Following the changes to the commissioning landscape in April, with the disbanding of PCTs and the creation of CCGs, there has been an ongoing semi-public discussion regarding the use of Personal, Confidential Data (PCD) by commissioners.
To recap, for those who haven’t been following the story: It seems there is no basis in law for CCGs – nor the CSUs supporting them, nor indeed NHS England – to process identifiable patient data for commissioning purposes. The only body which can legally do so is the Health and Social Care Information Centre (HSCIC). So to enable record linking and data management activities in support of commissioning to continue, outposts of the HSCIC have been defined, providing “Data Services for Commissioning.” They are charged with delivering linked, pseudonymised data for commissioning purposes to CSUs and CCGs.
To allow business as usual to continue without harm, a Section 251 has been agreed (with a number of conditions) to allow identifiable SUS data to flow, in the clear, for commissioning. But only to the end of June 2013.
Meanwhile, in the local CSUs which host Data Services for Commissioners, there is work on infrastructure, systems and IG progressing at some speed, to separate the HSCIC outpost from the CSU.
And at the same time, CSU and CCG systems are being reviewed and updated to enable them to process de-identified data.
Into which mix the Caldicott Information Governance Review (‘Information: To Share or not to Share’) has been published.
And in the time it has taken to write that, the situation has probably changed again.
Now Read On
Actually, the Caldicott Review makes pretty gripping reading. No really, it does. For example:
- “…a culture of anxiety permeates the health and social care sector.”
- “There is … a lack of trust between the NHS and local authorities and between public and private providers… This state of affairs is profoundly unsatisfactory and needs to change.”
- “We were told that patients who attempt to become involved in decisions about their care are often thwarted by ‘information governance rules’ that ignore their express wishes.”
- “The arrangements for NHS and local authority commissioners to extract information were in a state of rapid, comprehensive change during the period of this Review, as the NHS Commissioning Board, clinical commissioning groups, Public Health England and local authorities prepared to take on the responsibilities set out for them in the Health and Social Care Act 2012.”
- “There is a lack of commitment to information governance and people cannot be bothered with it.”
Of course, it’s easy to sex up a report by quoting selectively, as I’ve just shown. And so far this is just a review with a bunch of recommendations (admittedly including an excellent new Caldicott Principle that “The duty to share information can be as important as the duty to protect patient confidentiality”). And on the DH Website the Government have promised a full response “in the Summer”.
But even so, it already seems to be gaining some traction – and criticism. For example, one blog on the Nuffield site broadly praises the report, but also criticises it for:
- “… lumping commissioners together with researchers, public health practitioners and other purveyors of ‘indirect care’, and putting them outside the magic circle of ‘direct care’ professionals (e.g. doctors, nurses and social workers)…”
While another comments that:
- “Last Friday’s Caldicott Review may create a … bigger risk to the pursuit of higher quality for lower cost if it restricts basic analysis by clinical commissioning groups (e.g. not being able to risk stratify patients to spot who is at high risk of admission…)”
This last is particularly interesting to my mind. It recognises that commissioners – the PCTs originally and now their successor CCGs (and supporting CSUs) – have been hosting systems that help clinicians deliver direct patient care. They’ve had the data, the intelligence and software (often provided by ourselves of course), and a serious interest in helping the GPs and patients.
Commissioners have acted as hosts for Urgent Care Dashboards (UCD) – being arguably the best-placed organisation in a given area to pull together the data sets from the typical multiplicity of local providers (including Walk-In Centres and Out-of-Hours services as well as traditional hospital A&E). Local GPs use this data to improve the care of their patients.
Risk stratification and predictive modelling tools are not just about modelling population health and morbidity to provide support for service planning – although of course they can help significantly with that. They are also, and fundamentally, used in general practice to improve the lives of many patients. The Cricket Green Case Study shows this, of course, and that is just one of many examples.
Solutions have also been developed by commissioners which involve GPs and other local clinical staff in the detailed assessment of local providers and the care they have delivered for their patients. These typically surface detailed SUS and other data on the GP desktops, creating a more complete view of the care a patient has received. Even if they were originally intended to help manage spiralling provider costs, they also provide significant help with the ongoing care of the individuals in question. And such tools also deliver an insight into provider quality and safety – which, post-Francis, is a benefit that cannot be ignored.
The local commissioner has often been the organisation best-placed to develop or procure such solutions on behalf of the local health economy – even when they perhaps didn’t fall within a narrow definition of ‘commissioning responsibilities’. They’ve often done so by re-purposing SUS data for direct care use, or bought in solutions with multiple applications – including both direct- and non-direct care capabilities – efficiently re-using the data available.
Actually, Caldicott does recognise this in part, although its language does seem slightly grudging:
- “Should individual data controllers, such as GP practices, wish to use a commissioning support unit or data management integration centre as a data processor, then a robust legal framework and contractual arrangement must be in place… At the time of writing, this would require a contract between the GP practices and NHS Commissioning Board, as CSUs and DMICs are part of the NHS CB…”
The implication is still that these systems are separate from commissioning, and need to be managed differently.
So a lot of work is in hand to make this happen. So that the baby doesn’t get jettisoned while the IG bathwater is being changed (I’ve never been that good with metaphors).
Welcome to the transition!
See my ‘industry view’ in EHI from June 2013: Issues facing clinical commissioners and supporting organisations after the Health and Social Care Act and the Information Governance Review.