h e a h a e h o u b o u n d a e

pyknicassortedΑσφάλεια

3 Νοε 2013 (πριν από 3 χρόνια και 10 μήνες)

75 εμφανίσεις



Title:
IF1443 Web GP data sharing security FAQs



Controlled document page
1

of
5

Saved as:
pyknicassorted_d37b9838
-
41d4
-
4fe1
-
a647
-
ff66b8ff6187.doc



Version 7: 4 May 2010

© Copyright Egton Medical Information Systems Lim
ited

healthcare

without

boundaries

EMIS Web

& GPES

frequently asked questions

How does EMIS Web work?

All patient data entered on your EMIS LV or EMIS PCS system is encrypted and sent
electronically over the NHS N3 broadband network to the EMIS Web system, hosted in the
secure EMIS data

centre.

There are therefore two copies of your patient database:



Local or Enterprise copy



EMIS Web copy

How secure is the EMIS Web data?

The three widely accepted elements of information security are:



Confidentiality



Integrity



Availability

The following sections describ
e how EMIS Web deals with each of these elements.

Confidentiality



Data is transmitted across the NHS N3 network and is encrypted (scrambled) in
transit.



Data is
stored in the EMIS data centres. These centres are fully accredited to the
ISO
27001

informatio
n security standard, and all EMIS data storage and management
procedures and processes adhere to the rigorous
ISO 27001

standards.




EMIS will not grant anyone access to patient records. The local organisation (for
example, the GP practice or community team
) controls access to records.



A patient must give consent for their data to be shared with other organisations. There
are two types of patient consent; prior and point of contact consent. Point of contact
consent means users in organisations providing epis
odic care (such as A&E, OOH
etc) are prompted to confirm patient consent to view the shared record when they
access a patient’s care record. All viewing of the record is recorded in the system
audit trail



By default, only users in the organisation that own

a record can view that record.



Subject to mutual agreement, organisations can share records with each other when
providing care for the same patient.



Organisations can use confidentiality policies to restrict the viewing of and access to a
patient record,

or to individual items within a record.



Title:
IF1443 Web GP data sharing security FAQs



Controlled document page
2

of
5

Saved as:
pyknicassorted_d37b9838
-
41d4
-
4fe1
-
a647
-
ff66b8ff6187.doc

Version 7: 4 May 2010

© Copyright Egton Medical Information Systems Limited

healthcare

without

boundaries



Primary
care organisations (for example, primary care trusts or health boards) can
only run a search on an organisation, if an active sharing agreement is in place.
Search results

can be anonymised.

Integrity



The sa
me information is stored both on EMIS LV or EMIS PCS and on EMIS Web, so
there is no loss of information when using both systems.



EMIS has established rigorous quality assurance procedures to ensure that data
stored on EMIS Web is identical to that stored
on EMIS LV and EMIS PCS.



All coded clinical data is stored in both the current format of Read codes (Version
2)/EMIS drug codes and the equivalent identifiers of SNOMED CT/dm+d format within
EMIS Web.



Advanced messaging technology ensures that patient reco
rds both on EMIS LV or
EMIS PCS and on EMIS Web are kept synchronised.



If either EMIS Web or the local system fails, then the other system is still available.
When the failed system is restored, the messaging technology ensures that the
restored system is
subsequently synchronised.



Malicious access to the EMIS Web server farm is prevented by firewalls, which ensure
that only the organisation that owns the record can access the data.



EMIS Web servers are connected to the NHS N3 network, not to the Internet.

Availability



EMIS Web is designed to ensure rapid loading of pages when the system is in use.
EMIS is committed to making EMIS Web at least as fast and easy to use as EMIS LV
and EMIS PCS.



EMIS Web servers are acce
ssible on N3 data centre links.



The availa
bility of the local EMIS LV or EMIS PCS

Lan

system means that if the N3
link to a practice is unavailable, the organisation still has access to patient records.




