scope · web view2020-01-16 · corporate governance. patient advice and liaison service (pals)...

Information Lifecycle and Data

Quality Protocol

Policy Title / Reference

Author Owner

Information Lifecycle and Data Quality Protocol

Emma Cooper, Cluster DPO (Kafico)

Practice Manager

Version Revision author Version comments1 Emma Cooper, Kafico

LtdJan 18 New Draft

1.1 Emma Cooper, Kafico Ltd

Jan 2019 Replaced 1998 DPA with 2018 Act. Replaced GDPR with “data protection legislation”.

1.2 Paul Cook, DPO Nov 2019 Taken over DPO service and reviewed policies

Contents1. Scope..............................................................................................................2

2. Definitions.......................................................................................................2

3. Introduction.....................................................................................................2

4. Statutory Mandatory Framework.....................................................................2

5. Accountable Parties.........................................................................................3

6. What Information is Covered?.........................................................................3

7. What is a Record?............................................................................................4

8. Creation...........................................................................................................4

9. Using / Storage................................................................................................5

10. Retention......................................................................................................6

11. Destruction...................................................................................................6

12. General Practitioner Records........................................................................7

13. Change of Contract / Service Provider..........................................................7

14. National Data Standards..............................................................................8

15. NHS Number.................................................................................................8

16. Accuracy and Quality...................................................................................8

17. Information Incidents...................................................................................9

18. Associated Protocols..................................................................................10

19. Audit Schedule...........................................................................................10

20. Review........................................................................................................10

Appendix A: AoMRC Standards for Medical Records............................................11

1. ScopeThis protocol applies to all staff working at Bildeston Health Centre.

2. DefinitionsPersonal Confidential Information This term is intended to cover information

captured by the Data Protection Act 2018 / GDPR (identifiable information about the living), information covered by the Common Law Duty of Confidence / Tort of Misuse of Private Information and finally, information covered by Article 8 European Convention for Human Rights.

3. IntroductionThis protocol intends to support staff in recognising records and appropriate management of the records lifecycle and to encourage data quality across the organisation.

4. Statutory Mandatory FrameworkRecords of NHS organisations are public records in accordance with Schedule 1 of the Public Records Act 1958. This includes records controlled by NHS organisations under contractual or other joint arrangements, or as inherited legacy records of defunct NHS organisations. This applies regardless of the records format.

Effective records management allows organisations to comply with their legal obligations in respect to transparency and privacy. Being able to locate and rely on records of operations and processing of Personal Confidential Information allows the organisation to be accountable and to operate more effectively.

5. Accountable PartiesSee Information Governance Policy for key roles.

All staff, whether management or administrative, who create, receive and use Personal Confidential Information have responsibilities to ensure management of the full records management lifecycle and the quality of records held by the Practice. Employees have a contractual and legal obligation to read and comply with all company policies and to attend mandatory training to support the appropriate management of information.

6. What Information is Covered?Information is a corporate asset and as such, is an important source of administrative, financial, legal, evidential and historical information; it is vital to the organisation’s future operations, for the purposes of accountability and for an awareness and understanding of its history; information is the corporate memory of the organisation. Information may be held on paper, USB sticks, computer file or printout, laptops, tablets, mobile phones or even heard by word of mouth or telephone.This protocol provides general guidance about records management and data quality. When managing medical records, it is also necessary to comply with the standards identified at Appendix A Standards for Medical Records.

Without high-standards of information quality, supported by systematic processes and practice, we cannot support the delivery of high quality services and continue to improve.

The diagram below identifies the records management lifecycle and each part of the lifecycle needs to be consistently managed to encourage high standards.

7.

What is a Record?A record is information that memorializes and provides evidence of activities performed, events occurred, results achieved, or statements made. Records are created/received by an organisation routinely in the process of its business or in pursuance of its legal obligations. Records include accounts, agreements, books, drawings, letters, magnetic/optical disks, memos, micrographics, etc. Generally speaking, ‘records’ function as evidence of activities, whereas ‘documents’ function as evidence of intentions.Some activity will be predefined as a record that needs to be kept, such as clinical records. Other records are kept because they are a unique instance of an event such as a business document or email.

8. CreationRecords must be created within clinical systems or stored in the shared network

Records must not be stored in personal drives or mobile devices such as mobiles or memory sticks

The filing and naming of records should follow the Function-Activity-Transaction approach.

