PDS access requires ‘business reason’

News

  • 20 October 2009
Fiona Barr
December 1, 2016

Staff accessing the Personal Demographics Service must have an appropriate ‘business reason’ for doing so, but need not have a legitimate relationship with a patient, according to NHS Connecting for Health.

The Department of Health’s IT agency has published new guidance on managing access to the PDS, which sets out rules for access and the action that local health communities should take if NHS staff, GPs or GP practice staff inappropriately view a patient’s demographic information.

The guidance states that only those who have a genuine ‘need to know’ should be able to access a patient’s demographic information, and then only when it is reasonable to believe that the person concerned would not object or has been asked for their permission.

CfH said NHS staff can search for and view information on the PDS without having a legitimate relationship recording on the system because ‘legitimate relationships’ applied to clinical information and no clinical data was stored on the PDS.

It said a ‘legitimate relationship’ meant a person was working in a team involved in a patient care, whereas others might have justifiable reasons for accessing the PDS. As an example, it cited a receptionist in an out-of-hours centre booking a patient into a local system.

Staff must have a justifiable ‘business reason’ to access the patient’s demographic information to perform their role.

Patients in sensitive or vulnerable positions – such as victims of domestic abuse or people in the public eye – can have their information on the PDS flagged as sensitive, known as ‘s-flagging.

This means the PDS will not return any of the patient’s contact details or other information that could be used to determine their location.

CfH said it was possible to see who had accessed a patient’s information on the PDS, but not through which programme they had accessed it.

It said GPs should exercise due care in their own use of the system and ensure their own staff do not access the PDS inappropriately.

It said local communities can monitor access to the PDS by requesting a report on who has accessed a patient’s demographic information or a report showing which records have been accessed by an individual.

If inappropriate access is discovered sanctions could include criminal prosecution under the Data Protection Act, civil action for breach of confidentiality, disciplinary action under terms of employment and action by the General Medical Council for breach of confidentiality.

Read more: More details are available in our Comment and Analysis, written by CfH Caldicott Guardian Dr Maureen Baker.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Prev News

EPR: the drama

Next News

Lorenzo R1.9 to debut at EHI event

Related News

Digital Health Coffee Time Briefing ☕
News July 9, 2024

Digital Health Coffee Time Briefing ☕

Today's edition includes GOSH using AI to help identify Parkinson's Disease and a look at the challenges of evaluating digital health tech.
Babylon files for liquidation in US Bankruptcy Court
News August 21, 2023

Babylon files for liquidation in US Bankruptcy Court

Babylon Health has filed for bankruptcy for two US subsidiaries, Forbes has reported, citing filings in the US Bankruptcy Court in Delaware.
Accurx launches Accumail to improve cross-care communication
Digital Transformation May 18, 2023

Accurx launches Accumail to improve cross-care communication

Accurx has launched its free Accumail feature nationally to primary care users in order to help GPs communicate more easily with other professionals.