OxCCARE Information Governance Policy

Transcription

1 OxCCARE Information Governance Policy Introduction: This document is intended to act as a practical guide to information governance (IG) for all research, audit, quality improvement and service evaluation projects carried out under the umbrella of the Oxford Critical Care & Anaesthetics Research Enterprise (OxCCARE). It is vital in securing the cooperation of individual hospitals and trusts that any OxCCARE project follows good IG practices. A link to The Healthcare Quality Improvement Partnership HQIP guide An Information Governance Guide for Clinical Audit, can be found on the OxCCARE website. Nothing in this OxCCARE policy is intended to override the guidance provided in the HQIP document, and it is recommended that all project leads read it during the planning phases of a project. This OxCCARE guideline should contain sufficient information for individual hospital leads to abide by good IG principles and should be read by all hospital leads, and individual contributors to projects. In addition, it is a requirement of membership of OxCCARE that all members have read this Policy. OxCCARE would like to thank the Welsh Anaesthesia Audit, Research & Engagement Network (WAAREN) for sharing their information governance policy which this OxCCARE policy is based upon. Patient identifiable data: The HQIP guide provides the following advice on the handling of patient information: When planning a project, and deciding what data is to be collected the above principles must be taken into account. Further to this if patient identifiable information (rather than information about patients) is being stored there are far more stringent rules which must be followed, and as such it is always easier to design an audit to avoid storing such information wherever possible. Unfortunately it is difficult to pin down an absolute definition of patient identifiable data. Some things such as name, date of birth and hospital number are obvious; however combinations of other pieces of data could still allow identification of an individual. The HQIP guide provides the following useful definitions:

2 Practical aspects of data handling and security: The secure handling of data is vital to the ongoing success of OxCCARE projects. It is entirely reasonable to manage this in a wide variety of ways, however the method described below is intended to become a default for OxCCARE projects. Common adoption of this method should ensure that people quickly become familiar with practical aspects of performing data collection, aggregation and transfer, and minimise the risk of data security failure. If there are compelling reasons for different methods of data handling for individual projects these must be clearly specified and justified in the Project Data Governance Checklist when the project is submitted. In

3 such cases the suitability will be judged against the criteria set down in the HQIP document An Information Governance Guide for Clinical Audit Should you have suggestions for improvements to these procedures please contact the OxCCARE committee Problems with individual projects should first be directed to the project lead (please see the OxCCARE website for details of individual project leads) and if problems persist to the IT Lead (via the OxCCARE commmittee). Data handling at individual trust / hospital level: A paper pro-forma may be used for initial data collection, along with patient records if a retrospective project is being completed. The physical security of both of these must be ensured at all times, ideally by being kept in an office that is locked when vacated. Microsoft excel spreadsheets should be used to store all electronic records, and a blank template spreadsheet will be distributed by the project lead. Spreadsheets should be password projected, which can be achieved by clicking the options button in the Save as dialogue box. The password to be used must be agreed ahead of time by the project lead. This spreadsheet should only be stored on the trust network, using the network storage provided with each users login. This ensures both that it is backed up, and that access is restricted. Some trusts encrypt memory sticks for staff, if this is the case these may be used to transfer the spreadsheet so that it can be used on computers which are not logged on with the individuals account, however such data should still not be taken home. It is assumed that most projects will not require patient follow-up once the data has been collected. As such it should only be necessary to identify each record with a sequential identity number in the spreadsheet. Should there be a requirement to re-trace data then two independent spreadsheets should be kept. The first would have the clinical audit data with the sequential identifier, and the second would relate this sequential identifier to the hospital / NHS identifier. This second file would then never leave the local hospitals IT network. Data collation by project lead: All data transfer between Health boards should be electronic only. This can safely be achieved by the use of addresses exclusively inside the NHS network, i.e. s of the Under no circumstances is data to be transferred in any other way i.e. using non-nhs addresses or using physical data media e.g. memory sticks, even if these are encrypted. For the duration of the project all s should be kept in a dedicated folder owned by the project lead to act as a record of the data transfers that have taken place. Any other tools used to collate or process data e.g. SPSS or Microsoft Access should have their data stored using the same methods described above. Presenting of results between different trusts: When projects are completed it is anticipated that data will be presented outside individual health boards / hospitals (organisations), and also at internal hospital audit meetings. Outside of individual organisations, data should generally presented aggregated across all the organisations involved. Should there be a compelling reason to present data comparing organisations e.g. to present inter-organisation variability, then this must be made clear in the

4 initial project proposal document so each organisation can take a view on this. In such cases every effort must be made to prevent identification of an individual organisation, however it must be recognsied that the nature of different workloads of different organisations may still make individual units identifiable by virtue of some data points. Each hospital project lead may wish to present their individual organisation s results at a local meeting. In such a case the project lead must provide the individual with both their own organisations data, and the data aggregated across all the organisations involved in the project. Such comparison data should not be shared with anyone outside of the organisation in question. Storage of data once a project is completed: Once a project is completed all data relating to that project should be stored as advised by the HQIP IG policy; that is to say for a five year period. It is suggested that each organisation involved use the Anaesthetic departments shared network storage area, in which they create a folder dedicated to OxCCARE projects. The project lead should store the aggregated data in the department shared network storage area of the department in which they are working at the time. All data in personal network folders (and if applicable on encrypted memory sticks) should then be deleted. At the end of the five year period, it is expected that the OxCCARE hospital lead for each hospital will then delete any data. OXCCARE will keep a record of projects and remind the hospital lead when this period has expired. Breach of Information Governance Standards If any participant in a project is concerned that the IG standards set out here, and in the HQIP guide are not being followed it is vital that these concerns are communicated to the OxCCARE committee. The first point of contact should be the information technology lead, who can then raise concerns with the committee. All communications will be dealt with in confidence. In the event of any loss of data or breach of data security it is vital that the OxCCARE committee are informed at the earliest possible opportunity. A decision will then be taken by the committee on how to proceed. The committee retains the right to withdraw membership from anyone breaching IG standards. Projects that breach IG standards may be cancelled with no prior warning.

5 Appendix 1 Project Data Governance Checklist Please confirm that you agree to the following information governance principles: If you are completing a project, then it will be registered with each participating trusts clinical audit team or discussed with the anaesthetic audit lead in that trust. Will you remind all of the hospital leads, and anyone else with access to the project data of their information governance responsibilities (all OxCCARE members and leads should have read this document) Comments: With respect to the data you will collect: Please state the goal of the project: What data will you collect to achieve this? If the reason for a given data item is not evident from the stated goal please explain the reason for collecting it: Will it be necessary to trace back any patients after initial data collection? If so please confirm how data will be anonymised / pseudonymised (see main document): NB - If any of the above data is patient identifiable (see section in main document), then you will need to gain consent from the Caldicott Guardian / IG lead from each trust.

6 Data handling and Security: It is assumed that you will follow the principles described in the data handling section of the OxCCARE information governance policy. If you plan to do so, please simply state OxCCARE IG v1.1 in the fields below. How will electronic or paper data be stored inside individual trusts / hospitals? How will electronic or paper data be transferred for collation by the project lead? How will electronic or paper data be stored by the project lead? What records will be kept of data transfers? How long will the data be kept after completion of the audit?