2. NEW Corporate SOP Template

STANDARD OPERATING PROCEDURE (SOP) VERSION CONTROL

This record shall detail all previous versions of the SOP including versions that have been known by other names and the date of when a new version was created.

1. PARENT POLICY

R&D Plan 2016-19

1. STANDARD OPERATING PROCEDURE

Background

Health records are important in modern healthcare. They have two main functions:

1. Primary function of healthcare records

The primary function of healthcare records is to record important clinical information, which may need to be accessed by the healthcare professionals involved in a person’s care.

Information contained in health records includes:

• the treatments that person has received,
• whether that person has any allergies,
• whether the person is currently taking medication,
• whether the person has previously had any adverse reactions to certain medications,
• whether the person has any chronic (long-lasting) health conditions, such as diabetes or asthma,
• the results of any health tests the person may have had, such asblood pressure tests,
• any lifestyle information that may be clinically relevant, such as whether a person smokes, and
• personal information, such as age and address

1. Secondary function of health records

Health records can be used to improve public health and the services provided by the NHS, such as treatments for cancer or diabetes. Health records can also be used:

• to determine how well a particular hospital or specialist unit is performing,
• to track the spread of, or risk factors for, a particular disease (epidemiology), and
• in clinical research, to determine suitability to research projects and whether certain treatments are more effective than others.

Types of health record

Health records take many forms and can be on paperor electronic. Different types of health record include:

• consultation notes, which the GP takes during an appointment,
• hospital admission records, including the reason why a person was admitted to hospital,
• the treatment a person will receive and any other relevant clinical and personal information,
• hospital discharge records, which will include the results of treatment and whether any follow-up appointments or care are required,
• test results,
• X-rays,
• photographs, and
• image slides, such as those produced by a magnetic resonance imaging (MRI) or computerised tomography (CT) scanner

Confidentiality of health records

There are strict laws and regulations to ensure that health records are kept confidential and can only be accessed by health professionals directly involved in the patients care.

There are a number of different laws that relate to health records. The most important laws are:

• Data Protection Act (1998)
• Human Rights Act (1998)
• Computer Misuse Act (1990)

Under the terms of the Data Protection Act (1998), organisations such as the NHS must ensure that any personal information it gathers in the course of its work includes:

• only used for the stated purpose of gathering the information (which in this case would be to ensure that you receive a good standard of healthcare), and
• kept secure

It is an offence to breach the Data Protection Act (1998) and doing so can result in a monetary penalty.

The Human Rights Act (1998) also states that everyone has the right to have their private life respected. This includesthe rightto keep your health records confidential.

The Computer Misuse Act covers breaches where personal information is recorded electronically, and can result in criminal proceedings.

Important changes to health records

The NHS is currently making some important changes to how it will store and use health records over the next few years.

In July 2013, the Strategic Systems and Technology Directorate published“Safer Hospitals, Safer Wards: Achieving an integrated digital care record” which sets out the pathway for NHS providers to move from paper-based record-keeping through“paper-light” to paperless systems. It covers all areas of systems development including data standards, product sourcing, skills development for staff and integration across care settings.

Lancashire Care NHS Foundation Trust has a system named eCR (electronic care record) formally eCPA (electronic care plan approach) which holds all the Trusts patient notes. Access to eCR is limited to those that require to access in the delivery of care or contact to service users. This access is not granted to every member of staff and it is prohibited to review patient notes unless part of the direct clinical team for that patient or appropriate authorisation is granted such as clinical research delivery staff employed by LCFT, who can have be authorised by the clinical lead for that patient’s care.

PURPOSE

This SOP is designed to describe procedures for non-Lancashire Care NHS Foundation Trust (LCFT) staff researchers & LCFT Research Department staff when they need to access patient’s medical notes.

PROCEDURE

Who?

This SOP applies to a researcher who is not employed by the Trust & research staff that are employed by the Trust, who requires access to eCR.

When?

A non- Trust researcher can only access patient notes if the patient has consented for them to do so. There would be a consent form, which had received NHS Ethical Approval and a copy of this consent form would be located in the patients notes, with a blank copy of the consent form stored in the study folder.

LCFT employed research staff are viewed by the Trust as an integral part of the clinical team, so with the approval of the patient’s lead clinician, they can access medical notes to ensure patients are afforded every opportunity to participate in research, in accordance with the NHS Constitution (https://www.gov.uk/government/publications/the-nhs-constitution-for-england)

How?

