now the organisations through which primary care health services will be delivered and when providing you with care their trained staff form part of our team and will have access to your NHS GP record. Please see our Privacy Notice [include url link to your FPN] for more details or discuss at your patient participation group”

Fair Process Notices should contain clauses explaining how their information is shared and below is the suggested wording to insert into the existing section under Local Information Sharing:

Local Information Sharing

Your GP electronic patient record is held securely and confidentially on an electronic system managed by your registered GP practice. In order to provide you with health and social care services Your GP practice works in close collaboration with [insert your CCG / PCN name] a group of  [Insert the number of local practices in your PCN] geographically local practices.

Trained staff from PCNs and their GP practices will now form part of each GP practice team and will have supervised and audited access to patient records when this is required to deliver patient care.  Staff are trained to understand their legal and professional responsibilities of confidence to their patients and will only access your records when they are required to do so to support you care. They will identify themselves and their role using a smart card and access to your PCN record is recorded, monitored, and audited.

As your local PCN functionality extends they are likely to provide GP HUB and Out of Hours services directly in which case your records would be available without consent. If you require attention from a local health or care professional outside of your usual PCN services, through an Emergency Department, Minor Injury Unit or other Out Of Hours service, the professionals treating you are better able to give you safe and effective care if some of the information from your GP record is available to them. If those services use a TPP clinical system your full SystmOne medical record will only be shared with your express consent. 

Where available, this information can be shared electronically with other local healthcare providers via a secure system designed for this purpose. Depending on the service you are using and your health needs, this may involve the healthcare professional accessing a secure system that enables them to view either parts of your GP electronic patient record (e.g. your Summary Care Record) or a secure system that enables them to view your full GP electronic patient record (e.g. TPP SystmOne medical records or EMIS remote consulting system).

In all cases, your information is only accessed and used by authorised staff who are involved in providing or supporting your direct care. Aside from your registered provider your permission will be asked before the information is accessed, other than in exceptional circumstances (e.g. emergencies) if the healthcare professional is unable to ask you and this is deemed to be in your best interests (which will then be logged).

How to manage patient concerns:

Patient who register an objection can be responded to with measures to limit access to their record in certain situations  e.g:

 “My next door neighbour (with whom I have an ongoing boundary dispute) is a receptionist at a practice in your PCN and I would not want her to access my records


It is possible to configure both S1 and EMIS clinical systems to limit access to a ring fenced group of staff which would exclude the receptionist neighbour and practices can contact their IT teams to implement these changes

Patients who decline to share their records shared with the PCN  e.g:

I understand the potential benefit of sharing my record within the PCN staff and even though this might make it more difficult to provide me with care or cause potential delay, I do not want to share my record with the PCN unless I give specific permission

… we anticipate very small numbers of these patients

Solution: There are two considerations here:

  1. During short term emergency measures:  Mid COVID pandemic we have introduced short term measures allowing extended access to patient records on the basis of COPI legislation implemented in the face of urgent or life-saving clinical need (e.g. Shielded lists for vulnerable COVID patients, implementation of COVID vaccination programme at short notice, the provision of central hub based services for urgent care or out of hours care during the pandemic). In these circumstances clinically trained staff have had their smartcard permissions extended to cover access to patient records in their PCN. The controls in place here are: 
    1. Request for access will in the vast majority of cases originate from your own GP practice
    2. In the case of hub based or extended hour services patient will be able to give or decline permission at the point of care
    3. Practice staff with extended permissions have been fully trained to understand their legal and professional responsibilities to protect their patient’s confidence. They will not access patient records unless doing so is needed to provide them with care. All accesses are registered and subject to audit trails and inappropriate access is a serious and dismissible offence.
    4. PCN staff not employed by practices will have appropriate training in the use of the clinical system and their IG responsibilities. They will have a contractual relationship with a Caldicott guardian or data controller who will oversee and be accountable for their actions. Likewise they will not access records unless required to do so to provide care.
    5. The above measure restricting access in specific setting (see 1) above) will also apply
    6. Notwithstanding these controls, other than declining the provision of care (which would usually be an untenable option) there is no mechanism for preventing access to patient records whilst these COPI legislation measure are in place (until 31st March 2021) OR until the planned implementation of local instances of PCN clinical units (see below)

2. Medium term ability to honour opt- out requests. EMIS and S1 clinical systems have organisational codes and identification of these codes allows clinicians and patients to make choices about which local organisations can access patient data. PCNs are new organisations without legal status and currently they do not have their own ring fenced clinical systems with PCN codes. We are planning to implement these as soon as funds are available to do so and from that point in time (which may predate the end of COPI legislation) patients would be able to request that PCNs do not access their records, which would remain unseen in the absence of consent.

The use of honorary contracts

These are not standard contracts of employment. They provide a contractual link to a primary care organisation and Caldicott Guardian with the intention of:

  1. Creating a legitimate relationship
  2. Establish accountability in the event of malpractice or a breach

Those links are already in place within GP practice staff and additional contracts will only be required for PCN staff who need to access identifiable patient data. Because of the change in the boundary allowing access to patient records, only one PCN practice needs an honorary contract to allow a PCN staff member to access patient records across the whole PCN. Because there is risk involved in taking on a contract it makes sense for them to be shared out between the practices in a PCN.

It is not possible to share medical records without risk and the balance is between keeping records in silos which are secure but have poor data sharing, as opposed to open access where there is a high risk of breach but effective sharing of information. It follows that more staff accessing a larger number of patient records poses a potential increase in risk. It is essential that staff understand that whilst they may be able to access many records, they should only do so when their job requires it.

Responsibility and liability in the event of malpractice or a breach could be shouldered by the practice who signs the contract, but this needs to be discussed and agreed between the constituent PCN practices. Practices and PCNs are strongly advised to take part in written risk sharing agreement, the nature of which is beyond the scope of this ISS.

Example Honorary Contract

See attached document

which is short and gives an indication of the intended scope. The variation in infrastructure between the 8 CCGs makes it an impractical proposition for us to provide a standard honorary contract across NWL.  For this reason we are providing PCNs principle-based advice about their IG requirements as detailed above. Each PCN will need to construct their contracts according to their specific needs.

Shared employment

PCNs may employment staff by themselves or may use staff employed by another organisations (e.g. a community trust). In one or other of those settings there needs to a standard employment contract which will also include registration on the ESR system to monitor and audit standards set by the NHS Litigation Authority and the CQC, including:

  • including maintenance of professional registration
  • pre-appointment clearances
  • DBS certification
  • induction and mandatory training

With shared employment a written agreement should detail which responsibilities lie with which organisation. For example, a community trust working with a PCN may be able to provide training.

Required Training

NWL IT services have developed module based clinical system and IG training which can be used by HCOs for their staff. GP practices who have signed honorary contracts may be happy to delegate the scheduling and documentation to their PCN.

To book your required training please access the NWL learning Hub

The Role of Federations

Federations/Confederations exercise different functions across NWL. Where they are organising PCN services, the same arrangements (requiring honorary contracts between staff working in PCN and a constituent GP practice)  can apply. In a setting where Federations and Confederations are providing services and in that role are data controllers in their own right and are hosting an EMIS or S1  clinical system, they may also be able to take on the role of sharing records without the need for honorary contracts.

Comments are closed.