Information Governance

Question 1

What is IG?

Answer 1

How organisations and individuals manage the handling of information within the health care system

Question 2

What are some of the legislation the NHS is required to comply with under IG?

Answer 2

The Data Protection Act (DPA), General Data Protection Regulation (GDPR), Computer Misuse Act

Question 3

What is the national data guardian?

Answer 3

They advise and challenge the health and care system to help ensure that citizens’ confidential information is safeguarded securely and used properly.

NDG works with the Department of Health and Social Care.

Question 4

What are the three main principles guided by the NDG?

Answer 4

1. Encouraging healthcare professionals to share information to enable joined-up care, better diagnosis and treatment
2. Ensuring patients are informed on how their health and care data is being used and they are given a choice about it
3. Building a dialogue with the public about how we all wish information to be used

Question 5

What are the national data guardian security standards?

Answer 5

10 Security Standards that apply to all health and social care organisations.

Question 6

Give a few examples of the NDG security standards?

Answer 6

1. Confidential data must be securely handled, stored and transmitted and only shared under lawful purposes
2. Staff understand their responsibilities under the NDG Data Security Standards, including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches.
3. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised IG Toolkit.
4. Access to personal confidential data is based on legitimate need and removed if no longer required. All access to personal confidential data on IT systems can be attributed to individuals.
5. No unsupported operating systems, software or internet browsers are used within the IT estate.

Question 7

How can an organisation measure whether they are complying with the NSG security standards?

Answer 7

Data Security and Protection (DSP) Toolkit
Online self-assessment tool enabling organisations to measure and publish their performance against the NDG’s ten data security standards.

Question 8

Is there an ISO security standard?

Answer 8

ISO 27001 Security standard
International standard that helps organisations manage their information security
sets out the specification for an information security management system

Question 9

Who is the Caldicott Guardian

Answer 9

A senior member of the NHS responsible for protecting the confidentiality of people’s healthcare information and ensuring its correct and appropriate use. Caldicott Guardians make decisions and give guidance based on the Caldicott principles.

Question 10

What are the responsibilities of the Caldicott Guardian

Answer 10

Protecting and maintaining confidentiality of patient-identifiable information, within NBT and when sharing with other organisations.
Agreeing levels of access to patient information systems.

Question 11

What are the caldicott principles

Answer 11

1. Justify the purpose(s) for using personal confidential information.
2. Don’t use personal confidential data unless absolutely necessary.
3. Use the minimum necessary personal confidential data.
4. Access to personal confidential data should be on a strict need-to-know basis.
5. Everyone with access to personal confidential data should be aware of their responsibilities.
6. Comply with the law.
7. The duty to share information can be as important as the duty to protect patient confidentiality.

Question 12

Why were the Caldicott principles revised in 2013

Answer 12

To become more patient centred.
Some health professionals felt that IG was an impediment to sharing information, even when sharing would have been in the patient’s best interests.
The revised principles aim to achieve a better balance between the protection of patient information and the use and sharing of information to improve patient care.

Question 13

Who supports the Caldicott guardian?

Answer 13

The Caldicott Function (Head of Information Governance & IT Security)

Question 14

What are the responsibilities of the Caldicott Function

Answer 14

1. Co-ordination and implementation of the confidentiality and data protection work programme.
2. Ensure compliance and staff awareness of the principles contained within the Confidentiality: NHS Code of Practice
3. Complete the Confidentiality & Data Protection Assurance component of the IG Toolkit.
4. Report routinely to senior management on confidentiality and data protection issues.

Question 15

Who acts as a definitive national body for Caldicott Guardians.

Answer 15

The UK Caldicott Guardian Council (UKCGC)
Support Caldicott Guardians
Promote consistent standards and training for Caldicott Guardians.
Support the formulation of best practice guidance and policies relating to the Caldicott principles.

Question 16

Why is data transparency important in the NHS

Answer 16

Transparency is a key principle of people’s data rights under General Data Protection Law (2018) and is important to increase the level of trust from the public regarding how patient data is used.

