document title… · cntw(o)14 cumbria northumberland, tyne and wear nhs foundation trust cntw(o)14...
TRANSCRIPT
![Page 1: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/1.jpg)
Document Title Limiting Access and Patient Electronic Health Records
Reference Number CNTW(O)14
Lead Officer Medical Director
Author(s)
(Name and designation)
Angela Faill – Head of Information Governance and Medico Legal.
Claire Aberdeen –Deputy Head Customer Operations Informatics
Ratified by Business Delivery Group
Date ratified Sep 2018
Implementation date Sep 2018
Date of full implementation
Sep 2018
Review date Sep 2021
Version number V04.1
Review and Amendment Log
Version Type of change
Date Description of Change
V04 Update Sep 18 Review
V04.1 Review Oct 19 Governance changes
This policy supersedes which must now be destroyed:-
Reference Number Title
CNTW(0)14 –V04 Limited Access and Patient Electronic Health Records
![Page 2: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/2.jpg)
Limiting Access and Patient Electronic Records
Section Contents Page No
1 Introduction 1
2 Purpose 2
3 Policy Scope 2
4 Duties and Responsibilities 3
5 Information Sharing 4
6 Creation of a Limiting Access Record 7
7 NHS Number 11
8 Identification of Stakeholders 12
9 Definition of Terms Used 12
10 Equality and Diversity 12
11 Training 12
12 Implementation 12
13 Monitoring Compliance 13
14 Fair Blame 13
15 Associated Documentation 13
16 References 13
Standard Appendices – attached to policy
Appendix A Equality and Diversity Impact Assessment Form 14
Appendix B Training and Communication Checklist and Needs Analysis
16
Appendix C Audit and Monitoring Tool 18
Appendix D Policy Notification Record Sheet - click here
![Page 3: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/3.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
1
1. Introduction
1.1 Service users have rights and protection granted to them by:-
Common law duty of confidences
The Data Protection Act 2018
The Human Rights Act 1998
Professional obligations
Contract of Employment
DoH Confidentiality Code of Practice
CNTW(O)29 - Confidentiality Policy
CNTW(C)20 - Care Coordination and Care Programme Approach
Process
CNTW(C)48 - Care Coordination (including CPA (Care Programme
Approach)) within Children and Young Peoples Services
1.2 However, Health Care Professionals owe a Duty of Care to provide appropriate and timely treatment to service users. This requires comprehensive, accurate and accessible records.
1.3 Service users entrust us with, or allow us to gather, sensitive information relating to their health and other matters as part of their seeking care and treatment. They do so in confidence and they have the legitimate expectation that staff will respect their privacy and act appropriately.
1.4 One consequence of this is that information which can identify individual service users, must not be used or disclosed for purposes other than healthcare without the individual’s consent, some other legal basis, or where the public interest in sharing information is greater than the public interest in maintaining confidentiality.
1.5 It is a key responsibility of all staff to ensure that service users understand that information needs to be shared between members of Care Teams and between different organisations involved in healthcare provision. Care Co-ordination/CPA provides a framework to enable this including the recording of consent to share information.
1.6 Electronic health records are designed to facilitate the sharing of service user’s information easily and accessibly between those professionals involved in the service user’s care. The information stored will vary depending on the length and type of contact the service user has had with Cumbria Northumberland, Tyne and Wear NHS Foundation Trust (the Trust/CNTW). As with any record, the electronic health record should only be accessed by staff that have a genuine need to do so in the context of the individual service user’s care.
![Page 4: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/4.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
2
2. Purpose
2.1 The Trust recognises that there are some service users for whom they have a duty to take additional steps to ensure confidentiality due to the individual also being a Trust employee or the individual’s demographic details being highly recognisable. These will be referred to as Limiting Access Records.
2.2 All electronic health record users have agreed to abide by the requirements of the legislation and policy detailed in section 1.1. For electronic health record users this is done when signing into the system. The use of the electronic health records is supported by a comprehensive Audit Trail which is monitored on a regular basis by Informatics. Any erroneous or suspicious access will be reported by Informatics to the appropriate Manager and the Caldicott Guardian.
