A Collection is a selection of features, articles, comments and opinions on any given theme or topic. It allows you to stay up‑to‑date with what interests you most.
Login here to access your saved articles and followed authors.
We have sent you an email so you can reset your password.
Sorry, we had a problem.
Tags related to this article
Published 24 February 2017
At the heart of collaboration between organisations is the sharing of information. This may be performance-related information shared by commissioners who are collaborating to commission services in an STP footprint, or the sharing of patient data between acute, community services, primary care and social services providers, to ensure a patient-centred service.
In the NHS to date, there are many examples of data being held in silos and not being joined up across organisations. Better data sharing is key and having the IT systems to be able to implement this in STP footprints is crucial (as highlighted in the Wachter Review).
STPs call for an increase in the sharing and analysis of patient data. Commissioners of care are especially keen to link and analyse data from different sources (GPs, hospitals, social care) to better understand how patients move along care pathways and how good outcomes are achieved. Patient access to their own data is also particularly important, and this is even more pertinent for those with long-term conditions seeking to self-manage.
The legal landscape for information governance is changing, with the implementation of the General Data Protection Regulation in the UK firmly in view. Under the GDPR, the maximum fine by the Information Commissioner for data breaches will increase from £500,000 to 4% of turnover, or €20,000,000.
Furthermore, the obligations upon data controllers are amplified. For example, data controllers must ensure that those processing information on their behalf can implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the GDPR and ensure the protection of the rights of the data subject – in practice, this will mean carrying out due diligence.
When implementing STPs, providers and commissioners should consider what information sharing will take place. The first steps should include:
We have created a top ten checklist of information sharing issues, which can help inform any information sharing agreement:
What technological solutions are available?
Alongside the information governance considerations, a communication strategy should be developed, ensuring that stakeholders are engaged from the outset and given an opportunity to input into the service design.
Often, the proposed collaboration between providers of care also seeks to give patients greater access to their data. This is particularly useful for those managing long-term conditions. Some technological solutions allow for online consultations, amongst other methods, to allow for a greater degree of self-monitoring and enabling self-care. As ever though, there is a tension between accessibility and concerns about data security.
The diversification of the NHS and the drive for smarter commissioning has led to an increased demand for the sharing and analysis of patient data by both commissioners and providers.
The current rules on the use of data in the NHS are restrictive and make this kind of analysis difficult. Caldicott 3 - Review of Data Security, Consent and Opt-Outs - has been published, and this proposes the rules be changed so that patient data can be used for NHS commissioning decisions. However, the proposal is that patients can “opt out” of this wider use of their data. There are questions over whether this is workable in practice.
Unlike most other sectors, the providers of NHS care report breaches to the regulator and the individuals affected. Data breaches in the NHS therefore draw a great deal of attention, and can mean hefty fines for NHS organisations, not to mention a breakdown of trust with affected patients. With the stated ambition in the NHS Five Year Forward View for a paperless NHS, this is an increasingly important area.
With an increase in the digitisation of the NHS, and greater information sharing under STPs, there is a commensurate increase in risk for susceptibility to cyber-crime. We have seen recent instances of NHS IT systems being infected by ransomware – a malicious piece of software which locks up systems until a ransom is paid to get them unblocked. Boards of NHS organisations should therefore consider what plans they have in place to combat cyber-crime, as this is of critical importance to data security.
Finally, organisations that are collaborating in accordance with STP plans need to consider whether they are sharing information in a manner that does not breach competition law rules. As new models of care emerge, and providers consolidate, there is an increasing risk of collaborative working falling foul of competition law obligations.
London - Walbrook
+44 (0)20 7894 6531
Dr Alexandra von Westernhagen, David Harrison
Charlotte Burnett, Hamza Drabu, Sarah Foster
Mary Mundy, Hannah Chapelhow
Hannah Chapelhow, Mary Mundy, Victoria Fletcher
Hannah Chapelhow, Victoria Fletcher, Mary Mundy
Darryn Hale, Hamza Drabu, Christian Carr
Louise Watson-Jones, Abigail Sneller
Sally Roff, Neil Scott
David Knapp, David Williams
Mary Mundy, Sophie Devlin
Alistair Robertson, Stephen Hocking
Alistair Robertson, Sophie Devlin
Dr Alexandra von Westernhagen