Question 17

Why may patient data be processed for purposes unrelated to the individuals care

Answer 17

The NHS use patient data to make choices regarding the provision of services, to carry out research, implement new treatments and monitor safety. These purposes are beneficial to the wider public and NHS as a service

Question 18

Give an example of the use of patient data to make improvements to genetics services at your Trust

Answer 18

The use of patient sequencing data to make improvements to a copy number variant (CNV) calling algorithm, ExomeDepth.

As these patients have already consented to their genetic data being analysed for CNVs within a particular gene(s), reanalysis can be carried out to quantify improvements in the accuracy of CNV calling, as long as the data is not processed to examine genomic regions that have not been consented to in the first instance.

The processing of patient data in this case benefits the wider public by improving the ability to detect potentially pathogenic CNVs in patients with genetic disorders.

Question 19

Are there any organisations who collect the views of patients towards data transparency?

Answer 19

Understanding Patient Data (UPD) is an organisation that works with NHS organisations among other groups to make the use of patient data more transparent, understandable and trustworthy, for patients, the public and health professionals.

UDP provides objective information about how patient data is used and highlights and communicates the views of patients and the public to policymakers and data holders to improve public trust.

They focus on data routinely collected as part of a person’s interactions with the health service which might be used for purposes beyond individual care without explicit consent.

This data is highly useful for research and planning purposes, by NHS bodies, academics and commercial organisations, but its use can be controversial.

Question 20

What are the benefits of allowing patients access their own records?

Answer 20

It improves the communication between the patient and medical professionals during consultations as patients are better informed to ask questions and provide relevant information that will help guide their care.

Patients are encouraged to take an active interest in their own health and participate in shared decision making, which is strongly promoted by the National Institute for Healthcare Excellence (NICE).

Patients who are familiar with their medical records are in a better position to provide consent to share the record with other health professionals they may come in contact with, such as emergency department staff or specialist consultants.

Patients can also view the notes that have been taken during appointments and ensure the data has been captured correctly.

Question 21

What is the importance of shared decision making

Answer 21

Shared decision making allows healthcare professionals to place the patient at the centre of decisions made regarding their treatment and care, and to tailor treatment according to the patients individual wants and needs.

NICE provide shared decision making aids for certain conditions to enable patients to make informed decisions regarding their care.

Question 22

What are the risks associated with giving patients access to their health records?

Answer 22

Patients may view test results, scans or medical notes and jump to conclusions about their health. Without a GP to explain the implications of the results, they may interpret the results incorrectly causing unnecessary stress and anxiety.

Vulnerable patients who are at risk of coercion by others may be manipulated into sharing their confidential records, particularly if the patient is in an abusive relationship.

Patient access may not be authorised if providing the information may cause harm to the patient or identify a third party who has not given permission of disclosure.
For example, a patient who is unaware that they are adopted may experience distress and trauma upon learning about their adoption from their medical record.

Question 23

What is clinical coding and why is it devised

Answer 23

Clinical Coding is the process of translating health-related terms into a standardised, universal coded format.
A standardised nomenclature is important due to the wide variety of non-standardised medical terms that can be used to describe the same ailment.

Question 24

What are the benefits of clinical coding?

Answer 24

Ensures accuracy of the patient health record
Ensures health record can be understood by other healthcare professionals
Data can be more easily used by computer systems, databases or decision support tools
Facilitates clinical audit and research as patient data can be collated

Question 25

What was the first clinical coding system used by the NHS

Answer 25

Read codes are a comprehensive list of clinical terms to describe the care and treatment given to patients.

They include signs, symptoms, treatments, investigations, occupations, diagnoses and drugs and appliances.

Read codes were made the UK standard coding system for the NHS in 1990 and were expanded to cover all areas of clinical practice, including physiotherapy, nursing and health visiting.

The most recent version of read codes comprises 270,000 different clinical terminologies.

Question 26

What clinical coding system is presently used in the NHS?

Answer 26

Since 2018, the universal clinical coding system SNOMED CT (Systemised Nomenclature of Medicine, Clinical Terms) is being implemented

It includes diagnosis and procedures, symptoms, family history, allergies, assessment tools, observations and devices

Compared to read codes it is more comprehensive and more detailed, covering all clinical specialities and professionals

SNOMED CT facilitates consistent sharing of patient data within and across different healthcare settings, reducing the risk of misinterpretations of the record in different care settings.