2.3 Additionally Limiting Access Records created will be communicated by Informatics to the Caldicott Guardian on a monthly basis who will ensure ongoing audit by members of the Caldicott and Health Informatics Group, to gain assurance that standards are being adhered to.
2.4 This policy sets out a pragmatic guide to assist clinicians in addressing issues related to service users for whom confidentiality of electronic records may be a concern and also those for whom providing additional levels of confidentiality is appropriate, i.e. the creation of Limiting Access Records. These procedures should apply to all those referred to or receiving services from the Trust where any record will be held on the electronic health records system.
3. Policy Scope 3.1 This policy is applicable to all users of electronic health records including
personnel of the Informatics Department of the Trust and agreed users, including those with read only access within Partner agencies.
3.2 It is strictly forbidden for any users of electronic health records to access an
individual's record unless for a legitimate reason, i.e. provision of healthcare and treatment. Electronic health record users must not look at any information relating to themselves, their own family, friends, acquaintances, colleagues or because they recognise a name.
3.3 Access to electronic health records is monitored and inappropriate access may
result in legal action and/or disciplinary action. 3.4 Students who are on placement in the Trust will have access to electronic
health records if required by the nature of their placement and under the supervision of their placement supervisor. They will be required to complete the same documentation as other patient electronic record users and to abide by the requirements of this policy including the legislation and policy detailed in Section 1.1. Any breach of confidentiality will lead to an immediate termination of the placement and the reason being shared with their course tutor It may also lead to legal action.
![Page 5: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/5.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
3
3.5 Temporary staff, whether clinical or administrative, will have access to electronic health records if required by the nature of their temporary employment. They will be required to complete the same documentation as other patient electronic record users and to abide by the requirements of this policy including the legislation and policy detailed in section 1.1. Any breach of confidentiality will lead to an immediate termination of their temporary contract. It may also lead to prosecution under UK law.
4. Duties and Responsibilities
4.1 The Chief Executive on behalf of the Trust retains ultimate accountability for the health, safety and welfare of all service users, carers, staff and visitors; however key tasks and responsibilities will be delegated to individuals in accordance with the content of this policy.
4.2 The Caldicott Guardian is the Trusts’ Medical Director and is responsible for protecting the confidentiality of service user information and enabling appropriate information sharing. This includes the confidentiality of service user information held in the electronic health records.
4.3 The Caldicott Guardian retains ultimate accountability for decision making for any Caldicott issues, and in particular for those that may have a major impact on the organisation.
4.4 The Senior Information Risk Owner (SIRO) is the Trust’s Executive Director of Commissioning and Quality Assurance and is responsible for identifying and managing information risks to the organisation. This includes oversight of the information security incidents and responses.
4.5 The SIRO is supported in their role by information asset owners who have assigned responsibility for the Trust information assets. This is the Trusts Executive Director of Nursing and Chief Operating Officer in respect of electronic health records. The corporate governance arrangements relevant to this policy are shown in the diagram below:-
Board of Directors
CNTW Quality and Performance Committee
CNTW Trust wide Caldicott and Health Informatics Group
Local Care Group Triumvirate
![Page 6: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/6.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
4
4.6 All staff, whether clinical, administrative or managers, have a responsibility to
maintain confidentiality and to only access records that they have a genuine need to, in the context of service user’s care. It is strictly forbidden for staff to access an individual's record whether paper or electronic without a legitimate reason, i.e. provision of healthcare and treatment.
4.7 Individuals must not look at any information relating to their own family, friends, acquaintances or because they recognise a name.
4.8 Individuals who are employed by the Trust and who are also service users must not access their own electronic health record or ask others to do so. If an individual wants to access their own health records they should follow the practice guidance note with the Trust’s policy CNTW(O)09 – Records Management, - RM-PGN-05 – Access to Records in accordance with General Data Protection Regulations.
4.9 Informatics is responsible for ensuring that there is a comprehensive Audit Trail functionality on RiO Monitoring Policy.
