Fair processing notice
The London Health and Care Information Exchange (LHCIE) is a new service to health for care professionals that enables sharing of patient data across London.
This sharing of patient data using the LHCIE service is exclusively to support the direct care of the patients.
There are currently many different ways of sharing patient data among staff and organisations that need to see it. The LHCIE offers a safe and secure way of sharing your data so that it can be accessed only by those with a legitimate reason to see and use it for your care.
As a patient, you expect the NHS to keep up with technological developments in order to provide you with the right care as quickly and efficiently as possible, whether you are attending a clinic, hospital or GP surgery, or if you are being treated in your own home. The LHCIE is the new service that will support the NHS in London to meet this expectation.
As the team responsible for delivering the LHCIE, we have tried to use plain English to describe how the LHCIE service processes your personal data however we are aware that some of the wording in this notice may not be clear. For this reason we have added a list of useful definitions.
Who we are
The term ‘We’ in the context of this fair processing notice describes the team delivering the LHCIE.
The London Health and Care Information Exchange (LHCIE) has been developed by the London Digital Programme with funding from the Healthy London Partnership.
Confidentiality is of the highest importance to everyone involved with the LHCIE and to all the staff and organisations using it. In order to ensure this confidentiality, as well as the integrity and availability of your data, a framework has been established that sets out policies, procedures and the responsibilities of key staff. In this way oversight and control is maintained over how your data is processed within the LHCIE.
The data we process
Health and care data
The system works by allow in care staff to ‘publish’ to the LHCIE Service data that is then available to other professionals involved in your care who might be from another organisation or based in a different part of London.
In this notice the word ‘publish’ refers only to the LHCIE, and does not imply any wider availability.
The data that is published to the LHCIE can contain a variety of information about you. Examples of information that will be available to view by your care professional using the LHCIE service include:
- Results of medical tests
- Notification of Diagnosis
- Care Plans
- Clinic Letters
- Outcome of discussions between multidisciplinary care teams
- E-Discharge letters
- Documents used when transferring patients between hospitals
This is not an exhaustive list – the actual information relating to you will depend on your personal circumstances and care provided, but the purpose is to improve the service that care professionals offer to patients. The ultimate aim is for the LHCIE to provide you with integrated care that is faster and more efficient.
As a result, any of the data shared on the LHCIE between care professionals using the LHCIE service will need to contain information that they believe is required to provide you with the best care possible.
Basic personal data
In order to make the LHCIE Service work and to ensure that data passing across the LHCIE relates to the correct person, your basic personal data is matched with your NHS number and other information that central NHS systems hold about you.
This is one of the many automatic checks that the LHCIE service does in order to make sure that the patient receives an efficient service.
Metadata
This is descriptive data which helps the LHCIE service identify what type of data has been published to the LHCIE, which organisation is publishing it, and the location of the documents containing the information.
User activity data
All users will receive appropriate training on how to use the LHCIE service, including guidance on when it is appropriate to publish and view patient data using the LHCIE.
Although all organisations that use and support the operation of the LHCIE service work to an agreed set of standards and code of confidentiality, the system has been designed to keep a track of all users who log in to use the service.
All users of the LHCIE service will also be made aware of the ability of the system to track their access to patient data and that regular audits of usage will be conducted.
The user activity records, including any sensitive patient data that it might include, will be held securely within the LHCIE system’s repositories with access restricted to those with a legitimate interest in the data.
Security
As the team responsible for delivering the LHCIE, we consider the safety and security of your date to be paramount, and robust systems are in place to protect all documents published to the LHCIE and keep information about you safe from unauthorised access or tampering.
Legal basis for sharing patient data
The law provides care professionals with definitive rules on sharing of patient data. The Health and Social Care (Safety and Quality) Act 2015 introduced a new legal duty requiring health and adult social care bodies to share information where this will facilitate care for an individual.
Care teams can come from a number of organisations or areas and so it is in everyone’s interests for this sharing to be seamless. The Health and Social Care Act 2015 enables sharing of patient data provided the patient has not otherwise objected, e.g. have set their sharing preference to ‘opted out’ (please see later paragraphs).