This means that the top-level folder would be named in line with the function, the second level named in line with the activity and the then in line with the transaction.

Example of

Level 1 – Function – Human Resources

Level 2 – Activity – Recruitment

Level 3 – Transaction – Application Forms / Interview Sheets / Offer Letters

Naming of specific documents should follow a clear consistent method such as including the date of creation or activity, the title and the version.

Example

20180129 Emma Cooper Application Form v1

9. Using / StoragePaper Records

In order to establish the authenticity of paper records and to meet the Care Records Guarantee that the service user can see who has accessed their records, the records must be held in a way that allows The Practice to audit who has accessed it.

Clinical records must be able to be tracked through the entire lifecycle up to destruction, or transfer to the National Archives or an approved place of deposit.

Paper records must be kept in a safe, dry and secure location

Digital Records

Digital information must be stored in such a way that throughout the lifecycle it can be recovered in an accessible format

Systems for storing digital records must provide information about those who have accessed the record, as required by the Care Records Guarantee.

When using digital records within a system such as a database or clinical system, you must provide any requested information such as reason for access

When using a digital record within the shared network such as a Word or Excel document, care must be given to provide ‘metadata’; this will include identifying the author, version, changes made and owner of the document.

Email messages can constitute part of the formal record of a transaction, decision or communication about an issue. All members of staff are responsible for identifying and managing emails messages that constitute a record of their work. When an email is sent or received a decision needs to be made about whether the email needs to be captured as a record. Once an email message has been captured as a record it should be deleted from the email client.

Email messages with attachments. Where an email message has an attachment a decision needs to be made as to whether the email message, the attachment or both should be kept as a record. The decision on whether an email and/or its attachment constitute a record depends on the context within which they were received. It is likely that in most circumstances the attachment should be captured as a record with the email message as the email message will provide the context within which the attachment was used. There are instances where the email attachment might require further work, in which case it would be acceptable to capture the email message and the attachment together as a record and keep a copy of the attachment in another location to be worked on. In

these circumstances the copy attachment that was used for further work will become a completely separate record.

Email messages that can be considered to be records should be captured as soon as possible. Most email messages will form part of an email conversation string. Where an email string has formed as part of a discussion it is not necessary to capture each new part of the conversation, ie every reply, separately. There is no need to wait until the end of the conversation before capturing the email string as several subjects might have been covered. Email strings should be captured as records at significant points during the conversation, rather than waiting to the end of the conversation because it might not be apparent when the conversation has finished.

All information relating to a specific record must be stored together. For example, email messages related to a specific recruitment campaign must be stored in the network Recruitment folder alongside the Application Form and Interview Sheet.Hyperlinks or embedded documents must still work when the document is transferred to different media or later versions

10. RetentionThe Practice uses the Department of Health Records Management Code of Practice to assign retention periods

Once a record has reached the end of the statutory retention period as set by the NHS Records Management Code of Practice, it should be appraised to consider whether and if so, how long, it should be further retained by the organisation. In order to retain records for longer than the statutory retention period you must have a legal basis.

Please see Appendix B for a list of key records and their retention periods.

Email messages that constitute records must be either printed to paper or saved on shared drives. Email messages captured as records should be located with other records relating to the same business activity. Once captured and stored the e-mail becomes subject to the same policy for records retention as any other record.

Personal mailboxes should not be used for long-term storage of email messages. Personal mailboxes should be used for short-term reference purposes, when

these emails are no longer required they should be deleted. Staff are responsible for the management of their emails and must routinely delete nonessential email messages as soon as possible on a regular basis.

Where the record is being retained, there should be a documented consideration of whether the information could be de-identified (direct or indirect identifiers removed) to reduce the risk of an information breach

11. DestructionPaper Records

Paper records can be incinerated, pulped or shredded (using a cross cut shredder) under confidential conditions.

Do not use the domestic waste or put them on a rubbish tip, because they remain accessible to anyone who finds them.

Staff must keep accurate records of destruction and appraisal decisions. Destruction implies a permanent action.

Electronic Records

Destruction of hard assets, like computers and hard drives and backup tapes, must be auditable in respect of the information they hold.

An electronic records management system will retain a metadata stub which will show what has been destroyed.

The Information Commissioners Office has indicated that if information is deleted from a live environment and cannot be readily accessed then this will suffice to remove information for the purposes of the Data Protection Legislation.