To ensure business c
ontinuity, the EMIS data centre
oper
ates from

different telephone
exchange
s. This eliminates a single point of failure, for example, in the event of a
system failure at one exchange.




EMIS has its own mega
-
watt electricity substation and generator, which not only
provides power to the main EMIS SAN location, but also enables EMI
S to provide full
services in the event of a local power failure. The substation also includes a backup
generator which can power our main site in the event of longer term power failure.



Secure EMIS hosting locations are equipped with full biometric securi
ty (for example,
fingerprint recognition) to restrict access.



Title:
IF1443 Web GP data sharing security FAQs



Controlled document page
3

of
5

Saved as:
pyknicassorted_d37b9838
-
41d4
-
4fe1
-
a647
-
ff66b8ff6187.doc

Version 7: 4 May 2010

© Copyright Egton Medical Information Systems Limited

healthcare

without

boundaries

Can individual patients opt out of EMIS Web?

Currently if a practice agrees to stream their data to EMIS Web all patient records must
be streamed.


This means that the patient records will be he
ld in the EMIS Web data
centre as well as the on site server.


It does not mean that any other organisation can
view that patient's record in EMIS Web

other than the GP practice they are registered at;
individual patients can opt out of sharing their recor
d with other organisations.

EMIS understands that a few patients may have reservations about their data being held in a
remote environment, but this has not been an issue with existing EMIS PCS Enterprise
systems. EMIS considers the EMIS Web care record to

be an extension of the data already
held on the current clinical system, but offering greater security and functionality and enabling
integrated healthcare.

Who else can access patients’ records on EMIS Web?

Organisations control access to their own patie
nt records. In the future, with the consent of
the organisation, patients themselves will be able to control aspects of access. EMIS does
not and will not give access to patient records to any other organisation.

If an organisation gives consent, clinician
s from other organisations involved in the care of a
patient can access the information they need to provide that care. Organisations can give
access consent for an individual patient, or for all patients on the organisation’s caseload.
Consent is specific

to the organisation requesting access, and is not blanket consent for
sharing information.

What is the difference between EMIS Web and the NHS
Care Record Service (‘the Spine’)?

EMIS Web contains individual patient records for each organisation looking af
ter that patient;
there is no overarching ‘patient record’. Access to the record is therefore under the control of
the organisation.

The content of a record is also relevant to and defined by the organisation: for example, a GP
record may be very different

to a speech therapy record. The crucial element of EMIS Web is
that if the speech therapist wants to share all or part of a record with the GP, they can do so.
On EMIS Web there is no blanket consent for sharing, unless explicitly specified for an
individ
ual patient.

Role
-
based access control operates on both EMIS Web and the NCRS Spine.

What effect will streaming our data have on our daily
processes IT systems

and N3 connection
?

The streaming of your data to EMIS Web should not have any effect on your IT
systems or
daily processes at all. The bulking of the data is done overnight so it should not use up any
significant bandwidth on your N3 connection and there is no effect on your clinical server.

.
Large backlogs can cause temporary performance issues on
the N3 connection but this is
rare and the effect is very limited due to polling speed.




Title:
IF1443 Web GP data sharing security FAQs



Controlled document page
4

of
5

Saved as:
pyknicassorted_d37b9838
-
41d4
-
4fe1
-
a647
-
ff66b8ff6187.doc

Version 7: 4 May 2010

© Copyright Egton Medical Information Systems Limited

healthcare

without

boundaries

Does data streaming mean we have to use EMIS Web as
our clinical system?

No, there is no presumption that you will move to EMIS Web. EMIS have not taken this
approach
for any other reason than it is the only way to make GPES work. You can still
continue to use EMIS LV or PCS as your main clinical system.

GPES Queries

What data is the GPES Business Unit proposing to
extract?

GPES will be capable of obtaining information
held by GP Practices across England for
specific and approved purposes whilst ensuring patient confidentiality and privacy.