In order for this to work well patients must have a reasonable understanding of who is included in their care team and why information about then is being used and shared. This Fair Processing Notice seeks to fulfil that requirement.
How your data is used
The data that will be available to view using the LHCIE service will contain information about your health that is required by those care professionals involved in your care – in order to:
- Make an assessment about what care to provide to you
- Make decisions about whether they can provide care to you
- Seek the specialist input and support from other care professionals with your care
As an example, you may have received care at a specialist hospital unit or treatment centre. Your GP or clinic will need to see the information they have put together about you in order to provide you with rehabilitative support.
Your local care provider will be able to view information that relates to the care that has been provided to you, as long as that relevant information has been published to the LHCIE service.
The information about your health and treatments that is published to the LHCIE service is only available to be viewed by care professionals currently, or about to be, involved in your care.
Who can use the LHCIE service?
Access to the LHCIE service is strictly limited to those having a legitimate care relationship with the patients whose data (containing the relevant information) has been published to the LHCIE. Data cannot be seen on the LHCIE service unless it has been made visible by someone with the authority to see it.
All users are authenticated and authorised to use the LHCIE service. This access is based on the role of the care professional and the organisation that they work for. The LHCIE service runs automatic checks on both these criteria before enabling access to any patient information that has been published to the LHCIE.
Initial use of the LHCIE service (Pilot Phase until March 2018)
During this first phase, the pilot phase, of the LHCIE service only a limited number of organisations will use it to share patient information between them and for specific care pathways. They are:
Health and Care Organisation | Data Sharing Activity |
The Royal Marsden | Cancer Care Pathway documents |
Kingston Hospital | Cancer Care Pathway documents |
Hillingdon Hospital | End of Life Care Plan documents
Transfers of Care Repatriation documents |
Imperial College NHS Trust | End of Life Care Plan documents
Transfers of Care Repatriation documents |
Macmillan (Publishing only) | Holistic Needs Assessment |
All these organisations have Information Sharing Agreements (ISAs) in place, which set out roles and responsibilities for the confidentiality, integrity and availability of the data that will be exchanged and the information that they contain.
One of the automatic checks that the LHCIE service does is to make sure that there is an appropriate agreement in place to support the sharing of the patient documents.
Data retention
Publishing information to the LHCIE service allows it to be viewed in another care setting, enabling your care professionals to share vital information about your health and care.
This information remains the responsibility of the originator and so is subject to the same records management rules applied to all patient records they hold. In the same way, where copies of your information are retained by a third party organisation (for example the Royal Marsden Hospital or Macmillan), their rules for records management will be applied.
The LHCIE service provides the means to retain data on behalf of an organisation using it. The Service will take direction from the responsible organisation regarding retention or destruction of that data.
Where the LHCIE service is wholly responsible for any patient data it will apply the Records Management Code of Practice for Health and Social Care, which applies to all Health and Care organisations
Your rights as a data subject
Opting out
Each data subject (that’s you, the patient/citizen) has the right to request that their personal data is not processed. In most cases, the organisation that has your data and is responsible to determining how it will be processed (the data controller) will have to agree to your request. There are some circumstances where this is not possible and when this is the case, the data controller has to tell you about this.
‘Processing’ in the LHCIE service refers to the publishing and viewing by means of the Service, as well as all the automatic systems, checks and controls that allow this to take place securely.
Your care professional will only ever use the LHCIE service to support a care pathway that you have already agreed to take part in. Examples of these can include being referred to another organisation for specialist treatment or diagnosis.
Your care professional will let you know that they intend to use the LHCIE service to share information about you with another organisation. If you are not happy with this then you must tell them. In return, they will tell you of any risks to you if you do not allow them to share your data.
The care professional will be able to record your sharing preference on the LHCIE. This will determine what other users can see about you when they log into the LHCIE.
If you decide not to opt of your data being shared using the LHCIE service then any information that has been published to the LHCIE will be visible to users who are authorised to see it.
Overriding your wishes
There may be situations when you have already opted out of allowing your data to be shared across the LHCIE but where your treating clinician still needs to see certain information about you.