4.10 Care Coordinators/Lead Professionals and others in the Clinical Team providing care and treatment are able to see who has accessed their service users electronic health record through the audit trail function on the service users case record. They also share responsibility for monitoring access to all records including Limiting Access Records. If a Care Coordinator/Lead Professional and others in the Clinical Team providing care and treatment identifies that a record may have been accessed inappropriately they should report this to their line manager as soon as possible and follow the guidance in Section 7.
4.11 Managers receiving a report from Caldicott Support, with support from HR, will
be responsible for initiating the appropriate action in response. This may be disciplinary action which may include action due to gross misconduct and/or legal proceedings.
5. Information Sharing 5.1 All service users should be made aware that their information is shared with
other professionals and agencies with which they have contact. This should ideally be discussed during the service user’s first assessment or as soon as possible and revisited as part of the care planning process. These discussions should be recorded by the completion of the Care Coordination Consent to Share Information documentation.
5.2 The clinician who undertakes the discussion with the service user about
information sharing at assessment is responsible for ensuring that the consent screen is completed appropriately and the setting of the consent indicator on the case record screen.
5.3 The clinician who undertakes the discussion with the service user about
information sharing during care planning is responsible for ensuring that the
![Page 7: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/7.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
5
consent screen is updated appropriately and the setting of the consent indicator on the case record screen if required.
5.4 Service users should also be offered a copy of the leaflet “Information that
Cumbria Northumberland Tyne and Wear NHS Foundation Trust keeps about you”.
5.5 Some service users may not have the capacity to consent, or be able to
understand the implications of sharing information either at assessment or care planning, or both. If concerns about the service user’s capacity to consent arise for adults a decision will be made by the “decision maker” following an assessment of capacity with clear reference to the Mental Capacity Act best interest checklist.
5.6 Assessment of capacity should involve discussion with relevant members of any
Multi-Disciplinary Team, carers and/or advocates 5.7 Where a service user does not have capacity to make the decision about
sharing of information, the assessment of capacity and if required the best interest decision in relation to sharing, information can be recorded in a progress note. Good practice is to begin this entry with the phase “Capacity assessment regarding sharing information”. The relevant tick box on the paper form should also be completed.
5.8 The outcome of this best interest decision should inform the setting of the
consent status button on the case record screen of the electronic health record and the consent status set due to best interest decision box should also be “ticked”.
5.9 It is good practice to use the free text box to identify the progress note where
the best interest determination has been recorded. 5.10 If a child/young person does not have the capacity to understand the process
and requirements of consent even with the support of parents or carers, then consent to share information should be discussed and agreed with parents or others with parental responsibility.
5.11 Under the Children Act 1989, any child of 16 or over is presumed to be mentally
competent to give their own consent to medical treatment. This means that children of 16 or over should also be presumed competent to give their own consent to information sharing.
5.12 Under the Fraser Guidelines (formerly commonly known as Gillick Competence)
children under the age of 16 may also be competent to give their own consent to the sharing of information about themselves between different agencies provided they are sufficiently mature to understand the implications of information sharing, including the implications of not doing so in terms of the possible impact on the quality of service provision. This is a judgment to be made by the professionals involved with the child.
![Page 8: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/8.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
6
5.13 If a child is competent (either because they are 16 or over or because they are under 16 and competent under the Fraser guidelines) to give their own consent, that consent should be sought from them. If however they are assessed as not yet competent to give informed consent, the consent should be sought from a person who has parental responsibility for the child. Mothers automatically have parental responsibility. A married couple who have children together both automatically have parental responsibility. Parental responsibility continues after divorce.
5.14 Where the parents are not married, the unmarried father has parental
responsibility if:-
His name is registered on the birth certificate - this is the case for births registered after 1 December 2003. Fathers can re-register if their names have not been placed on the birth certificate before this date
He later marries the mother
Both parents have signed an authorised parental responsibility agreement
He obtains a Parental Responsibility Order from the Court
He obtains a Residence Order from the Court
He becomes the child's guardian
Others do not have parental responsibility. They can acquire it by:-
- In the case of a local authority with a Care Order
- Being appointed as a guardian for care for a child if their parent dies
- Obtaining a Residence Order form the Court for a child to live with them
- Adopting the child
5.15 Children in the ‘Looked After’ System may have carers who do not have parental responsibility and it is very often inappropriate for information to be shared with parents. To ensure consideration specific to the issues involving children in the care of the Local Authority the Newcastle ‘Looked After’ Children Team uses an additional consent recording tool on electronic health record.