Question 27

What are the benefits of free text in a patient health record

Answer 27

Free text adds value and meaning for the patient; however, it is more likely to contain sensitive or third-party information that could require redaction.
Checking free text before it is uploaded to the EHR it is more time consuming and the process is difficult to automate.
A purely coded entry with hardly any descriptive text does not provide a complete clinical record.

Question 28

What is the purpose of the NHS policy on accessible information and communication

Answer 28

This policy, first published in 2016, aims to implement a clear, consistent, transparent and fair approach to the provision of accessible, inclusive information and communication support.
This policy is intended to enable patients to make more informed choices regarding their care and aid communication between staff and service users.
In addition to providing documents and information in formats accessible to all, the communication needs of a patient should be recorded on their health record.

Question 29

What does the Health and Social Care (Safety and Quality) Act 2015 say about information sharing?

Answer 29

Health and adult social care organisations are required by law to share information regarding patients directly in their care in order to provide the best care possible.

When healthcare is provided by a team of care providers from different organisations or when a patient is transferred from one organization to another, it is essential that protection of patient confidentiality does not prevent data sharing when necessary.

Data sharing can be in the best interest of the patient

Question 30

What safeguards are in place within the NHS to ensure that sensitive patient information is protected.

Answer 30

When sharing patient data, the minimum amount of information required is disclosed
Data sharing occurs based on a legitimate need
Pseudonymisation is used if patient data is used for clinical audit or research
EHRs kept on clinical databases must be kept secure to avoid security breaches.
All databases should have password protected user logins with passwords changed regularly and defined levels of access.
Access should be granted to staff on the basis of necessity to their job role and not based on their level of seniority.
A record should be kept of staff access which is reviewed regularly and should be removed for staff vacating their position.
Paper based records should be stored in a secure location and clearly marked as confidential to avoid unauthorised access.
Staff must take precautions not to leave confidential patient records unattended in communal areas and to dispose of documents containing confidential patient data appropriately in confidential waste bins.

Question 31

What is pseudonymised data and how should it be treated?

Answer 31

Pseudonymisation involves the removal of patient identifiers which are replaced with a unique identifier that can be used to trace back the data to the original patient. It can be shared more easily as it does not directly contain any information regarding the patient, but should still be treated as confidential and sensitive.

Question 32

What is an information asset and what data does it hold?

Answer 32

Datasets, databases and/or ICT systems that hold significant information vital to the genomics service such as patient data, quality data, sample processing metadata.

Question 33

What risks are associated with digital health information, records and systems and what mitigating factors are associated with these risks

Answer 33

Data breaches due to unauthorised access - needs based access, access controls and IP-based access
Cyber attacks - antivirus, firewalls, user awareness and training re phising and secure websites, encryption, VPNs
Data loss - regular database backups on multiple servers
System failure/server failure/power outages - backup servers and power sources, containerised pipelines i.e., docker can be moved easily from one server to another in the event of a server failure

Question 34

What are the benefits of ICT systems in clinical practice?

Answer 34

1. Decreases staff workload thus increasing productivity by automating and streamlining processes:
2. Enables storage of large data volumes, eliminating the limitations of on-site physical storage space
3. Enhances data accessibility - concurrent multi user access, removes physical barrier to access
4. Integration of multiple systems for data input, access & storage - dependent on interoperability
5. Improves data integrity and security through standardisation of input (mandatory fields, handwriting), backup of databases to remote sites prevents data loss.
6. Streamlines processes within departments by delivering information on one central system.
7. Facilitates auditing, inventories, billing and clinical coding.

Question 35

Explain the relevance of clinical knowledge, guidelines and decision support tools in clinical practice

Answer 35

Clinical knowledge, guidelines and decision support tools are routinely used to
Improve the standard of care by standardising the quality of care received by all patients
Increase efficiency by assisting healthcare professionals in delivering their roles
Improve patient safety
Ensure that the most cost-effective and efficacious treatments and pathways are selected

Question 36

Explain what evidence-based practice refers to and types of evidence-based practice

Answer 36

Involves healthcare professionals making treatment decisions for patients based on the best research evidence available and clinical expertise.
Types of evidence include randomised control trials and research articles.
Evidence-based practice contributes to the understanding of disease diagnosis, causes and risk factors.

