Data Management Policy
DATA MANAGEMENT POLICY
This policy describes the data that we hold about patients, how we hold it, how we protect it, how we use and process it (including what patients need to be provided with) and how we transfer it (if necessary).
There are certain legislative requirements for every organisation to hold information. Information about this is provided below.
• The Practice complies with the eight data protection principles under the Data Protection Act 1998 in its processing of personal data in that such data is:
o fairly and lawfully processed
o processed for limited purposes
o adequate, relevant and not excessive
o accurate and up to date
o not kept for longer than is necessary
o processed in line with patients’ rights
o not transferred to other countries without adequate protection
• The practice is registered with the Information Commissioner
o Registration No.
o Security No.
• The practice has an up to date Freedom of Information Act statement and this is available to patients
• A practice policy notice on handling patient data is available to patients (See appendix below)
• David Bridle is responsible for procedures relating to confidentiality and data management.
What information we hold and how we hold it
• Patient records are held in a variety of formats:
• Paper records for sight test and contact lens clinical records.
• Paper records are used for spectacle prescription and dispensing information
• Clinical information, Spectacle prescription and dispensing information is held in the practice management software.
• Recall dates are held in the practice management software.
• Photographic information (retinal and anterior segment) is held in the imaging software.
• Visual Field records may be held as paper, as data in the VF software or as images within the imaging software and practice management system.
How we protect this information
• All practice staff have a confidentiality clause within their contracts.
• All personal information contained on practice records, whether paper or electronic, is considered confidential.
• No personal information is discussed with anyone other than the patient or their parent or guardian (except where Gillick competency applies) without the patient’s permission.
• Care is taken that records are not seen by other people in the practice
• All staff are aware of the importance of ensuring and maintaining the confidentiality of patients’ personal data and that such data must be processed and stored in a secure manner.
• All electronic data is protected by suitable back-up. When computers are replaced, old hard drives are securely erased or physically destroyed.
• Records are retained for periods as agreed by the optical bodies.
(See record retention policy below).
• Confidential paper information requiring destruction is shredded.
• Records due for destruction are shredded.
• We have an IT security policy regarding specific access to electronic information (See IT security policy below)
• If the need arises to transfer information we have procedures that include consent and secure transfer (See section on how we transfer personal data below)
• Any suspected breaches of security or loss of information are reported immediately and are dealt with appropriately by the person responsibility for confidentiality and data management.
• Paper records are kept secure and away from access by the public.
How we use and process the information we hold
To discharge our legal and contractual duties:
• Patients are given a copy of their spectacle prescription immediately following their sight test.
• If a patient is referred, they are given a written statement that they are being referred, with a reason [e.g. “cataract” written on the GOS2 or similar private form]. They are also offered a copy of the referral letter.
• Patients are given a copy of their contact lens specification on completion of the fitting process.
• Staff assisting in the provision of GOS are appropriately trained, and supervised for the tasks that they undertake.
We may also use the information we hold about patients to remind them when they are due for checkups and we may send them eye care and eyewear information.
How we transfer personal data
We always transfer personal information (data) in a secure manner.
We seek permission before transferring personal information except in some cases where it is to another healthcare professional responsible for patient care and who needs that information to assist in patient care or where we are legally required not to.
See Policy & procedures on:
• Patient consent to the provision of information (see appendix below)
• Handling requests for Rx and clinical information (see appendix below)
• Transferring Patient Identifiable Data (see appendix below)
The practice displays the following as a part of the information poster in the waiting room:
Information - we keep records of our information about you as a mixture of paper and/or computer records. Everyone in the practice is aware of the confidential nature of these records and will only use or release this information in accordance with the law. You will need to provide us with your consent if you wish us to pass your information to another optometrist. If you are an NHS patient, the NHS may ask to see the portion of your record that relates to NHS services provided. Such information will only be given to the NHS in strictest confidence. You are entitled to a copy of your records, although there may be an administrative charge. If you wish to see your records, please ask David Bridle and we will respond as quickly as possible and in any case are required to do so within 40 days. If you require independent advice, contact the Information Commissioners Office at www.ico.gov.uk
Data Backup Policy
• Mirrored hard drives for business continuity
• Regular backups to:
o USB memory sticks
o External hard drives
• This policy applies to the following:
o Spectacle records
o Contact lens records
o Appointment diaries
• All records are retained for 10 years from the date of last seeing the patient.