5.16 If a service user expresses concern about electronic information systems and
access, the member of staff concerned must take time to explain that information sharing is part of our Duty of Care to an individual, and who would normally access the record, i.e. members of the individual’s Care Team, Crisis service if there was contact with the service user. The service user should understand that there is a visible record as to who has accessed the electronic health record, and that should any member of staff access their record inappropriately they may be subject to legal action and/or disciplined.
![Page 9: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/9.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
7
5.17 It may also be relevant to discuss with the service user the potential additional benefits of information being held in this way, for example information being recorded on electronic health record enables:-
The ability to support their care in the future, by the appropriate sharing of information to inform their new care and treatment by services of the Trust. Or should they move out of area in response to a request from the service in the area they have moved to
Continuity of care if the service user was to be detained through the criminal justice system by ensuring that prison based services can be put in touch with their previous Care Co-ordinator
The opportunity to participate in the national patient surveys to anonymously express their view of the care they receive
5.18 If the service user continues to express concern then the opportunity to have a
Limiting Access Record created should be explained, providing that the assessment of risk does not indicate that having a Limiting Access Record would increase the risk to the service user or others.
5.19 If the individual is one for whom a Limiting Access Record may be appropriate
it is essential that they are informed of the implications of having this type of record. That:-
There could be a delay in clinical staff having relevant information in a crisis
There could be a delay in continuity of care.
They will not have the opportunity to participate in the national patient surveys
5.20 The option of creating a Limiting Access Record should always be considered, but not assumed to be appropriate without discussion with the service user, when the individual is:-
a member of staff
highly recognisable from their demographic information
the subject of significant media interest both past and present
is under witness protection
5.21 Wherever possible this should be considered in partnership with the service user, however clinical judgement will need to be used if the service user lacks the capacity to either make the decision or understand the consequences of the decisions they make, or where not having a Limiting Access Record would increase the risk to the service user or others (see 5.2 and 5.3).
6. Creation of a Limiting Access Record
![Page 10: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/10.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
8
6.1 The decision to create a Limiting Access Record, following discussions with the service user (as outlined in Section 5) will be made by the assessing professional or subsequently by the Care Coordinator/Lead Professional or the Inpatient Team.
6.2 Support to make this decision, if needed, can be sought from the Head of
Information Governance and Medico Legal. 6.3 The electronic health record system has a registration screen with a number of
mandatory fields – i.e. fields that must be entered before the service user’s record can be saved. These are:-
Forename
Surname
Date of Birth
Gender
Ethnic Background
Address/Postcode
GP
6.4 Staff with direct access to electronic health record create a Limiting Access
Record by completing these mandatory fields in the following way:-
6.5
Forename First initial only
Surname First initial only
Date of Birth Full details
Gender Full details
Ethnic Background Completed with the ethnicity identified by the service user
Address/Postcode House number/name and post code only
Use the * symbol for any other required fields
GP Full details
NHS number Full details (see section 8)
6.6 The consent to sharing information indictor on the case record screen should
be set to red. 6.7 To support clinical practice it is also important that within the electronic health
record the service user’s full name and demographic details can be found, e.g. to facilitate contact out-of-hours and to enable appropriate letters to be sent.
6.8 The service user’s full demographics should be entered into the personal
contacts section of electronic health record, which can be accessed via the demographics screen:-
![Page 11: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/11.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
9
6.9 The contact type “Patient” should be selected and relation type “Limiting Access Record” selected.
6.10 Documents that are captured in images should be an exact record of that sent
out, therefore even documents created/relating to a service user with a Limiting Access Record should show all demographic information. This must not be deleted/redacted prior to uploading the image onto electronic health record.
6.11 This approach aims to balance the service user’s need for confidentiality and the Trust and clinician’s Duty of Care, by providing enough information for members of the Care Team and crisis services to identify service users they have contact with, without the most identifiable information (the service users name) being easily accessible to all users.