Question 37

What are the barriers to evidence-based practice

Answer 37

A lack of time to spend on research
A lack of confidence in critically reviewing research articles
Evidence is not always available at the point of care
It can be difficult to implement changes when processes are already well-established.

Question 38

How can clinical decision support tools help implement evidence-based practice?

Answer 38

These platforms collate and summarise the most up to date information in one place, reducing the time spent by healthcare professionals on research.

Question 39

What should be taken into consideration when referring to a clinical decision support tool?

Answer 39

In some cases the evidence for new treatments and diagnostic tests may be less well-established; therefore, it is essential that a certain degree of clinical judgement is still exercised when using decision support tools.

Question 40

How can clinical coding help best practice guidelines?

Answer 40

The clinical utility of best practice guidelines are improved when they are based on accurately coded data.

Question 41

Give an example of clinical coding used in the genetics service

Answer 41

The use of Human Phenotype Ontology (HPO) terms to describe phenotypic abnormalities associated with a patient’s genetic disease.
The use of HPO terms in clinical databases assists those studying rare diseases that have not been well characterised.
Provision of accurate information regarding a patient’s phenotype helps identify potentially relevant genomic findings and an accurate diagnosis can further contribute to the understanding of the condition.
HPO terms were also used by clinicians referring patients to the 100K genomes project; a large scale study carried out to improve understanding of genetic disease.

Question 42

Give an example of professional guidelines used in clinical practice

Answer 42

Professional guidelines published by the National Institute for Healthcare and Excellence (NICE) are widely used in clinical practice.

The evidence-based recommendations outline suitable care effective in the majority of those with a specific condition.

The guidelines are intended to help improve the quality of healthcare and adapt the healthcare service in response to advances in medical treatments.

Guideline types range from clinical, to cancer services and antimicrobial prescribing.

Recommendations are based on a balance between the benefits and harms of an intervention and the quality of the underlying evidence.

NICE promote shared decision making between healthcare professionals and patients through developing guidelines and tools that support this, such as decision aids for specific conditions to support patients in making informed choices.

Question 43

Describe the process for developing NICE guidelines

Answer 43

The process for developing guidance involves summarising the findings of literature searches and evidence gathering into an evidence review, alongside a cost-benefit analysis which is considered by a committee that includes healthcare professionals and patient representatives.

Guidelines are regularly reviewed and updated to ensure they accurately reflect changes in the scientific evidence available.

Question 44

Give an example of the use of clinical guidelines in clinical genetics

Answer 44

Within the clinical genetics service, NICE guidelines are consulted and used as evidence when examining genetic variants that may underlie cancer. The purpose of somatic variant analysis is treatment driven and one of the main outcomes of variant classification is to influence the direction of therapy. NICE guidelines advising the use of a specific drug in the presence of a genetic variant can have a significant impact on patient outcomes.

In 2018, NICE published guidelines recommending the use of midostaurin for newly diagnosed AML in the presence of a FLT3-mutation. These guidelines were based on evidence from a RCT showing that the administration of midostaurin alongside chemotherapy increased median overall survival compared with chemotherapy alone from 25.6 months to 74.7 months. Other factors taken into account in this recommendation include the adverse effects of the drug and the cost-effectiveness of the treatment.

Question 45

What is the Manchester Scoring System

Answer 45

The Manchester Scoring System (MSS) is used by clinical genetics services to determine a patient’s eligibility for genetic testing for genes associated with an increased risk of hereditary breast and ovarian cancer.

The scoring system calculates the probability for the presence of mutations in the BRCA1 and BRCA2 genes by taking multiple factors into account, including the gender and age of the patient at diagnosis, the presence of BRCA-related cancer in relatives, their age at diagnosis and whether they have received surgery. The score was developed based on empirical data gathered from the Manchester mutation-screening programme (Evans et al., 2004) and most recently updated based on further testing over 4,000 families to increase the sensitivity of testing (Evans et al., 2017).

