Embed Size (px)
Citation preview
1
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Confidential Patient Information – Governance of secondary uses
Dr Andrew HarrisChair – Ethics and Confidentiality Committee
2
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Information Governance:
“The structures, policies and practice used to ensure the
confidentiality and security of health and social care
records, especially clinical records, and to enable use of
them for the benefit of the individual to whom they relate
and for the public good”
3
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
The legal framework for disclosure of confidential information
Confidentiality - Common law duty of confidentiality (CLDC)
Fair Processing - Data Protection Act 1998 (DPA)
Privacy - Human Rights Act 1998 (HRA)
4
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Ethics & Confidentiality Committee
• Advises whether disclosures of identifiable data meet conditions of s 251 NHSA 2006• Advise SoS - set aside legal risk of breach of CLDD• Confidential and for “medical purpose” • Only for 2° use: “Not solely or principally for determining care or treatment to individuals” • Must comply with DPA• Must be no practicable alternative
5
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Data Protection Act
Principles of processing include
Inform patients record may be used for secondary purpose and can dissent
Docs/trusts must formally authorise disclosureMust respect law eg CLDC, HRAProcessors’ “equivalent” duty of confidentiality
Conditions for sensitive personal data include
Explicit consent“Medical purposes”
6
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
The legal categories for disclosure of confidential information
Court orderStatutory powerPatient consentPublic interestAnonymisation
For secondary uses only:s251 statutory power
7
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Consent
• Consent to treat explicit or implied• Makes disclosure legal, but no right • Temporary GP staff to anonymise or to get consent –
no implied consent as CLDC• Impossible sometimes – scale, bias, health • Variety of guidance in research world • Not consenting damages trust in doctors/NHS• Ethics values autonomy – no override• Diluted: Broad, Group, Opt out, authorisation• If ID data and cannot consent, safest >>> s251
8
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Public interest
• Common law - to prevent crime or harm• In Scotland no s251 - some disclosures use this basis for research• In England insecure, as s251 exists and ECC advice will lower risk for patients• s 251: either improving patient care or PI - “A system which all reasonable individuals approve” • Balance benefits and risks: Exempting from CLDC needs v low risk of harm
9
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Anonymisation
Superficial Partial
Remove name and address Also remove number identifiers
Might not identify immediately but easy with other data
Cannot identify from data alone
Clinical, TeachingLocal audit – not 2ry
Plans needing postcode,
Monitor attendance
Train staff, Confidentiality in contracts, Local procedures, Caldicott advice
10
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Anonymisation or Deidentification
DPA only applies to personal dataIdentifiable from data held or likely to come into possession
Adequate anonymisation exempts ID conceivably possible, but unlikely, with sufficient effort reasonably used (ICO interpretation DPA)Risk of ID does not affect professional conscience (CLDC)
Level of security from technological treatment or handling of data appropriate to harm that might result from its release (7th data principle)
11
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Levels of Pseudonymisation
Reversible (Disclosive) Irreversible (linked anon) /Unlinked
Remove postcode
Key code and encrypt
e.g. sex, disease, hosp, ethnic, dates diag /episode, birth year
Cannot identify with reasonable effort and resource
ID impossible from published sources; DPA exempt
National audit
Research, Surveillance
DH, Care quality Commission, publications
IG of recipient org
Risk assess links
Use of RECs and ECC
Small group data
Inference controls
12
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Deidentification governance
Public sceptism and re-identification risk
NHS pilots and toolkit, Standards Board, Information Commissioner
Parallel with mainstreaming evidence based medicine in ‘80s
Apply academic computer science
Health professional Caldicott responsibility
13
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Common law duty of confidentiality
1. Obviously private to a reasonable person of ordinary sensibilities if in the same position
2. Affects conscience of person who receives info in knowledge communicated in confidence
3. Detriment including damage to trust
14
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Human Rights Act 1988
• Duties on public bodies to uphold ECHR• A8 Respect for private, family life, home, correspondence• Interference necessary for… protection of health.. proportionate to harm• Should not stop disclosures otherwise OK(if ethical, scrutiny of unique, or v sensitive data, and inferential risk, even though de-identified)
15
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Legal Framework of information rights
CDC
Confidentiality
DPA
Data Protection
HRA
Privacy
Patient data + + +
Superficial and partial anon
+ + +
Reversible key coded
- May not +
Irreversible/ fully anonymised
- - +
16
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Informational Risk Management
Importance of purposeNature of data (how sensitive)Nature of recipient (outside NHS)Appropriateness of sharing data to recipientIG of recipient organization (corporate, Caldicott)Restrictions on usage in contractData Sharing AgreementsScope of data (minimum for purpose)Legal risk (police, potential harm, A8??)Adherence to guidelines (GMC, REC, ECC)
17
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
No practicable alternative >> Section 251 • Specific regs: cancer and communicable disease• Class: anon, to consent, geog, linking, audit/analysis 1. Confidential patient info’ – ID ascertainable even with
other info likely to come into possession of processor2. Medical purpose necess / expedient in the interests of
improving patient care or in the public interest3. Only if not reasonably practicable to achieve in other
way, having regard to cost and technology available4. Maximum anonymity requirement
18
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Public Opinion
• Surveys Support research but why and integrityREC+ECC approval 46% never 30% maybeNeed surveys which objectively assess risk
• Find basis for reasonable expectation in CLDCCan’t imply consent without evidenceAwareness and debate to change opinion
• Trust in doctors: public interest to preserve
19
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Supporting secondary uses
• ECC not regulator but governance and legal advice• ECC advises SoS - must operate within law• Interpretation – reas practicable test, equiv duty, PI• 100 applctns/yr (40/7) Fast track (15 – 20 days)• ? New regulations - honest brokers, commissioning, national audit• More anonymisation; raise IG profile, new standards• Duty to balance preservation of public trust in records custodianship with other public needs
20
NIGBN
AT
ION
AL
IN
FO
RM
AT
ION
GO
VE
RN
AN
CE
BO
AR
D F
OR
HE
AL
TH
AN
D S
OC
IAL
CA
RE
Ethics and Confidentiality Committee
www.nigb.nhs.uk/ecc
Tel: 020 7633 7052
NIGB [email protected] [email protected] Chair ECC [email protected]