A non-LCFT employed researcher must request permission to access the electronic patient notes via the Research Department. This must be put in writing, with the following details:

a)name of the research project

b)reason for requiring access to patient notes and which patient groups

c)consent form version number that the patient consented with

d)name of the researcher(s) who would like to access the patient notes

e)confirmation that the said researcher(s) have a letter of access in place with the Trust

f)Number of patients notes they need to review

g)Timescale required to review the notes

Following this request, the Research Department would do the following checks:

a)confirm that the research project has all the appropriate approvals in place (Ethics, Health Research Authority (HRA), Capacity and Capability, other approvals required)

b)confirm that the consent form version number has received Ethics approval

c)confirm that the researcher(s) are listed as being part of the research team

1. either on the SSI application form (if pre HRA),

or, there CVs are stored in the study folder

or, there is an email in the study folder confirming this

d)confirm that the researcher(s) have letters of access in place for the study and that these are in date and are in the study folder

Once the above checks are in place, the Research Department will:

1. Email a letter to the researcher(s) for them to sign to confirm that they will adhere to the conditions listed on the letter, whilst accessing Lancashire Care eCR (see appendix 1)
2. Following receipt of the signed letter (appendix 1), the Research Department will;
3. Complete the IT New User Form (located on the Trust Internet page) to set up a temporary IT account for the researcher(s)
4. Once the IT account have been set up, contact the researcher(s) and ask them to complete the following:
5. Contact the IT Helpdesk on 01772 695316
6. Give them their name
7. Ask for a password reset
8. Give them a line manager name (Katie Glickman)
9. IT will then be given details for the password reset
10. They are then able to login LCFT computers and eCR and access the system, using the username: and password
11. Ask the researcher(s) to evidence they have completed Information Governance (IG) training (as part of mandatory training if an NHS employee of another Trust, or they have completed IG training with their University employer) by sending a copy of the training certificate
12. If the researcher cannot evidence they have completed IG training, contact the IG Department () in order to set up Information Governance Training and make the researcher(s) aware exactly what they need to do and once completed to send a copy of the training certificates to the Research department. LCFT IT training will be completed through their LCFT IT account
13. Once IG Certificate received email a copy of the IG certificate to the IG department for their records
14. Liaise with the researcher(s) regarding booking them onto eCR Blue training ()
15. Once the researcher has completed eCR training the researcher is then to contact the Research Department to book a time/date to review the notes or they can liaise with the clinical service where they recruited their participants from to review the notes.
16. If taking place in the Research Department, the desktop PC will be booked for them and there must be a member of the Research staff available to assist
17. Once the researcher does not require access to eCR anymore, Research to contact the IT Helpdesk and request the account is deactivated

OTHER RELATED PROCEDURES, POLICIES, LEGISLATION OR GUIDANCE

Information Governance Policy

APPENDICES

Appendix 1 – Letter template - Access to Lancashire Care Foundation Trust (LCFT) electronic care records for non-LCFT researchers

3.COMMUNICATION

This Standard Operating Procedure will be provided to all staff working in the Research Department employed by Lancashire Care Trust and any non-Trust Researchers that require access to Lancashire Care electronic patient notes, so they have an awareness of these processes to follow. The Standard Operating Procedure will be of particular interest to staff/researchers working on research trials that require access to electronic patient notes, where the patient has consented to allow this access.

Any amendments to the Standard Operating Procedure will be communicated to the relevant staff & researchers via email at the earliest opportunity. In addition it will be available on both the trust Intranet & Internet sites.

4.REVIEW

A review and update will be performed by the author or delegated member of the Research Department team before the stated mandatory review date at the beginning of this document. Further reviews & amendments may take place if new information is made available. Stringent version control will be maintained when changes are made and the procedure author is responsible for this.

5.FURTHER GUIDANCE/RELATED SOPS

None

Appendix 1

Lancashire Care NHS Foundation Trust
Lantern Centre

Vicarage Lane

Fulwood

Preston

PR2 8DW
Tel: 01772 773498

Insert date

Access to Lancashire Care Foundation Trust (LCFT) electronic care records for non-LCFT researchers

Non-Trust staff requiring access to LCFT electronic care records for research purposes will be granted access subject to being able to evidence:

1. Which LCFT patient group(s) are relevant to the study
2. That patients whose records will be accessed have
3. consented to the study
4. consented to their records being used by the researchers
5. That the researchers
6. Have completed Information Governance training (with their current NHS/University employer or LCFT)
7. Have completed LCFT training in using the electronic care records system
8. Comply with all relevant Trust policies and procedures including the Information Governance policy
9. Comply with the Department of Health Research Governance Framework and ICH Good Clinical Practice Guidelines as appropriate
10. Inform Trust Research Department () when the research data has been collected so that access can be deactivated
11. Understand that a breach of any of these assurances, Trust policies or SOP for Access to Electronic Patient Notes will result in immediate withdrawal of access and disciplinary and/or legal action may be taken against you

Signed by the researcher:

………………………………………………………………..

Print Name:

……………………………………………………………….

Date: ………………………………………………………

Page 1 of 920-07-2017

V8.0