Presentation is loading. Please wait.

Presentation is loading. Please wait.

NIGB International Data Sharing Conference Oxford Tuesday 21 st September 2010 National Information Governance Board Alan Doyle - Director Karen Thomson.

Similar presentations


Presentation on theme: "NIGB International Data Sharing Conference Oxford Tuesday 21 st September 2010 National Information Governance Board Alan Doyle - Director Karen Thomson."— Presentation transcript:

1 NIGB International Data Sharing Conference Oxford Tuesday 21 st September 2010 National Information Governance Board Alan Doyle - Director Karen Thomson - Information Governance Manager Andrew Harris – Chair Ethics and Confidentiality Committee NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

2 NIGB The role of the NIGB To support improvements in information governance in health and social care; To set standards and provide advice and guidance on information governance; To advise on the use of powers under section 251 of the NHS Act NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

3 NIGB NIGB Principles Within health and social care services: The interests of patients and service users come first; Informed consent and personal autonomy should underpin the provision of health and social care; With patient consent the right information should be available to the right people at the right time to provide individual care; Secondary users should seek to use de-identified data; The wishes of people who have withheld or withdrawn their consent should be respected. NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

4 NIGB NIGB Principles It is in peoples interests to have: – Appropriate and accessible care, which promotes health, social welfare and public safety; – A sound research base on which to build and improve effective services; and – Well managed and cost effective services. The principles of good regulation should be followed. These are proportionality, accountability, consistency, transparency and fairness. NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

5 NIGB NIGB Principles These principles will sometimes be in tension with each other. In seeking to resolve those tensions it should be noted that: Allowing service users appropriate control over and access to their own information, and its use, is central to the role of the NIGB and is a requirement of the Data Protection Act 1998; Trust and public confidence in health and social care services should be earned and maintained, and not assumed; Patients service users and carers have a right to confidentiality; Peoples information should be stored and shared in a secure manner. NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

6 NIGB NIGB Principles Those providing care must comply with legal requirements and professional practice standards and guidance; An appropriate balance between individual and public interests must be maintained; – In accordance with Article 8 of the Human Rights Act 1998, interference with peoples privacy is only permissible where it is in accordance with the law and necessary for a number of specified purposes including public safety, the protection of health and the rights and freedoms of others and is proportionate to the purpose. Where decisions are made concerning the balance of individual and professional or public interests those making decisions should be accountable and except where personal details are involved the basis for such judgements should be made public. NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

7 NIGB NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD The Care Record Guarantees

8 NIGB The care record guarantee commitment to patients: We will only use your information in ways which respect your rights and contribute to your health and well being The NHS Constitution sets out patient rights in legislation: You have a right to privacy and confidentiality and to expect the NHS to keep your confidential information safe and secure NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

9 Issues NIGB Boundaries of the clinical care team – what patients expect Consent for disclosure for consent – Practical difficulties – Lack of support from clinicians – role for research facilitators? Could still breach confidentiality Control subjects – less likely to be contact with services – Lack of awareness that their information is also valuable for research – Least likely to benefit from research NATIONAL INFORMATION GOVERNANCE BOARD

10 NIGB De-identification If data have been effectively de-identified then no longer regarded as personal data and can be used more freely. The issue is what constitutes effectively de-identified. Benefits -Near 100% data capture -Multiple purposes without needing further consent -Potential for onward disclosure to collaborators or other researchers without needing further consent Disbenefits -often a trade off between identifiability and utility -Some people still feel sense of ownership over their data and therefore potential harm if used for a purpose to which they object NATIONAL INFORMATION GOVERNANCE BOARD

11 NIGB Consent Issues lack of clinician engagement and support in contacting patients in order to seek consent, and obtaining meaningful consent Benefits respectful of individuals wishes, prevents harm of intrusion people have an ongoing relationship with research, facilitates further uses & potentially money more extensive information available Facilitates contact with relatives Disbenefits Data bias if particular groups either do not respond or refuse Terms of consent can limit uses and require further consent NATIONAL INFORMATION GOVERNANCE BOARD

12 NIGB Engaging with patients & public General – improving public understanding of use of personal and confidential information for research - transparency improves trust. Specific – improving individual studies through patient input Where S251 used to support research provides evidence of patient support for the study even without consent from individuals NATIONAL INFORMATION GOVERNANCE BOARD

13 NIGB Honest Brokers: E.g. Information Centre/Research Capability Programme To facilitate secondary uses of patient identifiable data in a safe and secure environment; To develop and use de-identification techniques to reduce the risk of disclosure; To facilitate contact with patients and the public on behalf of approved researchers in order to seek their consent to participate in research either directly or by allowing their personal data or tissue to be used. NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

14 NIGB Honest Brokers – criteria: Trusted authoritative source of information; Support purposes in the public interest (S251); Reduce the need for researchers access to identifiable information; Demonstrate capability in data quality, linkage and managing cohorts; Develop and use techniques in de-identification; Operate with robust Information Governance standards; Control data delivery via ensuring approvals and agreements are in place. NATIONAL INFORMATION GOVERNANCE BOARD FOR HEALTH AND SOCIAL CARE NATIONAL INFORMATION GOVERNANCE BOARD

