This page contains a Flash digital edition of a book.
ADVICE  DATA PROTECTION


Keep it clinical


A scenario involving a potentially violent patient raises the issue of how non-clinical data is recorded and stored


M


EDICAL staff often see people at their worst – feeling ill or worried either for themselves or a family


member. Some rude or aggressive behaviour at the reception desk or in a consulting room is hardly surprising, unacceptable though it may be.


Deciding just when such behaviour goes


beyond what is tolerable or even safe in terms of the personal security of practice staff can sometimes be difficult. MDDUS has, however, become aware that this type of behaviour is increasingly being logged within patients’ medical records. A discussion of this topic at the recent MDDUS Practice Managers Conference sparked some debate. The specific scenario concerned use of messaging facilities within practice IT systems. Consider a patient – Mr A –who arrives at


reception late and agitated for an appoint- ment and snaps at the receptionist, calling her a “stupid cow”. In the time before he is called for his appointment the reception- ist transmits a message via the practice IT system informing the GP that Mr A has been “threatening and abusive”. The expectation is that the GP – with justification – will confront Mr A on his inappropriate behaviour. But also at issue is what happens to that message. Depending on how it has been transmitted, the receptionist’s comment could be stored as part of Mr A’s permanent clinical record. This scenario touches on a number of areas


of concern including how practices manage patient information using clinical IT systems and other means of storing non-clinical data.


It also concerns the duty of care to practice staff in regard to harassment or aggressive behaviour from patients.


CLINICAL RECORDS IN PRINCIPLE GP practices across the UK use a variety of IT systems to manage patient records, such as EMIS, SystemOne, Vision and Synergy. It is beyond the scope of this article to go into the fine details of how data is captured, stored and transmitted in each system. However, it is essential that practices understand how their IT systems operate in order to ensure compliance with the Data Protection Act 1998 and basic legal and regulatory requirements to ensure confidentiality. In this scenario the message string used to


inform the GP of the patient’s rudeness was automatically appended to the patient clinical records. It is doubtful that a record of this exchange entered by a receptionist would be considered of clinical relevance. A GP in some circumstances may wish to record a patient’s behaviour in the clinical notes – for example in cases of mental illness – but the choice of what is recorded and the format in which that information is logged is a clinical decision and one for the GP to make. Extreme rudeness or aggression in a


patient may be worth recording in other con- texts, say if relevant to an ongoing behaviour issue or in connection with a potential com- plaint against the practice. But such records should be kept separate from clinical notes. MDDUS has had many calls over the years


from practices who have either inadvertently breached patient confidentiality by storing


non-clinically relevant information in patient records, or have received complaints from patients who after a subject access request have objected to the recording of such infor- mation within the medical records. Among documents often misfiled with the clinical records are:





Medical reports for insurance companies or DVLA, e.g. heavy goods vehicle (HGV) applications


• Case conference meeting minutes regarding issues of child protection or a vulnerable adult


• Correspondence with solicitors including reports for court purposes


• Reports and correspondence regarding employment issues


• Reports for the DWP or benefit agencies • Correspondence in regard to medico- legal claims or complaints from the GMC or GDC


• Correspondence, notes and reports to do with the investigation and resolution of patient complaints.


Such information should be held in a sepa-


rate file. The risk of inappropriate disclosure has been further increased by the computeri- sation of patient records. Many practices now routinely scan and store all patient-related cor- respondence in electronic folders. To copy and send a folder takes only a matter of seconds. But just as with paper records it is essential such records are thoroughly checked to pre- vent inappropriate disclosure of non-clinically relevant details or third-party information.


12


SUMMER 2012  ISSUE 6


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16