Information Governance Toolkit

Similar documents
NHS WALES INFORMATICS SERVICE DATA QUALITY ASSURANCE NATIONAL STATISTICS

HSCIC Audit of Data Sharing Activities:

All you need to know about new processes for data submission (almost)

SUS RBAC Assignment Guide User guidance on Payment by Results (PbR) in SUS Payment by Results (PbR) in SUS

Patient Reported Outcome Measures (PROMs)

Birmingham Community Healthcare NHS Foundation Trust. 2017/17 Data Security and Protection Requirements March 2018

Policy on the Standardisation of Documentation

Data Sharing Agreement

Procedure re-written. (i.e. All staff with responsibility for the creation, use and management of organisational responsibility)

HSCIC Audit of Data Sharing Activities:

Data Protection Policy

Commissioning Digital Services for General Practice: GP IT Operating Arrangements, including addendum to the 2016/18 Operating Model

Children and Young People s Health Services Data Set

Information backup - diagnostic review Abertawe Bro Morgannwg University Health Board. Issued: September 2013 Document reference: 495A2013

Data Encryption Policy

LOUGHBOROUGH UNIVERSITY RESEARCH OFFICE STANDARD OPERATING PROCEDURE. Loughborough University (LU) Research Office SOP 1027 LU

INFORMATION SECURITY AND RISK POLICY

Green Star Volume Certification. Process Guide

Provider Monitoring Report. City and Guilds

Cancer Waiting Times. User Manual. Version 7.0 Published 4 August 2016

NHS R&D Forum Privacy Policy: FINAL v0.1 May 25 th 2018

Data Security Standards

IQ Level 4 Award in Understanding the External Quality Assurance of Assessment Processes and Practice (QCF) Specification

Global Specification Protocol for Organisations Certifying to an ISO Standard related to Market, Opinion and Social Research.

GMSS Information Governance & Cyber Security Incident Reporting Procedure. February 2017

NHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy

NPDA User Guide: Submitting your data via CSV

NHS Fife. 2015/16 Audit Computer Service Review Follow Up

EUROPEAN MEDICINES AGENCY (EMA) CONSULTATION

3 Complaints against the Organisation

NSPCC JOB DESCRIPTION

Data Protection Policy

APM Accreditation for training providers Application Guidance Notes

Guidance on Completing Provider Service Return (PSR) Version 1.2 September 2018

Information Governance Incident Reporting Procedure

Audit Report. The Prince s Trust. 27 September 2017

NHS e-referral Service Transition Planning WebEx May 2015

Application form guidance

APPENDIX TWO RETENTION AND DISPOSAL SCHEDULE IMPLEMENTATION GUIDELINES

APPENDIX 1 7 APPENDIX 2 8 APPENDIX 3 10 APPENDIX 4 11

Policy. Business Resilience MB2010.P.119

Complaint Handling Procedure and Escalation Policy

Audits Why bother?! Caroline Lester Senior Health Protection Nurse PHE Health Protection Team

Safeguarding Adults & Mental Capacity Act Service

Continuing Professional Development: Professional and Regulatory Requirements

NHS Education for Scotland Portal Dental Audit: A user guide from application to completion

Standard Operating Procedure. Data Management. Adapted with the kind permission of University Hospitals Bristol NHS Foundation Trust

IECEx Guide Guidance for Applications from Service Facilities seeking IECEx Certification

Practitioner Certificate in Business Continuity Management (PCBCM) Course Description. 10 th December, 2015 Version 2.0

Post-accreditation monitoring report: British Gymnastics (BG) April 2007 QCA/07/3121

APPENDIX THREE RETENTION AND DISPOSAL SCHEDULE IMPLEMENTATION GUIDELINES FOR NSU PROVIDERS

UNIVERSITY OF LEICESTER, UNIVERSITY OF LOUGHBOROUGH & UNIVERSITY HOSPITALS OF LEICESTER NHS TRUST JOINT RESEARCH & DEVELOPMENT SUPPORT OFFICE

INFORMATION GOVERNANCE. Caldicott Approval Procedure

econtract System User Guide

You can access the AIMS user guide in the Related Links section at the top right of the page.

Quality Assurance Criteria (China)

IPC Certification Scheme IPC QMS/EMS Auditors

Pathways CIC Privacy Policy. Date Issued: May Date to be Reviewed: May Issued by Yvonne Clarke

BRIDGEWATER SURGERIES. Privacy Notice

GUIDE ON APPLICATION FOR ROUNDTABLE FOR SUSTAINABLE PALM OIL PRINCIPLES AND CRITERIA (RSPO P & C) INCLUDING GROUP CERTIFICATION

Scottish Care Information. SCI Gateway v11.1. Receiving Referrals User Guide

PRIVACY NOTICE VOLUNTEER INFORMATION. Liverpool Women s NHS Foundation Trust

UNIFORM STANDARDS FOR PLT COURSES AND PROVIDERS

Audit Report. City & Guilds

NEWCASTLE CLINICAL TRIALS UNIT STANDARD OPERATING PROCEDURES

CERTIFICATION BODY (CB) APPROVAL REQUIREMENTS FOR THE IFFO RESPONSIBLE SUPPLY (IFFO RS) AUDITS AND CERTIFICATION

DATA PROTECTION POLICY THE HOLST GROUP

Continuing Professional Development Verification and Recognition Policy

Business Continuity Policy

Code Administration Code of Practice

ABB Limited. Table of Content. Executive Summary

Gatekeeper Public Key Infrastructure Framework. Information Security Registered Assessors Program Guide

"Energy and Ecological Transition for the Climate" Label Control and Monitoring Plan Guidelines

Agenda. Bibliography

Statutory Notifications

Image Exchange Portal

SFH Digital Strategy Roadmap 2017/18 to 2011/2012

What is BS 7799? BS 7799 is the most influential, globally recognised standard for information security management.