6.12 A member of staff who undertakes a search on the system to identify if a service
user is/has been known to services and to gain access to records needed for their care and treatment will do so using the case record screen ideally using the persons NHS number. If this is not available demographic information, which must include the person’s date of birth, will be used.
6.13 If this results in a Limiting Access Record being identified as a potential match
the information presented will only consist of initials, gender, postcode and date of birth. Further entry to the record would only be justified if there was a match with the information about the service user which the search relates to, and the reason would have to be entered and recorded before accessing the case record screen. Access to this screen will include the additional information of the individual’s GP and Care Coordinator (if allocated).
6.14 Further entry into the electronic health record would only be justified if this
additional information was indicative of the record relating to the service user the search relates to.
6.15 Each stage of this access would enable staff to identify if the service user has
an electronic health record. 6.16 Each stage of this access would be recorded on the audit trail.
![Page 12: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/12.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
10
6.17 A search that was inappropriately undertaken, for example in relation to
someone who was of significant media interest, by entering the individuals name alone would not result in an electronic health record being identified and consequently not enable them to be identified as a service user of the Trust if they had a Limiting Access Record.
6.18 Creating a Limiting Access Record for a service users who has an existing record
6.18.1 There may be occasions where it is appropriate that a service user’s existing electronic health record is changed to a Limiting Access Record. This may be due to a request of the service user in which case where the process set out in sections 5.16 to 5.19 should be undertaken. It could also be because the individual is now
the subject of significant media interest
under witness protection
6.18.2 Ideally this change should this should be considered in partnership with the service user, however clinical judgement will need to be used if the service user lacks the capacity to either make the decision or understand the consequences of the decisions they make, or where not having a Limiting Access Record would increase the risk to the service user or others (see Section 5.2 and 5.3).
6.18.3 Support to make this decision, if needed, can be sought from the Head of Information Governance and Medico Legal.
6.18.4 There may be rare occasions where the Caldicott Guardian may make this decision on a temporary basis usually in response to anticipated significant media interest.
6.18.5 Whoever changes the service user’s electronic health record to a Limiting Access Record must ensure that this change is communicated to all members of the care team and any clinician / team where there is an open referral.
6.18.6 To change an existing electronic health record to a Limiting Access the registration screen with a number of mandatory fields – i.e. fields that must be entered before the service user’s must be amended.
6.18.7 The service user’s full demographics should be entered into the personal contacts section of electronic health record, which can be accessed via the demographics screen see Sections 6.7-6.8
6.18.8 Staff with direct access to electronic health record can create a Limiting Access Record by amending these mandatory fields ONLY in the following way:-
Forename Change to first initial only
Surname Change to First initial only
Address/Postcode Change to House number/name and postcode
![Page 13: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/13.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
11
Only – Use the * symbol for any other required fields
6.18.9 Set the date of address to the date of the address to the date of the change to a Limiting Access Record
6.18.10 When these changes have been made click save and you will be prompted to decide if the old name should be set as an alias select No.
6.18.11 The consent to sharing information indictor on the case record screen should be set to red.
6.18.12 To support clinical practice it is also important that within the electronic health record the service user’s full name and demographic details can be found, e.g. to facilitate contact out-of-hours and to enable appropriate letters to be sent.
7. National Health Service (NHS) Number
7.1 The NHS number provides a unique identifier for all individuals and can further
assist in ensuring rapid access to individual electronic health records in a crisis situation. In the creation of a Limiting Access Record the clinician making the entry on the electronic health record must take responsibility for the identification and entry of the service users NHS number.
7.2 The Information Team within Informatics are able to provide NHS numbers on
request. 7.3 The weekly data quality checks undertaken by Informatics where service users
missing NHS numbers are traced and entered by Informatics will not be possible
for a Limiting Access Record.