12. General Practitioner RecordsIt is important to note that the General Practitioner (GP) record is the primary record of care.

The majority of other services must inform the GP through a discharge note or a clinical correspondence that the patient has received care.

This record is to be retained for the life of the patient plus at least ten years after death.

The GP record must transfer with the individual as they change GP throughout their lifetime.

Following the move to digital GP records after the ‘paperlite’ accreditation process there was an instruction not to destroy the paper Lloyd George folders.

The GP2GP programme still requires the Lloyd George paper records to be transferred until further notice

GPs are obliged by their contract to follow the NHS Digital, DH and NHS England good practice guidance.

13. Change of Contract / Service ProviderWhen a service provider is changed, the exiting service provider still has a liability for the work they have done and so the records must be retained until the time period for liability has expired. Once this period of liability is over arrangements should be made and documented for either the destruction of the information or the transfer and deletion of the information.

Where legislation creates or disbands public sector organisations, the legislation will normally specify which organisation holds liability for any action conducted by a former organisation.

Where the contract change relates to delivery of health and social care, it may be necessary to inform the individuals concerned about the change.

Where there is little impact upon those receiving care, it may be sufficient to use posters and leaflets to inform people about the change, but more significant changes may require individual communications or obtaining explicit consent.

Although the conditions of Data Protection legislation may be satisfied in many cases there is still a duty of confidence which requires a patient or client (in some cases) to agree to the transfer.

If The Practice is adopting a new service, a full inventory of transferring records should be obtained. Likewise, when surrendering a service to a new provider, The Practice should provide an inventory.

14. National Data StandardsThe use of national data standards should be incorporated were it supports the appropriate sharing, exchange and monitoring of information.

Systems and processes should be evaluated to consider what national data standards are relevant and how they will be incorporated.

Any risks from not using these standards will be considered, recorded and appropriately managed.

15. NHS Number The NHS Number is the unique identifier within the Health Service.

Where available, it must be incorporated into all correspondence with patients and relevant information systems to ensure that the correct individual is identified.

This has been a policy requirement for a number of years, but Health and Social Care (Safety and Quality) Act 2015 provide a further mandate with statutory force; where the requirement can be met, it is a legal requirement to do so.

16. Accuracy and QualityIt is understood that errors and inaccuracies will occur in Information.

Systems, process and analysis during the lifecycle of the information need to identify the causes of any errors, the relevant margin of error introduced into any subsequent use of the Information and the appropriate action taken.

This includes understanding the context of any Information or Data Set, to ensure that “outliers”, results that fall outside expected ranges, are investigated to determine if there are any resulting Information Quality concerns.

It is important to determine and maintain a view of expected ranges of information to support the principles of Information Quality.

A Data Protection Impact Assessment should be completed for new processing activities to determine how data quality will be maintained

Information Asset Owners should determine and document the specific data quality measures in place for the Information Asset

Information coming in to The Practice must be checked for accuracy and completeness

Where incomplete, they should be returned to the sending organisation and the issues flagged with the appropriate lead

Manual quality checks should be completed on correspondence containing Personal Confidential Information

Systems should have the capacity to run data quality reports to identify duplications or incomplete records

Procurement of systems should include built in measures to maintain data quality such as reduction of free text boxes and the use of drop down lists

Integration with other systems should consider data validation and the potential for errors requiring manual intervention

Data Quality audits must be completed regularly and the results reporting into the Information Governance Lead or Data Protection Officer

Where errors are identified, appropriate mitigation is required. This includes correction, where relevant, analysis of process and appropriate action, and ongoing monitoring.

Understanding the cause of error and its likely consequence are a key component of improving Information Quality or managing issues that cannot be addressed through appropriate controls.

17. Information IncidentsAny suspected or actual incidents involving Personal Confidential Information must be reported immediately in line with the Information Incident Protocol.

18. Associated ProtocolsThis policy should be read in conjunction with;

Risk Management Policy Change Management Policy Information Governance Policy Information Rights Protocol Information Sharing and Privacy Protocol Information Lifecycle and Data Quality Protocol Information and Cyber Security Protocol Information Incident Protocol Information Risk and Audit Protocol Data Protection Impact Assessment Protocol

Freedom of Information Protocol Subject Access Request Protocol Prescription Pickup Protocol

19. Audit ScheduleCompliance with this protocol will be audited and the results fed into the Plan, Do, Check, Act Cycle described in the Information Risk and Audit Protocol.

