Staff accessing the Personal Demographics Service must have an appropriate ‘business reason’ for doing so, but need not have a legitimate relationship with a patient, according to NHS Connecting for Health.

The Department of Health’s IT agency has published new guidance on managing access to the PDS, which sets out rules for access and the action that local health communities should take if NHS staff, GPs or GP practice staff inappropriately view a patient’s demographic information.

The guidance states that only those who have a genuine ‘need to know’ should be able to access a patient’s demographic information, and then only when it is reasonable to believe that the person concerned would not object or has been asked for their permission.

CfH said NHS staff can search for and view information on the PDS without having a legitimate relationship recording on the system because ‘legitimate relationships’ applied to clinical information and no clinical data was stored on the PDS.

It said a ‘legitimate relationship’ meant a person was working in a team involved in a patient care, whereas others might have justifiable reasons for accessing the PDS. As an example, it cited a receptionist in an out-of-hours centre booking a patient into a local system.

Staff must have a justifiable ‘business reason’ to access the patient’s demographic information to perform their role.

Patients in sensitive or vulnerable positions – such as victims of domestic abuse or people in the public eye – can have their information on the PDS flagged as sensitive, known as ‘s-flagging.

This means the PDS will not return any of the patient’s contact details or other information that could be used to determine their location.

CfH said it was possible to see who had accessed a patient’s information on the PDS, but not through which programme they had accessed it.

It said GPs should exercise due care in their own use of the system and ensure their own staff do not access the PDS inappropriately.

It said local communities can monitor access to the PDS by requesting a report on who has accessed a patient’s demographic information or a report showing which records have been accessed by an individual.

If inappropriate access is discovered sanctions could include criminal prosecution under the Data Protection Act, civil action for breach of confidentiality, disciplinary action under terms of employment and action by the General Medical Council for breach of confidentiality.

Read more: More details are available in our Comment and Analysis, written by CfH Caldicott Guardian Dr Maureen Baker.