![Page 14: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/14.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
12
8. Identification of Stakeholders
8.1 This is an existing policy and its review has resulted in additional/changed content that relates to operational and/or clinical practice. Consequently it was consulted on for the period required as set out in Trust policy CNTW(O)01 – Development and Management of Procedural Documents, through the Standard Policy Distribution process, and both the Operational Group and
Trustwide Caldicott and Health Information Group meetings. North Locality Care Group
Central Locality Care Group
South Locality Care Group
North Cumbria Locality Care Group
Corporate Decision Team
Business Delivery Group
Safer Care Group
Communications, Finance, IM&T
Commissioning and Quality Assurance
Workforce and Organisational Development
NTW Solutions
Local Negotiating Committee
Medical Directorate
Staff Side
Internal Audit
9. Definition of Terms Used
RiO is the Trusts electronic health record system
10. Equality Impact Assessment
10.1 In conjunction with the Equality and Diversity Officer of the Trust this policy has undergone an Equality and Diversity Impact Assessment which has taken into account all human rights in relation to disability, ethnicity, age and gender. The Trust undertakes to improve the working experience of staff and to ensure
everyone is treated in a fair and consistent manner.
11. Training
11.1 All users of the electronic health records system are provided with training by
the Informatics directorate. Including how to create a Limiting Access Record and their responsibilities in relation to confidentiality, including Limiting Access Records, is incorporated into the training programme and supporting guides.
12. Implementation
12.1 This is an existing policy and its review. The implementation date is the same
as the date of ratification.
![Page 15: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/15.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
13
12.2 The Trust wide Caldicott and Health Informatics Group will receive the outcomes of policy monitoring and agree any action planning, if gaps are identified and how learning will take place.
13 Monitoring Compliance
13.1 Monitoring of this policy will focus on compliance though reporting on any instances of inappropriate access and ensuring that the electronic health record has the appropriate consent status set. See ‘Appendix C’ Audit and Monitoring Tool.
14 Fair Blame
14.1 The Trust is committed to developing an open learning culture. It has endorsed the view that, wherever possible, disciplinary action will not be taken against members of staff who report near misses and adverse incidents; Although there may be clearly defined occasions where disciplinary action will be taken.
15 Associated Documentation
CNTW(C)20 - Care Coordination and Care Programme Approach Process
CNTW(C)48 - Care Coordination for Children and Young People Service
CNTW(O)01 - Development and management of Procedure Documents
CNTW(O)05 - Incident Reporting Policy and Practice Guidance Notes
CNTW(O)29 - Confidentiality Policy 16 References
The Data Protection Act 2018
The Human Rights Act 1998
Contract of Employment
DoH Confidentiality Code of Practice
![Page 16: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/16.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
14
Appendix A
Equality Analysis Screening Toolkit
Names of Individuals involved in Review
Date of Initial Screening
Review Date Service Area / Locality
Angela Faill/Claire Aberdeen Sep 2018 Sep 2021 Trust-wide
Policy to be analysed Is this policy new or existing?
Limiting Access and patient electronic records (RiO) – V04
Existing
What are the intended outcomes of this work? Include outline of objectives and function aims
The Trust recognises that there are some service users for whom they have a duty to take additional steps to ensure confidentiality due to the individual also being a Trust employee or the individual’s demographic details being highly recognisable. These will be referred to as Limiting Access Records.
Who will be affected? e.g. staff, service users, carers, wider public etc
Staff /Service Users
Protected Characteristics under the Equality Act 2010. The following characteristics have protection under the Act and therefore require further analysis of the potential impact that the policy may have upon them.
Disability Accessible formats for information through Patient Information Centre.
Sex NA
Race Consider and detail any evidence on difference ethnic groups, nationalities, Roma gypsies, Irish travellers, language barriers.
Age Accessible formats for information through Patient Information Centre. Gillick
competency addressed
Gender reassignment
(including transgender)
NA
Sexual orientation. NA
Religion or belief NA
Marriage and Civil Partnership
NA
Pregnancy and maternity
NA
![Page 17: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/17.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
15
Carers NA
Other identified groups NA
How have you engaged stakeholders in gathering evidence or testing the evidence available?
Through the policy consultation process
How have you engaged stakeholders in testing the policy or programme proposals?
Through the policy consultation process
For each engagement activity, please state who was involved, how and when they were engaged, and the key outputs:
Policy Review Group
Summary of Analysis Considering the evidence and engagement activity you listed above, please
summarise the impact of your work. Consider whether the evidence shows potential for differential impact, if so state whether adverse or positive and for which groups. How you will mitigate any negative impacts. How you will include certain protected groups in services or expand their participation in public life?
