01.08.14
Delivering transparency with patient data – Q&A with Max Jones
Source: National Health Executive July/Aug 2014
Max Jones, director of information and data services at HSCIC, discusses how his organisation is taking steps to improve data transparency and security.
Following a review of information released by the Health and Social Care Information Centre’s (HSCIC) predecessor, the NHS Information Centre (NHS IC), it was concluded that there were significant ‘administrative lapses’ in recording the release of data.
Sir Nick Partridge, the HSCIC non-executive director who led the review, also found that in some cases the decision making process was unclear and records of decisions incomplete.
He stated that this was completely unacceptable and has made a series of recommendations to the HSCIC Board, which have all been accepted.
In particular, Sir Nick has called for the HSCIC to develop one clear, simple, efficient and transparent process for the management of all data releases; and that it implements a robust audit function, which will enable ongoing scrutiny of how data is being used, stored and deleted by those receiving it.
NHE caught up with Max Jones, director of information and data services at HSCIC, to see how the work is progressing.
Q) What are the main lessons HSCIC has learnt from Sir Nick’s report?
“One key lesson is that providing more transparency, explaining to the public what we are doing with their data and the potential benefits and the safeguards around it are an essential part of the process of change.
“While the administrative lapses laid out in Sir Nick’s report occurred under another organisation, it is the HSCIC’s responsibility to address them. Our new CEO, Andy Williams, has set out a series of actions that will enable us to build a more transparent organisation with more robust processes and build public confidence.”
Q) How will you ensure greater transparency?
“The HSCIC has accepted all of the recommendations made by Sir Nick and we’ve got a significant programme of work to ensure greater openness and deliver reassurance to the public.
“These include a new end-to-end data service to ensure all activity around data sharing is centrally logged, monitored and audited. As part of this all data recipients with a live agreement will be required to reapply through the new applications process.
“We will also make sure patients and public representatives are part of the new membership of our data oversight committee, the Data Access Advisory Group (DAAG). HSCIC will be taking on new responsibilities to oversee NHS data security across the whole health and social care sector, to ensure best practice is followed and the most up-to-date technology is employed to protect patients’ data.”
Q) The new, strengthened audit function – how will this work and be monitored?
“The first audits will take place in August. We are also in the process of recruiting further specialist resources. The team will audit data recipients to check that they are handling and processing data in accordance with the obligations contained in the data sharing agreement.”
Q) What is HSCIC doing to bring clarity on an individual’s right to object to their data flowing to or from the organisation?
“One of the first steps in this programme of communication took place recently on 21 July when we held a public meeting to discuss work we are undertaking to ensure patient data is safe and used responsibly for the benefit of the health and social care system.
“This is the first of a series of meetings planned. The meeting was well attended with representatives including members of patient groups, information governance experts and privacy campaigners. We will be reflecting on the key themes raised and providing a response to those themes in the next four weeks. We will also be providing further information on our website including the ongoing registers of data releases.”
Q) How is work progressing on developing a new ‘data laboratory’ service to protect the public’s information?
“We are in the initial stages of developing this project, but it has great potential for ensuring that the benefits of analysis and research can be gained at a lower risk to confidentiality. The first step will be a broad requirements gathering exercise with key stakeholders and customers.”
Q) When does HSCIC hope to have all its initiatives in place? And what do you hope will be the overall outcome?
“Many of the initiatives will be delivered this year. However, some of the larger initiatives, e.g. data labs, could clearly take longer to deliver.
“The overall outcome is an increased public confidence in the storage and use of their NHS and Social Care records, whilst ensuring the maximum benefit can be realised by researchers and others who can use this information to benefit health and social care.”
Tell us what you think – have your say below or email [email protected]