In such circumstances, your clinician can override the warning message and view your records; usually this will be for potentially life-saving treatment. If this happens an alert will be raised on the LHCIE requiring an explanation.
If you are adamant that you do not want your data to be processed in this way, this can be accommodated, but the possible risks will be clearly explained by the clinician.
Changing sharing preferences
Your sharing preferences will be recorded on the LHCIE service by your clinician, who is also charged with explaining the use of the Service and the possible consequences of opting out.
You have the right to change your mind about your sharing preferences at any time, and if you do then this will be recorded on the LHCIE.
Subject access requests
Under the Data Protection Act 1998 you have the right to see or be given a copy of personal data held about you.
The LHCIE is a tool that health and care professionals and organisations are able to use in order to support your care.
As mentioned earlier in this notice, these care organisations that collect data about you are responsible for the data that they process.The LHCIE service is one of the tools that they use to process patient data, and so in order to exercise your right to make a Subject Access Request, you must ask each of the organisations that has provided your care.
Under current law, organisations are allowed to charge a reasonable fee for the administration of such requests as follows:
If the information is easy to obtain e.g. if it is only held electronically they can charge up to £10 and if the information is more complex to obtain and extract then they may charge £50 for complying.
Rectification
This is why when you visit a surgery, clinic or hospital you are asked to confirm details about yourself, such as your address and phone number, in order to ensure records are kept up to date.
The LHCIE service will automatically check data held by each organisation that uses it, against centrally held demographic data in order to make sure that the correct documents are linked to the correct patient on the correct care pathway. Errors will be corrected immediately.
All organisations that use the LHCIE service understand the importance of accurate patient data and work hard to ensure high quality data is available for the provision of safe and effective care.
If you have a complaint about a hospital in relation to your treatment, staff or hospital services including how your data has been processed then you should make this directly to the hospital involved. This can be made direct to the department where you are receiving your treatment or if you prefer through the hospital’s PALS service.
If your complaint is about the way that your NHS service has been commissioned then you may wish to contact your local Clinical Commissioning Group (CCG) to discuss the decision that they made about what services you can use.
Where to find out more information
Further information about making a complaint or providing feedback can be found at https://www.england.nhs.uk/contact-us/complaint/#complain
Our Frequently Asked Questions below are updated regularly.
Further information about:
- Healthy London Partnership
- London Digital Programme
- Health and Social Care Act 2015 (Patient Safety)
- Ripple Plain English Guide
- Caldicott II – Duty to Share
- LHCIE In the News
Definitions
Data – In computing, data is information that has been translated into a form that is efficient for movement or processing. In the context of your health data then data is a collection of information about your health.
Data Protection Act – This is the current law that governs the way that any organisation that collect personal data and the uses of that data.
Data Subjects – Any person who the data or information is about. In this context this would usually be the patient.
General Data Protection Regulations – This will be the new Data Protection Law from May 2018. It will have an even greater emphasis on the rights of Data Subjects.
Information – Sometimes used interchangeably with data however in this context information is the content of the data that is exchanged using the LHCIE service.
PALs – Patient Advice and Liaison Service – provide a confidential advice, support and information on health-related matters to patients, their families and their carers. PALs are available and can be contacted at any hospitals providing NHS services.
Personal Data – is the term used to describe information about a person. In some cases it can be used to describe information that can be used to identify a person. See also Data Protection Act.
Sensitive Personal Data – This is personal data that is particularly sensitive. For the purposes of the Data Protection Act – 1998 your health and medical records are categorised as sensitive personal data. Other sensitive personal data includes things such as sexual life, Trade Union membership.
Frequently asked questions
Data security
Will my personal data be kept secure?
All personal data that is published to the LHCIE will be encrypted in transit and only viewable through the approved tools by authorised and authenticated users.
How will my personal data be kept secure from Hackers?
The LHCIE service systems will:
- Be tested regularly for appropriate security.
- Be monitored on an ongoing basis for threats.
- Have regular updates applied to defences in order to prevent unauthorised access.