 |
||
 |
||
| ||
 |
|
|
 |
|
|
|
||
 |
|
|
|
||
 |
|
|
|
||
|
||
 |
|
|
 |
|
|
|
||
 |
|
|
|
||
 |
|
|
|
||
 |
|
|
|
||
- What is the Health Informatics Centre?
- What are the sources of personal data used by HIC?
- How is patient confidentiality protected for these personal data?
- Does all work undertaken under the auspices of HIC have to be approved? How is approval obtained?
- Does HIC pass on personal data to other organisations/ individuals? If so, how is patient confidentiality maintained when data are passed on?
- Who checks that HIC is fulfilling its obligations to preserve patient confidentiality?
- If I am interested in finding out more, who should I contact?
- What is the purpose of a Caldicott Guardian?
- Who is the Caldicott Guardian? Am I allowed to contact them?
- How does HIC work with ISD?
Frequently Asked Questions
1. What is the Health Informatics Centre?
The Health Informatics Centre (HIC) links information about health from different sources in a secure, purpose built environment. We work in close collaboration with NHS Tayside's Clinical Technology Centre (CTC) but our work is quite distinct. There is one key question that decides whether HIC or CTC processes data:
Does this use of data directly benefit the patient who is the source of the information?
If the answer is yes then the work is done by the Clinical Technology Centre. An example would be allowing GPs to check on test results or clinic appointments for their patients. All other uses of data are called "secondary uses", a term that includes research, audit or management. HIC's work is focused on these secondary uses of health data.
2. What are the sources of personal data used by HIC?
Most of the data that we use comes from NHS Tayside or from ISD Scotland. A full list of all of the data sources is available here. There are two basic types of data:
- Data already available in electronic form. These may be data that are collected nationally (for example the Scottish Morbidity Record of inpatient or outpatient episodes) or they may be local to Tayside (for example laboratory test results on Central Vision).
- Data that have to be entered from paper records. The largest single example is the dataset of all medicines dispensed from community pharmacies in Tayside. HIC routinely adds the CHI number to the information about the drugs dispensed on all prescriptions, which provides a unique resource for medicines management as well as research. Other examples are data that have been entered for specific projects, which require more detail than is available in electronic data sources.
3. How is patient confidentiality protected for these personal data?
HIC has detailed Standard Operating Procedures for protecting patient confidentiality (LINK). The way that we process information means that it is impossible to identify individuals in the data sets that are used for audit, management or research.
Health records normally contain a patient's name, date of birth and/or postcode, together with their Community Health Index (CHI) number which is a unique number given to every patient when first registered with a General Practitioner in Scotland and used to index their health records. The CHI number contains within it the patient's date of birth.
HIC anonymises information taken from both electronic and paper health records. This means that whilst users of the information know that it originally came from individual patient's health records they can no longer identify any particular individual, patient, carer or healthcare professional.
HIC has a Privacy and Confidentiality Advisory Committee (HICCPAC) that was established in 2003. HICCPAC advises HIC Executive on the legal and ethical aspects of current procedures used by HIC and on public awareness of and involvement in the work of HIC.
HIC commissions an annual audit of our structures and processes The results of the audit are presented to NHS Tayside and to HICCPAC.
4. Does all work undertaken under the auspices of HIC have to be approved? How is approval obtained?
The HIC Executive takes responsibility for the work undertaken by HIC and all projects must be formally approved. Our key principle is that the work must be important to individual or public health. No data can be released from HIC until a project has been registered on our Project Management system. This ensures that all necessary permissions have been obtained, provides an archive for all documentation and an audit trail for all uses of data.
HIC Executive insists that research contracts ensure that the researchers have freedom to publish the true findings of their work without influence from the funding body.
5. Does HIC pass on personal data to other organisations / individuals ? If so, how is patient confidentiality maintained when data are passed on ?
HIC never passes on identifiable individual data to other organisations or individuals. We can provide anonymised data-sets for analysis if there is a clear reason why the work cannot be carried out within the Mackenzie Building, where HIC is located. We have a specific Standard Operating Procedure for this type of work.
6. Who checks that HIC is fulfilling its obligations to preserve patient confidentiality?
HIC's Project Management System provides an audit trail for all individual projects. We register every individual project with NHS Tayside. Each year NHS Tayside commissions an external audit of HIC and their review includes taking a random selection of projects from this register for detailed scrutiny to ensure that we have followed our Standard Operating Procedures.
We encourage an open culture amongst our staff and collaborators. They are asked to report any concerns so that we can conduct an analysis and provide a report to our Confidentiality and Privacy Advisory Committee.
7. If I am interested in finding out more, who should I contact?
Duncan Heather, HIC Operations Manager, the Mackenzie Building, Kirsty Semple Way, Dundee DD2 4BF
Yvonne Gormley, HIC External Relations Officer, the Mackenzie Building, Kirsty Semple Way, Dundee DD2 4BF
8. What is the purpose of a Caldicott guardian?
Caldicott Guardians are senior staff in the NHS and social services appointed to protect patient information. Their main responsibilities are to oversee how staff use personal health information and ensure that patients' rights to confidentiality are respected.
9. Who is the Caldicott Guardian? Am I allowed to contact them?
An up-to-date list of Caldicott Guardians will be available soon.
10. How does the Health Informatics Centre work with ISD?
HIC was created to take full advantage of the foresight of Tayside Health Board, who established a Master Patient Index over thirty years ago. This Index used the Community Health Index Number (CHINo) as the patient identifier for all health records in Tayside. The establishment of the Master Patient Index in 1978 has enabled a rich variety of work using record linkage. In 2006 the Scottish Executive mandated that CHINo should be used to index all records across Scotland so we expect the benefits of record linkage to be increasingly available throughout Scotland. In the mean time HIC provides access to the clinical experience of using the CHINO that is already available in Tayside supported by well-established processes for confidentiality and security. HIC is working closely with ISD to ensure that the benefits of using the CHINo for improving patient care can be spread across Scotland. Current examples are the Scottish Care Information demonstration projects on diabetes and cardiovascular disease. In 2007 ISD began piloting a new web-based information system called Navigator. which will provide user-friendly access to a broad range of comparative information in support of quality improvement and the review, monitoriting and planning of healthcare services. Navigator is a key element of ISD's strategy to deliver a Secondary Uses Service (SUS) for NHS Scotland. ISD and HIC have a common vision of increasing the secure availability of information from NHS Scotland in order to improve management of patients.