No negative impact
Now consider and detail below how the proposals impact on elimination of discrimination, harassment and victimisation, advance the equality of opportunity and promote good relations between groups. Where there is evidence, address each protected characteristic:
Eliminate discrimination, harassment and victimisation
NA
Advance equality of opportunity NA
Promote good relations between groups NA
What is the overall impact? No impact
Addressing the impact on equalities No impact
From the outcome of this Screening, have negative impacts been identified for any
protected characteristics as defined by the Equality Act 2010? No
If yes, has a Full Impact Assessment been recommended? If not, why not?
Manager’s signature: Angela Faill/Claire Aberdeen Date: September 2018
![Page 18: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/18.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
16
Appendix B Communication and Training Check list for policies
Key Questions for the accountable committees designing, reviewing or agreeing a new Trust policy:
Is this a new policy with new training requirements or a change to an existing policy?
Existing Policy
If it is a change to an existing policy are there changes to the existing model of training delivery? If yes specify below.
No changes under this review to existing policy that require changes to mode of training.
Are the awareness/training needs required to deliver the changes by law, national or local standards or best practice?
Please give specific evidence that identifies the training need, e.g. National Guidance, CQC, NHS Resolutions etc.
Please identify the risks if training does not occur.
No changes applicable in this review.
Confidentiality Code of Practice – Department of Health
Please specify which staff groups need to undertake this awareness/training. Please be specific. It may well be the case that certain groups will require different levels e.g. staff group A requires awareness and staff group B requires training.
Newly appointed Front line clinical staff and other RiO users
Is there a staff group that should be prioritised for this training / awareness?
As above
Please outline how the training will be delivered. Include who will deliver it and by what method. The following may be useful to consider: Team brief/e bulletin of summary Management cascade Newsletter/leaflets/payslip attachment Focus groups for those concerned Local Induction Training Awareness sessions for those affected by the new policy Local demonstrations of techniques/equipment with reference documentation Staff Handbook Summary for easy reference Taught Session E Learning
Inclusion in existing training for RiO Policy consultation; Group Caldicott and Heath Information Groups. RiO champions meeting and dissemination to those they represent
Please identify a link person who will liaise with the training department to arrange details for the Trust Training Prospectus, Administration needs etc.
Head of Information Governance and Medico Legal.
![Page 19: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/19.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
17
Appendix B – continued
Training Needs Analysis
Staff/Professional Group Type of training
Duration of
Training
Frequency of Training
RiO users Classroom by RiO Trainers
One day Once unless changes to system that impact on clinical practice when appropriate update training will be provided using a range of methods.
Should any advice be required, please contact:- 0191 2456777 (internal 56777)
![Page 20: Document Title… · CNTW(O)14 Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19 1 1](https://reader036.vdocuments.net/reader036/viewer/2022071020/5fd49b95d3fb8b18915b4443/html5/thumbnails/20.jpg)
CNTW(O)14
Cumbria Northumberland, Tyne and Wear NHS Foundation Trust CNTW(O)14 – Limiting Access and patient electronic records (RiO) – V04.1 Oct 19
18
Appendix C
Audit / Monitoring Tool The Trust is working towards effective clinical governance and governance systems. To demonstrate effective care delivery and compliance, policy authors are required to include how monitoring of this policy is linked to auditable standards/key performance indicators will be undertaken using this framework.
CNTW(O)14 – Limiting Access and Electronic Patient Record (RiO)
Monitoring Framework
Auditable Standard/Key Performance Indicators
Frequency/Method/Person Responsible
Where results and any associated action plan will be reported to, implemented and monitored; (this will usually be
via the relevant governance
group).
1 Identification of inappropriate access to the electronic record
Annual report by Caldicott Support
Trustwide Caldicott and Health Informatics Group
2 Consent indicators are set appropriately on linilted access records
Annual position report by Deputy Head Customer Operations Informatics Department
Trustwide Caldicott and Health Informatics Group