This page should help answer some questions about how we process personal information about patients on behalf of the data controller (the healthcare organisation). This is explained in full in our Data Processing Agreement which can be found here, but some common questions have been answered below.
Where do we fit in?
Typically, the healthcare organisation is the Data Controller. Patients are the Data Subjects. We are the Data Processor (where our services are used). This means that we process data about your patients under the terms in our Data Processing Agreement, to allow you (as a healthcare organisation) to provide a service to your patients.
How are we ‘IG compliant’?
We have NHS Data Security and Protection Toolkit assurance (under NHS ODS code 8JT17). We also develop software under the principle of ‘Privacy by design'.
Are Video Consultations secure and IG compliant?
Yes. The video consultation service is fully secure and compliant with GDPR and DCB0129. The video and audio communication is only visible to participants on the call and transmitted over an encrypted connection. It is not recorded or stored on any server. The video consultation connection prioritises ‘peer-to-peer’ connections between the clinician’s and patient’s phone and follows NHS best practice guidelines on health and social care cloud security. See a full article on the topic here. The NHS have also approved our approach (see here).
Are we Cyber Essentials Certified?
Cyber Essentials is a scheme run by the UK government and the National Centre for Cyber Security to help you know that you can trust your data with us. We have the Cyber Essentials and Cyber Essentials Plus certification.
What data do we process?
In order to provide communication with and about patients we process patient data and healthcare staff data to our secure servers. The patient data typically includes name, identifiers, contact details, demographic data, message content (including documents and patient replies to messages either via secure surveys or two-way messaging) and other application-use related data. We only process this data when you send a communication to patients.
We also process healthcare staff data who are users of AccuRx. This typically includes role, organisation, contact details, identifiers including gender and date-of-birth, messages, metadata, signatures, login and other application-use related data.
The video and audio communication of any video consultation is only visible to participants on the call, and is not recorded or stored on any server. The IP address of call participants may be stored as part of metadata stored, however no other personal information of call participants is collected or stored.
How do we send text messages?
Does the GDPR require explicit patient consent to send SMS messages to patients?
No, providing another legal basis is used. This was confirmed by the ICO in a BBC interview (go to 7:55 in)
GDPR allows six different legal bases for processing data, of which consent is one. The Information Governance Alliance advises healthcare organisations to process patient data for the delivery or administration of care under the following legal bases:
6(1)(e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’.
9(2)(h) ‘…medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems…’
The ICO has warned against the use of consent as a legal basis for data processing by public authorities and healthcare providers.
If your practice does choose to gather consent for other reasons, all consent codes found in a patient’s medical record are shown to the user.
How can patients opt out?
When sending an SMS Chain SMS shows all consent codes and dissent codes found in the patient record. If a patient wishes to opt out of receiving SMS messages, you should update their ‘Notification preferences’ in the patient registration dialog.
How do we ensure that the right person gets the message?
In short, you can never be 100% confident, and so SMS messages shouldn’t be used for sensitive information (e.g. positive STI test result) or time-critical information (e.g. to book an urgent appointment) without the right safety net or followup.
There are a lot of steps you can take to improve the quality of your SMS database, including asking your receptionists to confirm mobile numbers on every call, and confirming a patient’s mobile number in a consultation, especially when sending an SMS at the end of the consultation.
If you have any other questions about the GDPR and how it affects our services, please get in touch 😀