The GPES Business Unit will provide the centralised development and scheduling of
extractions for its prospective customers, all of
whom will have a Department of Health
sponsor. The service is being designed to minimise the workload on GP Practice resources
for the extraction process itself. Specific customer data extract requirements will vary on a
case
-
by
-
case basis, and the details

of all customer requirements that proceed to extraction
will be published on the HSCIC website.

Is there an option to opt out completely?

There will be one general choice, supported by a data processing agreement between GPES
and the practice: the practic
e will be asked to choose whether or not practice data may, in
general, be extracted for queries outputting "effectively anonymised" data.


Practices will not be given a general choice to opt in or out of all queries that extract patient
identifiable data;

they will be informed about each such query and asked to choose on a
query
-
by
-
query basis.

Where no response is received from a practice about the general choice above, or about a
particular query, GPES will assume “no” and will not extract data.

GPES wil
l always respect practice choices about access to practice data. It is expected that
all practices will agree to certain essential extracts such as QOF (which is a planned GPES
query). From April 2013 onwards the only way to for GP practices to submit QOF
data
electronically will be via GPES.

What are the ramifications of not streaming or
consenting to the extraction? How will QOF payments be
received?

GP practices that do not consent to the extraction of QOF data via GPES may have to submit
their QOF retur
ns manually from April 2013.

The QOF element of the GP contract is currently calculated by the Quality Management and
Analysis System (QMAS). The Department of Health is



Title:
IF1443 Web GP data sharing security FAQs



Controlled document page
5

of
5

Saved as:
pyknicassorted_d37b9838
-
41d4
-
4fe1
-
a647
-
ff66b8ff6187.doc

Version 7: 4 May 2010

© Copyright Egton Medical Information Systems Limited

healthcare

without

boundaries

looking to introduce a new process for making QOF payments, which will see the
establi
shment of the Calculating Quality Reporting Service (CQRS).

GPES will be part of this new QOF process. It will extract data from GP clinical systems and
supply this information to CQRS in order to support payments to GPs, but GPES will not
calculate those
payments or make those payments.

More information regarding CQRS is available here
http://www.connectingforhealth.nhs.uk/systemsandservices/gpsupport


Will extracted data al
ways be anonymised?

The minimum data necessary for the purpose will be extracted. Normally, data extracted will
be anonymised (ie so that it does not identify individual patients). Where data that could
identify patients is requested, it will only be relea
sed where there is a legal basis for
disclosure, such as explicit patient consent.

We are committed to protecting sensitive information and have established Information
Governance Principles that have been approved by the National Information Governance
Bo
ard and also by the Medical Ethics Committees of the British Medical Association and the
Royal College of GPs. These are available on the HSCIC’s website:
http://www.ic.nhs.uk/webfiles/Services/in%20development/gpes/GPESIGPrinciples0312.pdf


Can individual patients opt out of the extraction?

SNOMED CT and Read Codes are being created to enable a marker to be placed in a
patient’s record to indicate that the
y wish to be excluded from disclosures of identifiable
information for purposes other than direct care (be they by GPES or other mechanisms).
More information about this will be released by GPES in due course.

Is the data extracted the equivalent to the da
ta currently
uploaded to QMAS?

Yes. GPES will be the route for collecting all data required for making QOF related payments
that are coded in GP systems

No part of this document may be sold, hired, reproduced or transmitted in any form or by any means,
ele
ctronic or mechanical, including photocopying, recording and information storage and retrieval systems for
any other purpose than the purchaser’s use without the express written permission of EMIS.

Every effort is
made to ensure that your EMIS documentatio
n is up to date, but our commitment to constantly improve our
software and systems means that there may have been changes since this document was produced.




EMIS i
s a trading name of Egton Medical
Information Systems Limited.

Registered in England. No

2117205.
Registered Office: Fulford Grange,
Micklefield Lane, Rawdon, Leeds LS19 6BA

call:
0845 122 2333

visit:
www.emis
-
online.com

email:
support@e
-
mis
.com