For patients who are currently asymptomatic, however have family histories of BRCA-associated cancers, the MSS can significantly influence their outcome. Genetic testing is generally carried out when the risk of having a mutation is greater than 10%, and a score of 15-19 given by the MSS generally qualifies a patient for genetic testing. If a patient is tested based on the MSS and is found to have a high-risk genetic variant that predisposes them to the development of breast or ovarian cancer, preventative measures can be taken to reduce their risk.

Question 46

What are Polygenic risk scores (PRS) and give an example of their clinical utility

Answer 46

Polygenic risk scores (PRS) predict an individual’s risk of developing a disease based on genetic factors, such as the presence of single nucleotide polymorphisms (SNPs) in multiple genes.

A 12-SNP LDL-C genetic risk score for Familial Hypercholesterolemia (FH); a common genetic disorder strongly associated with an increased risk of cardiovascular disease (CVD) due to elevated levels of low-density lipoprotein cholesterol (LDL-C). Early detection and intervention can reduce the risk of CVD however the disorder is underdiagnosed and undertreated as genetic testing often fails to detect FH.

A significant proportion of patients lack a mutation in one of the three genes classically associated with the disorder. Although the disorder is widely classified as monogenic, a significant proportion of FH patients have been found to exhibit polygenic SNPs believed to underlie the increase in LDL-C.

The use of PRS for FH has improved early identification of at-risk individuals, which has a significant impact on patient outcomes as changes in lifestyle can reduce disease progression and improve life expectancy.

The ability to distinguish between the monogenic and polygenic form of the disorder is incredibly useful, as patients with polygenic FH often present with a milder clinical phenotype therefore require a less severe pharmacological therapies. Furthermore, relatives of those with polygenic FH are less likely to present with FH, therefore cascade testing is not always needed (Futema et al., 2015).

Question 47

What is k-anonymity

Answer 47

K-anonymity is a property of datasets in which patients cannot be identified; however the data retains its clinical utility. Datasets possess k-anonymity if the data for each individual cannot be distinguished from a subset (k – 1) of individuals whose information also appear in the release.

Question 48

What is DICOM?

Answer 48

Digital Imaging and Communications in Medicine (DICOM) was developed to standardise the way in which medical images are stored and exchanged between various networked systems.

The extensive standard defines the format in which images should be stored, the file transfer protocol (FTP) that should be used and the various metadata included for each medical image i.e. patient name and NHS number.

PACS can be compliant with the DICOM standard and various DICOM servers have been developed for use in the healthcare service, however it is essential that these databases are encrypted, password projected and have restricted IP address access to secure patient data.

Question 49

What types of databases store medical images?

Answer 49

picture archiving and communication system (PACS)

Question 50

How long should medical records be held according to the records Management Code of Practice for Health and Social Care 2016

Answer 50

Records Management Code of Practice for Health and Social Care 2016
The statutory period during which adult health records, including medical images, must be retained is 8 years from the last date at which content was added to the record i.e. since the patient was discharged from the service. After the retention period, the records can be destroyed if no need to keep them has been established. Digital records must be stored in a format that is accessible, and provides information regarding who has accessed the record which can be audited.

Question 51

Who are data controllers and data processors?

Answer 51

Controllers determine the purpose and means of processing personal data
Processors process personal data on behalf of controller

Question 52

What is GDPR?

Answer 52

GDPR comprises a regulation on data protection and privacy to give control to individuals over their personal data. The act is applicable to data “controllers”, who determine the purpose and means of processing personal data and data “processors” who process personal data on behalf of controller.

In accordance with GDPR, data must be collected in a lawful manner, used fairly and transparently, with a legitimate purpose for processing. Personal data should be limited to what is necessary, contain accurate and up-to-date information, kept no longer than necessary and stored securely.

Question 53

When is it appropriate to breach confidentiality?

Answer 53

Duty of care can allow confidentiality to be breached in certain cases without patient consent, such as if there is a threat to a patient’s life.

Question 54

What is social engineering?