15 NIGB Section 251 & the Health Service (Control of Patient Information) Regulations 2002 [SI 1438] permit the common law duty of confidentiality to be set aside for medical purposes where: - anonymised data cannot be used - and where consent is not practicable. Includes permission to identify relevant patients in order to obtain their consent These powers can only be used to improve patient care, or in the public interest. Permission to use these powers given by SoS via application to NIGB ECC NATIONAL INFORMATION GOVERNANCE BOARD Exemption from the duty of confidentiality

16 NIGB for ECC: Tel: NATIONAL INFORMATION GOVERNANCE BOARD

17 Legal requirements NIGB Legal requirements for processing confidential personal data Common law duty of Confidentiality Data Protection Act 1998Human Rights Act 1998 NATIONAL INFORMATION GOVERNANCE BOARD

18 Common Law of Confidentiality NIGB Information must be confidential in nature Information that is communicated in confidence as part of the relationship Confidentiality survives death May be limited by – Consent (Informed, with capacity, freely given) – Statute/Court order – Public interest favours disclosure See the NHS Confidentiality Code of Practice NATIONAL INFORMATION GOVERNANCE BOARD

19 Human Rights Act 1998 NIGB Right to privacy (Article 8) BUT breaches by the state may be justified provided they are necessary [for]…public safety… [or] the protection of health Disclosures must be proportionate based on the particular circumstances of individuals 3 tests considered – has there been interference with privacy? – is there justification? – is the justification proportionate to the breach? NATIONAL INFORMATION GOVERNANCE BOARD

20 Data Protection Act 1998 NIGB DPA defines personal data as data which relate to a living individual who can be identified from those data, or from those data and other information which is in the possession of, or is likely to come into the possession of the data controller… In other words if it is identifiable, its personal If data are effectively anonymised then they are no longer personal data and can be used without restriction. NATIONAL INFORMATION GOVERNANCE BOARD

21 Data Protection Act - 8 principles NIGB 1)Fairly and lawfully; 2)Obtained for specific purposes and only used for compatible purposes; 3)Adequate, relevant & not excessive; 4)Accurate; 5)Only kept for as long as necessary for the agreed purpose; 6)In accordance with the rights of the subject; 7)Kept securely; 8)Only transferred outside European Economic Area (EEA) with equivalent protections. NATIONAL INFORMATION GOVERNANCE BOARD

22 NIGB Section 33 provides exemptions for research: Further processing for research is to be regarded as a compatible purpose But this does not remove onus on NHS bodies to inform patients about the use for research purposes; And it only applies where research is a secondary purpose. Data can be kept indefinitely Exemption from subjects access rights NATIONAL INFORMATION GOVERNANCE BOARD Data Protection Act Research exemptions

23 Clinical Care team & Confidentiality NIGB EU Art 29 WP Opinion on EHRs 2007 WP 131 Art. 8(3) allows for processing of sensitive personal data by a health care professional where it is required for the purposes of preventive medicine, medical diagnosis, the provision of care or treatment or the management of health-care services [Section 6, page 10] NB. Medical research is not covered under the Directive. NATIONAL INFORMATION GOVERNANCE BOARD

24 De-identification NIGB When is anonymised data anonymous? Personal data data which relate to a living individual who can be identified from those data, or from those data and other information which is in the possession of, or is likely to come into the possession of the data controller… – i.e. combination of identifying data items or other information available which makes data identifiable and therefore personal. – To cease being personal data all means of identification should be removed prior to disclosure. NATIONAL INFORMATION GOVERNANCE BOARD

25 De-identifying data NIGB Sufficient identifiers should be removed or where they are needed encrypted so that they are machine readable but not human readable – still personal & confidential data. NB - This should be done before researcher receives it, where consent is absent. NATIONAL INFORMATION GOVERNANCE BOARD Strong Identifiers NHS number Date of Birth Date of Death Postcode Name Address GP practice code Other Identifiers Ethnicity Local patient identifier Other geographic identifiers – Local Authority area – PCT Gender

26 Is pseudonymised data anonymous? NIGB Pseudonymised data – data that has been coded so that it is not identifiable to the recipient but which can be linked longitudinally and across different sources if a common pseudonym is used. The pseudonymisation key must NOT be held by the receiving body, otherwise identifiable There remains a degree of risk as to the identity of some individuals, therefore still personal data but can be used with safeguards: – data disclosure / sharing contracts which require the recipient not to seek to identify individuals and not to disclose the data to 3rd parties. Apply pseudonymisation techniques & evaluate identifiability before release & withhold or redact. NATIONAL INFORMATION GOVERNANCE BOARD


Download ppt "NIGB International Data Sharing Conference Oxford Tuesday 21 st September 2010 National Information Governance Board Alan Doyle - Director Karen Thomson."

Similar presentations


Ads by Google