20. ReviewThis protocol will be reviewed every year or sooner where necessary.

Appendix A: Academy of Medical Royal Colleges Standards for Medical Records

Appendix BBelow are retention periods pertinent to the GP’s if there is a retention not featured below please refer to the full NHS Records Management Code of Practice. Patient records have not been included due to them being deducted by PCSE.

Broad descriptor

Record Type Retention Start

Retention period

Action at end of retention period

Notes

Corporate Governance

Board Meetings Creation Before 20 years but as soon as practically possible

Transfer to a Place of Deposit


Board Meetings (Closed Boards)

Creation May retain for 20 years


Although they may contain confidential or sensitive material they are still a public record and must be transferred at 20 years with any FOI exemptions noted or duty of confidence indicated.


Chief Executive records

Creation May retain for 20 years


This may include emails and correspondence where they are not already included in the board papers and they are considered to be of archival interest.


Committees Listed in the Scheme of Delegation or that report into

Creation Before 20 years but as soon as practically


the Board and major projects

possible


Committees/ Groups / Sub-committees not listed in the scheme of delegation

Creation 6 Years Review and if no longer needed destroy

Includes minor meetings/projects and departmental business meetings


Destruction Certificates or Electronic Metadata destruction stub or record of information held on destroyed physical media

Destruction of record or information

20 Years Consider Transfer to a Place of Deposit and if no longer needed to destroy

The Public Records Act 1958 limits the holding of records to 20 years unless there is an instrument issued by the Minister with responsibility for administering the Public Records Act 1958. If records are not excluded by such an instrument they must either be transferred to a place of deposit as a public record or destroyed 20 years after the record has been closed.


Incidents (serious)

Date of Incident

20 Years Review and consider transfer to a Place of Deposit


Incidents (not serious)

Date of Incident

10 Years Review and if no longer needed

destroy


Non-Clinical Quality Assurance Records

End of year to which the assurance relates

12 years Review and if no longer needed destroy


Patient Advice and Liaison Service (PALS) records

Close of financial year



Policies, strategies and operating procedures including business plans

Creation Life of organisation plus 6 years

Review and consider transfer to a Place of Deposit

Communications

Intranet site Creation 6 years Review and consider transfer to a Place of Deposit

Communications

Patient information leaflets

End of use 6 years Review and consider transfer to a Place of Deposit

Communications

Press releases and important internal communications

Release Date

6 years Review and consider transfer to a Place of Deposit

Press releases may form a significant part of the public record of an organisation which may need to be retained

Communications

Public consultations

End of consultation


Communications

Website Creation 6 years Review and consider transfer to a Place of Deposit

Staff Records & Occupational Health

Duty Roster Close of financial year



Exposure Monitoring information

Monitoring ceases

40 years/5 years from the date of the last entry made in it

Review and if no longer needed destroy

A) Where the record is representative of the personal exposures of identifiable employees, for at least 40 years or B) In any other case, for at least 5 years.


Occupational Health Reports

Staff member leaves

Keep until 75th birthday or 6 years after the staff member leaves whichever is sooner



Occupational Health Report of Staff member under health surveillance

Staff member leaves

Keep until 75th birthday



Occupational Health Report of Staff member under health surveillance where they have been subject to radiation doses

Staff member leaves

50 years from the date of the last entry or until 75th birthday, whichever is longer



Staff Record Staff member leaves

Keep until 75th birthday (see Notes)

Create Staff Record Summary then review

This includes (but is not limited to) evidence of right to work, security checks and recruitment documentation for the successful candidate including job adverts and application forms. May be destroyed 6 years after the

or destroy the main file.

staff member leaves or the 75th birthday, whichever is sooner, if a summary has been made.


Staff Record Summary

6 years after the staff member leaves

75th Birthday

Place of Deposit should be offered for continued retention or Destroy

Please see page 36 for an example of a Staff Record Summary used by an organisation.


Timesheets (original record)

Creation 2 years Review and if no longer needed destroy


Staff Training records

Creation See Notes Review and consider transfer to a Place of Deposit

Records of significant training must be kept until 75th birthday or 6 years after the staff member leaves. It can be difficult to categorise staff training records as significant as this can depend upon the staff member’s role. The IGA recommends: 1 Clinical training records - to be retained until 75th birthday or six years after the staff member leaves, whichever is the longer2 Statutory and mandatory training records - to be kept for ten years after training completed3Other training records - keep for six years after training completed.

