Security and Confidentiality in Integrated Care Records Peter Singleton Senior Associate, Judge Institute

advertisement
Security and Confidentiality in
Integrated Care Records
Peter Singleton
Senior Associate, Judge Institute
Research Fellow, UCL
The Goal: Integrating care
between agencies
Gain operational efficiencies (lower costs)
• Minimise replication of data entry and data
storage (& better validation?)
• Share development costs across agencies
Improve quality of service
• Avoid clients slipping through cracks (e.g.
Victoria Climbié)
• Better management of process & resources
Give better/faster service to client
• Support process redesign,
improvement in care pathways
Moving from paper to computer
• Accessibility
– Audit Commission (1996) – 35% of hospital records missing
– Multi-location, easily reproduced – security?
• Accuracy/reliability
– 19% of GP records have errors (ERDIP 2002)
– Active validation and cross-checking
– Issues of context and local practice
• Consistency
– Elimination of duplicates
– Problems of ‘ownership’
• Confidentiality
– All data may be available – how to protect?
– How can patients choose to ‘hide’ data?
Moving from silos of care to
integrated care
• Currently individual actors (hospital clinician,
GP, Social worker) passing messages
(referral letters)
• Industrial model: master craftsman – guilds
and professional silos
• Trying integrated teams and joint working
• We need integrated processes across teams
and organisations – this is the change ICRS
can offer if done properly
Building Quality into the system
• Early feedback to minimise errors
– Decision-support systems: pertinent information
and quality checks
• New systems to support new ways of working
– Automating current practice is not enough
– Need to focus on patient experience
– Have planned pathway which is clear to all
(including patient/client)
• Quality will bring effectiveness and efficiency
gains
Information Governance
• HORUS model:
– Holding/Obtaining/Recording/Using/Sharing
• Integrating Initiatives:
– Caldicott/Confidentiality Code of Practice
– Data Protection/Freedom of Information
– Data Quality/Controls Assurance
– Records Management
– Information Security
• Missing ‘Stewardship’
Issues to consider
•
•
•
•
•
•
•
•
Sharing between NHS agencies
Sharing with Social Services
Sharing with other agencies
Public Expectations
Managing consent
Effective security
Accessing real data
Implementation
Sharing between NHS agencies
• Barriers
– Concerns over legal position
– Inconsistent use of NHS Number
– Different coding systems
– Supporting consent/dissent
• Drivers
– PCTs & StHAs
– National Programme (NPfIT)
– Waiting Times/eBooking
Sharing with Social Services
• Barriers
–
–
–
–
[Lack of] concern over legal position
Identifiers: use of NHS Number?
Different domains - coding systems
Supporting consent/dissent for different purposes
• Drivers
– Shared Services/ SAP requirements
– National Programme (NPfIT)
– Waiting Times/Bed-blocking
Sharing with other agencies
• Education, Police, Home Office
• Supporting immigrants
• Managing poverty/health/crime
Public Expectations
• What do the public currently think happens?
– Generally assume records are shared, and
surprised that they are not
– Do not realise that most GP Receptionists can see
their records
• What do we tell the public so that they know
what to expect?
• How do we need to change so that they have
a reasonable chance of knowing?
• Do they have a choice? What can/could/
should they choose?
Managing consent
•
•
•
•
How much informing?
When/how to inform?
How much consent? Opt-in vs. opt-out
Children/Cognitively impaired/elderly/
seriously injured?
• Consent to what? Direct care/planning/
clinical audit/ financial audit/ research?
Effective Security
• There is no 100% security – focus on
weakest areas first
• Involve users otherwise they will defeat
the system (or worse not adopt it!)
• Be proportionate
• Monitor and improve rather than
seeking illusion of 100% safety
• Remember we are seeking to improve
healthcare!
Accessing real data
•
•
•
•
•
Research Ethics Committees
Other bodies: SCAG & PIAG
Data-sharing agreements
Respecting restrictions
Minimum data usage
Implementation
•
•
•
•
•
Clear process for change (NPfIT not clear at present)
Clear information for public on how data will be used
Mechanism to support choice
Design for flexibility
Do not underestimate need for culture change –
people need to recognise need for change and
embrace it
• Do not forget dynamics of change and need to align
incentives to create context for change
• Do not forget why we are doing this
– to improve healthcare
Managing Risk
• You cannot eliminate all risk - you may
plan to avoid certain risks, or take
actions to minimise the impact of an
event, or plan actions to recover quickly
• This risk of not providing good
healthcare is almost certain if we don’t
seek to improve
• All actors must be aware of risks and
what should be done to minimise them
CLEF Project
• Clinical eScience Framework (CLEF)
• Seeking to deliver ‘near anonymised’ medical
data repository via GRID
• S&C outputs:
– Accepted policies, protocols, and procedures
– Proof of ‘pseudonymised’ route to protect patients’
interests and preserve usefulness of data
– Separating ‘wheat from chaff’ to improve data
value and improve confidentiality
– Establish mechanisms for monitoring queries for
inferential attack
Thank you
Abstract
Peter Singleton reviews the reasons for Integrated Care Records
and how Security and Confidentiality issues affect the approach to,
design of, and implementation of ICR systems.
There are plenty of technical issues to be addressed, but a number
of policy and cultural aspects also need to be addressed, so that
any ICRS can be implemented effectively.
Trade-offs have to be made between the benefits that ICRS can
potentially bring and the requirements for 100% water-tight security
& confidentiality.
These issues are not insurmountable, but require clear direction
from the centre and flexibility in the approach used in order to
support a transition to better ways of working.
Biography
Peter Singleton is a Senior Associate at the Judge Institute of
Management at the University of Cambridge, a Research Fellow at
University College London, and a Director of Cambridge Health
Informatics.
He has specialised in electronic health record systems and, in
particular, security and confidentiality issues, since attempting to
deliver a prototype EHR system in 2000. He has written a number
of papers on confidentiality issues.
He is currently supporting the DoH and NHS Information Authority
on Information Governance, working on the Clinical eScience
Framework (CLEF) project on confidentiality issues, as well as
leading the European ‘The Informed Patient’ initiative.
He has an MA in Mathematics and an MBA from Cambridge
Download