• Records of children are retained until they are 25 AND it is 10 years since they were last seen.
• Records of the deceased are kept for 10 years.
• Records are destroyed by shredding.
Age at last test Time to retain record
Age 5 Until age 25
Age 10 Until age 25
Age 17 Until age 27
Over 18 For 10 years
IT SECURITY POLICY
• When computers are replaced, old hard drives are securely erased or physically destroyed.
• All electronic data is protected by suitable back-up procedures and any off-site storage uses a service which encrypts the data securely before transmitting it from the practice PC. (See also our separate data backup policy)
• Patient identifiable or sensitive data is password protected for access as appropriate to the level of security required for staff members.
• PCs in public areas are protected from access by the public – e.g. by the use of password protected screensavers that enact after short periods or screen blanking software that requires a password for access.
• Wireless networks are protected from unauthorised access by:
• Encryption keys
• Access control – access restricted to specific PCs
• Laptop computers do not contain unnecessary patient identifiable data and are password protected
• Any data (e.g. backups) taken offsite is kept secure (password protected or not left unattended and/or locked away)
Patient consent to the provision of information
I request that you provide Bridle Opticians with the following information:
Signed . . . . . . . . . . . . . . . . . . . . . . . . .
Handling requests for Rx and clinical information
Spectacle Prescription (Spec Rx) or Contact Lens Specification
Where a patient requests a copy of their own, or their child’s spectacle prescription or contact lens specification this should be provided. It should be double checked for accuracy and signed by an optometrist. Such information may be collected or posted or faxed to the patient. It may also be emailed to their personal email address if they so request.
Contact Lens Specification
Where a 3rd party supplier requests the verification of a contact lens specification they should provide the following details:
• Patient’s full name and address
• Full specification including parameters and power of the lenses
• An expiry date of the specification
• The name or registration number of the person signing the specification
The answer can only be yes or no; the details are correct or not. If the details are not correct, further information must not be supplied without the explicit consent of the patient. In that event the supplier should be told that a copy of the specification, with all the correct details, will be posted to the patient. The request, and the result, should be noted on the patient’s record.
Requests from another optometrist for spec Rx information
In all cases you should be satisfied that the patient has consented to the transfer of the information. That may be obvious and implicit “the patient is on holiday elsewhere and has broken their glasses”, but if not, ask to speak to the patient or for a signed consent to be faxed to us. The request should be noted on the patient’s record.
Requests from another optometrist for clinical information
The optometrist should satisfy themselves that the request is for the clinical and health benefit of the patient and should conduct the phone conversation and provide the information themselves. They should also be satisfied that the patient has consented to the transfer of information.
Requests by us for clinical or spec Rx information.
These requests will be made by the optometrist personally. A signed consent should be held in case this is requested by the other party. If the information is not urgent the request may be made in writing using the form in Appendix 1.
Transferring Patient Identifiable Data
Patient data may be communicated in the following ways:
By ordinary 1st or 2nd class post
This will be in a sealed envelope
This will be to a safe haven fax where possible.
The cover sheet will state:
This fax contains proprietary confidential information some or all of which may be legally privileged and or subject to the provisions of privacy legislation. It is intended solely for the addressee. If you are not the intended recipient, you must not read, use, disclose, copy, print or disseminate the information contained within this fax. Please notify the author immediately by replying to this fax and then destroy the fax.
Wherever possible patient identifiable data tis transferred using nhs.net at both ends providing a more secure facility, where this is not possible the following will apply:
Patient consent is required for sending data that can identify an patient except where both sender and recipient have NHS emails ending in @nhs.net.
Emails will carry a message stating:
This e-mail contains proprietary confidential information some or all of which may be legally privileged and or subject to the provisions of privacy legislation. It is intended solely for the addressee. If you are not the intended recipient, you must not read, use, disclose, copy, print or disseminate the information contained within this e-mail. Please notify the author immediately by replying to this e-mail and then delete the e-mail.
With care that confidentiality is maintained
The recipient of the information is identified
A note is made on the record.
Information that could result in errors will be communicated in writing where possible
Using digital media
For instance, CDs, DVDs, USB memory sticks, portable hard drives.
• No unecessary patient identifiable data is committed to, or retained on, portable media.
• These are hand delivered
• These are not left unattended
• Where possible information is held in encrypted folders