Procurement Contracts sealed

or unsealedEnd of contract


Procurement Contracts - financial approval files

End of contract


Procurement Contracts - financial approved suppliers documentation

When supplier finishes work


Procurement Tenders (successful)

End of contract


Procurement Tenders (unsuccessful)

Award of tender


Estates Building plans and records of major building work

Completion of work

Lifetime of the building or disposal of asset plus

Review and consider transfer to a Place of

Building plans and records of works are potentially of historical interest and where possible be kept and transferred to a place of deposit

six years Deposit

Estates CCTV See ICO Code of Practice


"ICO Code of Practice: https://ico.org.uk/media/for-organisations/documents/1542/cctv-code-of-practice.pdf The length of retention must be determined by the purpose for which the CCTV has been deployed. The recorded images will only be retained long enough for any incident to come to light (e.g. for a theft to be noticed) and the incident to be investigated.

Estates Equipment monitoring and testing and maintenance work where asbestos is a factor

Completion of monitoring or test


Estates Equipment monitoring and testing and maintenance work

Completion of monitoring or test


Estates Inspection reports

End of lifetime of installation

Lifetime of installation

Review

Estates Leases Termination of lease

12 years Review and if no longer

needed destroy

Estates Minor building works

Completion of work

retain for 6 years


Estates Photographic collections of service locations and events and activities

Close of collection

Retain for not more than 20 years

Consider transfer to a place of deposit

The main reason for maintaining photographic collections is for historical legacy of the running and operation of an organisation. However, photographs may have subsidiary uses for legal enquiries.

Estates Radioactive Waste

Creation 30 years Review and if no longer needed destroy

Estates Sterilix Endoscopic Disinfector Daily Water Cycle Test, Purge Test, Nynhydrin Test

Date of test 11 years Review and if no longer needed destroy

Estates Surveys End of lifetime of installation or building

Lifetime of installation or building

Review and consider transfer to Place of

Deposit

Finance Accounts Close of financial year


Includes all associated documentation and records for the purpose of audit as agreed by auditors

Finance Benefactions End of financial year

8 years Review and consider transfer to Place of Deposit

These may already be in the financial accounts and may be captured in other records/reports or committee papers. Where benefactions endowment trust fund/legacies - permanent retention.

Finance Debtor records cleared



Finance Debtor records not cleared



Finance Donations Close of financial year


Finance Expenses Close of financial year

6 years Review and if no longer needed

destroy

Finance Final annual accounts report

Creation Before 20 years

Transfer to place of deposit if not transferred with the board papers

Should be transferred to a place of deposit as soon as practically possible

Finance Financial records of transactions

End of financial year

6 Years Review and if no longer needed destroy

Finance Petty cash End of financial year


Finance Private Finance initiative (PFI) files

End of PFI Lifetime of PFI

Review and consider transfer to Place of Deposit

Finance Salaries paid to staff


10 Years Review and if no longer needed

destroy

Finance Superannuation records



Legal, Complaints & information Rights

Complaints case file

Closure of incident (see Notes)


"http://www.nationalarchives.gov.uk/documents/information-management/sched_complaints.pdfThe incident is not closed until all subsequent processes have ceased including litigation. The file must not be kept on the patient file. A separate file must always be maintained.


Fraud case files Case closure 6 years Review and if no longer needed destroy


Freedom of Information (FOI) requests and responses and any associated correspondence

Closure of FOI request


Where redactions have been made it is important to keep a copy of the redacted disclosed documents or if not practical to keep a summary of the redactions.


FOI requests where there has been a subsequent

Closure of appeal


appeal


Industrial relations including tribunal case records


10 Years Review and consider transfer to a Place of Deposit

Some organisations may record these as part of the staff record but in most cases they will form a distinct separate record either held by the staff member/manager or by the payroll team for processing.


Litigation records

Closure of case



Patents / trademarks / copyright / intellectual property-

End of lifetime of patent or termination of licence/action

Lifetime of patent or 6 years from end of licence /action

Review and consider transfer to Place of Deposit


Software licences

End of lifetime of software

Lifetime of software



Subject Access Requests (SAR) and disclosure correspondence

Closure of SAR



Subject access requests where there has been a subsequent appeal

Closure of appeal


scope · web view2020-01-16 · corporate governance. patient advice and liaison service (pals)...

Documents