Information Governance

1
Information Governance Training
IssuesPresentation for London Cluster
Wally Gowing 17 March 2006
2
SUS Information Governance

• Information Governance
• framework of CfH IG
• CRDB
• CRG
• Confidentiality
• Section 60 application - new system store of
  patient identifiable data
• Protecting patient identifiable data
• Access Control

3
Protecting Patient Identifiable Data

• Pseudonymisation / Anonymisation
• Discussed with
• NHS organisations/individuals - PH doctors
• SUS Extended Project Team members
• CfH IG Policy Team
• NASP/BT
• Significant concerns raised
• Pseudonymisation Impact Assessment Study

4
Existing use of clear data

• Examples of use of patient identifiable data
• Small area mortality analysis - data linkage
• Prevalence of serious conditions
• Activity validation
• Locality reporting
• Frequent fliers
• Optimum service location

5
Reducing use of Clear Data

• To reduce need for clear data requires
• data quality improvements
• alternative facilities for some existing
  functions (through CfH, LSPs, Spine, etc)
• improved analytical and linkage facilities for
  secondary use data
• awareness of Confidentiality CRG
• Requires a managed transition

6
Need for Transition

• Business continuity
• Commissioning, performance management, public
  health, service planning
• Rationale
• Timing of provision of SUS LSP facilities
• Poor data quality at present
• Dependence on new facilities to improve data
  quality
• Continuing need for clear data

7
Access to clear data
Transition
Confidentiality awareness campaign
Guidance on working practices
Improving data quality
Clear data
Clear data
Clear data
(legitimate access only)
Clear data
Clear data
Clear data
Restrictions increase (through RBAC)
Now
2006A
2006B
2007A
2007B
2008 ..
SUS Pseudo- nymisation
Ad-hoc Pseud User defined data marts
GIS tools
NB the blocks are illustrative and not to scale
8
Profile of usage - now
Types/volumes of usage
Clear
Anonymised
Partially Clear
Unlinked Pseudo
Linked Pseudo
Degree of anonymisation
9
Profile of usage - future SUS
Types/volumes of potential usage
Clear
Anonymised
Partially Clear
Unlinked Pseudo
Linked Pseudo
Degree of anonymisation
10
Legitimate access to clear data

• Need for patient identification in service
  provision, service planning, commissioning, etc
• eg predictive risk modelling, frequent fliers,
  serious conditions
• Supporting primary use/direct care
• Section 60 approved research
• Patient consented research
• Clinical audit
• Data quality - NCASP

11
SUS Architecture
12
Access to data in SUS 06-A

• Aggregated data (ie pre-processed standard
  reports for standard areas)
• Patient level data extracts
• Patient identifiable for PCTs, Trusts
• Pseudonymised for SHAs external/VA users
• Anonymised for others

13
Access to data in SUS 06-B

• Aggregated data (ie pre-processed standard
  reports for standard areas)
• Patient level data
• Pseudonymised for PCTs, SHAs, external/VA users
• Patient identifiable for PCTs senior users only
  with SUS Protocol
• Anonymised for others

14
Pseudonymisation Pilot

• Part of User Assurance
• Test
• Same results with clear and pseudonymised data
  for analysis
• Event linkage feasible - eg re-admissions
• Assess impact on time, resources
• Data quality standards needed
• Assessment by NHS users

15
Pseudonymisation Pilot

• Participants
• Bradford PCT/HIS
• GM TIS
• Data Quality - Anne Coulton
• Staged - targets
• Initial report on basic data analysis - June
• Final report on using pseudonymised data in SUS -
  October
• Aim - lessons learned, develop good practice,
  build confidence

16
SUS Access Control

• CfH wide approach to access control
• Under auspices of Registration Authority
• Organisation level - Statement of Compliance
• SUS aspects (eg Protocol) - plug-in to SoC
• Role Based Access Control (RBAC)
• Staged development implementation
• Local registration processes
• Individual - registration of business functions
• Standard roles

17
SUS Access Control

• SUS provides mechanisms for control
• Technology
• Supporting processes
• Transition period for NWCS use
• Potential users need to
• Establish rationale for access to data
• For patient identifiable data, obtain approval
  (eg S60) independently of SUS
• Register appropriately

18
SUS Access Control

• SUS Specific aspects
• Different from clinical/demographic systems
• Control access to patient identifiable data
• Utilise facilities within SUS to control access
  to meet SUS user specific issues
• Short-term issue on control of registrations
• Shared services - eg Commissioning, Informatics
• Host organisation SoC
• Formal agreements
• Registered NACS code
• Aim for users to have multiple role profiles
  within single logon

19
SUS Architecture
Users
SUS (secure environment)
Marts
Marts
Marts
Marts
Marts
Marts
SUSID
Mart
20
SUS Training

• Lessons Learned
• Deliver at right time
• Technology Based Training (TBT) is useful
• Need right facilities for hands-on training
• Follow-up training post go-live would be helpful
• Positive reaction to approach of Superuser
  training
• Needs for PbR NWCS Replacement
• 2006-B TNA Content

21
SUS Training

• Training delivery
• BT
• Training environment upgrade
• Approx 500 users per cluster
• 2 day courses
• Likely to take 10 weeks per cluster
• List of who has had training
• Toolkit essentials - common to PbR
• Duplication - PbR and NWCS replacement

22
SUS Roll-out UA
23
Training Outline Plans

• PbR
• Refresher training for on-line service
• CDs still relevant
• Plan for delivery around June
• NWCS Replacement/ Extract Mart
• Training for on-line services
• TBT content via CD/website
• Plan for delivery from mid September
• EDT (replaces XTS) - documentation