Answer 54

Social engineering refers to the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

Social engineers may use social media to identify Trust staff members who they can befriend and monitor for information to gain access to confidential information.

Question 55

What are cyber attacks?

Answer 55

Individuals can attempt to infiltrate Trust networks externally in order to obtain, corrupt or destroy confidential information.

Question 56

How can security and confidentiality breaches be reduced?

Answer 56

Through staff awareness, education and training. Staff must be made aware of NHS and local trust policies, pass the national and local information governance modules and adhere to the NHS Code of Confidentiality. Breaches of confidentiality and security must be reported to senior management and dealt with appropriately to prevent further incidents.

Question 57

Give the 4 most common sources of security and confidentiality breaches

Answer 57

1. Unauthorised access
2. Data Loss
3. Information Sharing
4. Cyber Breaches

Question 58

Give examples of how breaches can arise due to unauthorised access

Answer 58

• Sharing passwords, smartcards and user logins among colleagues.
• Using the same password for every system, not changing passwords often enough and not using a strong enough password
• Writing passwords and user logins down in a place where they are not secured i.e. notebooks, pieces of paper, sticky notes.
• Leaving computers logged on and unattended.
• Not disposing of paper records correctly in confidential waste bins.

Question 59

Give examples of how breaches can arise due to data loss

Answer 59

• Misplacing hardware containing sensitive information such as USBs, laptops and other forms of removable media.
• Misplacing paper records, leaving them unattended in a public place or within a Trust.
• Leaving personal belongings unattended allowing electronic or paper records to be stolen.

Question 60

Give examples of how breaches can arise due to information sharing

Answer 60

• Sharing confidential information without patient consent and/or without a legitimate need, for example sharing details of a patient’s genetic disorder with a family member or friend without consent.
• Accidentally revealing confidential information over the phone or via email without verifying the identity and legitimate need of the individual requesting the information.

Question 61

Give examples of how data breaches can occur due to cyber breaches

Answer 61

• Hacking attacks on networks that do not have sufficient security measures.
• Clicking on links in phishing emails leading to the download of malware.
• Sending emails containing confidential patient information via un-encrypted networks.
• Accidentally uploading patient data, passwords, account names to unsecured web platforms such as gitlab or Trello.

Question 62

What is the EU Medical Device Directive

Answer 62

Intended to harmonise the laws relating to medical devices within the European Union.
Is being replaced by the EU Medical Device Regulation in 2021.
All software used as a medical device must comply with the legislation under the MDD.
Software is classified as a medical device if its intended purpose is to diagnose, prevent, monitor, predict, provide a prognosis or a treatment for disease.
Software must be validated and verified before it is used for a medical purpose to establish confidence that the software is fit for purpose.
Validation ensures the software fulfils requirements while verification determines whether the software is doing what it is claiming to do correctly.

Question 63

What is a DPIA?

Answer 63

A tool to identify risks arising out of the processing of personal data and to minimise these risks as far and as early as possible. DPIAs are important tools for negating risk, and for demonstrating compliance with GDPR.

A DPIA must be carried out prior to the adoption of a new technology or system to share patient-related data. The DPIA justifies the main aims, reasons benefits for processing/sharing the data and demonstrates the legal basis for data sharing, and outlines the type of data being shared

Question 64

What are the Legal basis for processing Personal Identifiable Data:

Answer 64

1. Consent
2. To meet a contract or to take steps to enter a contract with the data subject
3. Compliance with a legal obligation
4. Protect vital interests of an individual(s)
5. Performance of a task carried out in the public interest or exercise of official authority vested in the data controller
6. Legitimate interests of the data controller of third party, except where interests are overridden by interests, rights or freedoms of the data Subject

Question 65

What is a Data sharing agreement (DSA)

Answer 65

A DSA outlines what data is being shared, why, do the group have patient consent, ethics approval to do the research, end of processing assurances around data destruction after research has completed, who else has access

Question 66

What is the process involved with reporting an incident?

Answer 66

A PIR is initiated on the Trust QMS

• Description of the incident
• Remedial actions
• Root-case analysis
• Corrective actions
• Follow-up after a longer period of time to assess whether the corrective actions have resolved the incident