Data watchdog 'not advocating' SystmOne GPs stop record sharing

The UK's information commissioner has decided against advising 2,700 GP practices using the SystmOne IT system to switch off a patient record sharing function despite 'data compliance concerns'.

BMA guidance published this week, however, warns that practices using the IT system's 'enhanced data sharing model (eDSM) 'cannot do nothing', warning that concerns about SystmOne have 'serious implications'.

A statement published on the website of the Information Commissioner's Office (ICO) says: 'The ICO has data protection compliance concerns about SystmOne’s enhanced data sharing function and the potential risk to patients’ medical records held by GPs.

'However, given the possible impact to patient care, the ICO is not advocating that users switch off data sharing at this stage.

Patient records

'The ICO’s concerns are centred on the fair and lawful processing of patient data on the system and ensuring adequate security of the patient data on the system. We continue to work closely with TPP, NHS Digital and NHS England and have seen an initial plan that they have put forward. This includes initial steps they are taking to remedy these issues and further work is planned.'

The BMA guidance says: 'This has serious implications for GPs as data controllers - patients could complain that their records are accessible by people and organisations who should not be able to do so and it is likely that a court action in support of a complaint would succeed.'

According to the BMA guidance, patient records at any practice with the eDSM function enabled would have been accessible from any of 6,600 NHS organisations across England, including facilities such as hospitals, care homes and prisons.

It warns that GP practices sharing information through the IT system are not able to specify which organisations they share with. The BMA also highlights concerns about an 'override' mechanism that allows organisations to see patient data without consent, although the mechanism triggers a warning to practices if this override has been used.

BMA advice

The BMA says it cannot advise practices on whether to switch off record sharing, but its guidance says: 'What is clear is that practices cannot do nothing.

'They can reduce risk by ensuring a robust system is in place that enables patients to be fully informed about the [TPP SystmOne] sharing model with sharing remaining on, or abolish future risk by turning sharing off whilst still informing, with the intention of turning it back on at some point in the future.'

A statement published by SystemOne supplier TPP says: 'The SystmOne enhanced data sharing model (eDSM) is designed to facilitate safe and secure information sharing between health and social care organisations on a national scale for use in direct patient care. It enables patients to have greater control over their own records. One of the key advantages of SystmOne is that it has a full electronic audit trail within the system to ensure all activity is traceable.

'The DH strategy is that patients’ records should be accessible to health and care providers, when needed, at the point of care. TPP supports this policy and is uniquely capable of delivering technology to facilitate this. Our technology has allowed doctors to improve the patient care they deliver and we have examples of where it has saved the lives of people across the country.

'The model was assured in 2012 under a national framework, and was given approval for roll out to organisations using SystmOne across the country. We passionately believe that this is the best sharing model for everyone – providing the best care to all of our families and especially those who are elderly and vulnerable.'

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins


Already registered?

Sign in