BCS Specialist Certificate in Change Management Syllabus

Complaints and Compliments Policy. Date Approved: 28 September Approved By: Governing Body. Ownership: Corporate Development

Individual Funding Requests (IFR) Guidance notes for referrers (GPs and Referring Clinicians)

Reviewed by ADM(RS) in accordance with the Access to Information Act. Information UNCLASSIFIED.

Privacy Impact Assessment

OFFICIAL COMMISSIONING OF SECURITY SYSTEMS AND INFRASTRUCTURE

The General Data Protection Regulation

Scottish Care Information. SCI Gateway v10.3. Sending Referrals & Receiving Discharges User Guide

Audit Report. Chartered Management Institute (CMI)

Implementation of the Minor Ailment Service Produced by NES Pharmacy

Primary Care Support England. Practice Guide - Childhood Immunisations

FRIENDS AND FAMILY TEST IN GENERAL PRACTICE

Use of and Instant Messaging (IM) Policy

BORN Ontario s Data Quality Framework

Wye Valley NHS Trust. Data protection audit report. Executive summary June 2017

IT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive

The ehealth Annual Report aims to highlight the activities within the teams that make up the ehealth Department.

QCTO CERT 002/15 QCTO Certification Policy Page 2 of 14

Board Assurance Framework and Corporate Risk Register Report

"PPS" is Private Practice Software as developed and produced by Rushcliff Ltd.

Higher National group award Graded Unit Specification

FRIENDS AND FAMILY TEST IN GENERAL PRACTICE

Transcription:

Information Governance Toolkit A documented procedure and a regular audit cycle for accuracy checks on service user data is in place Requirement No: 14.1-506 Initiative: Secondary Use Assurance Organisation Type: Acute Trust Version: 14.1.0 Requirement Description Organisations should have procedures and a regular audit cycle to check the accuracy of service user data. The results of the audits should be reported as part of the organisation data quality reviews to the Board and be made available to the HSCIC on request. The audit should cover all key data items identified in 'HSCIC: NHS IG - Key Data Items List' found within the Knowledge Base Resources, or for mental health trusts - data items in the Mental Health Services Data Set, or a locally defined subset approved by specific formal agreement with the organisation's main commissioner, or local Data Quality Informatics Group. Effective Audit Cycle for Accuracy Checks on Service User Data Introduction 1. The accuracy of data is a key element of information quality which is tested through the Information Quality Assurance process. The traditional method of checking the accuracy of electronic records is against the health record. 2. However, it is recognised that in a number of providers, health records are no longer the primary source of data for a number of data items. Information Quality Assurance has been designed to be flexible enough for individual organisations to respond to the particular situation within their organisation. Accuracy of Data 3. The increasing use of electronic records and the implications for health records as a primary source of information have to be recognised, as does the increasing role and right that service users have to understand and influence the information held about them. 4. There are therefore four main elements for checking accuracy of data: checking against the health record; checking with external systems; Information Governance Toolkit Page 1 of 10 R14.1-506 Acute Trust v14.1.0

checking items with service users (see requirement 402); checking the process for information capture. 5. For most organisations, in the majority of the checked fields, the accuracy checking process will use the health record as the prime check of electronic data accuracy. This will be done by comparing the key data item from the service user's health record with the same data item extracted from the download that the provider sends to the Secondary Uses Service (SUS), or uses for the purpose of central returns. 6. For certain demographic fields, the use of the Personal Demographics Service (PDS - the electronic database of NHS patient demographic details) and NHAIS (National Health Applications and Infrastructure Services previously; the Exeter System) should be used as a double-check. 7. Where organisations already use a tried and trusted system of checking data accuracy retrospectively with samples of service user health records, then the results of these checks can also be used as evidence for accuracy, as can other recent independent audit checks. 8. Where an organisation has made a specific formal statement, minuted as agreed by its Board (or delegated sub-committee) and supported in its policy documentation, that its health records are not a primary source of data for a particular data item, and the above alternate methods of checking are not available or applicable (such as for start and end dates etc), then a detailed check of the processes for collection of that data item, focussing on evidence of the accuracy of the collection of that data (through spot checks etc), and regular audit, will be accepted. 9. The onus will be on the organisation to supply evidence to prove the accuracy of this data. Each organisation will have different processes and procedures in place which make it inappropriate to have a common definitive source for all data items collected. However, each organisation should decide the method of approach it wishes to employ for each data item and document this as part of their evidence for Information Quality Assurance. 10. Access to individual records is justified for data quality checking as part of Information Quality Assurance, as it is regarded as part of the Clinical Audit Process included under section 251 of the NHS Act 2006 (formerly section 60 of the Health and Social Care Act 2001). An Audit Cycle for Accuracy Checks *This requirement must have been completed on data relating to the financial year 1 April to 31 March of the reporting year to which the IG Toolkit assessment relates* 11. Organisations must ensure that there is a documented procedure and a regular audit cycle on care data that is used for central returns or submitted to the Secondary Uses Service and Hospital Episode Statistics (HES). This includes notifying the Board (or delegated committee) of the findings and making those findings available to the HSCIC if requested to do so. 12. The service user care datasets currently included in this guidance are: Admitted Patient Care; Outpatients; Information Governance Toolkit Page 2 of 10 R14.1-506 Acute Trust v14.1.0

Elective Admission Lists. 13. However, organisations are encouraged to audit other datasets (e.g. NSFs, A&E etc). Health Record Checks Against a Sample of Data 14. Where the health record is the primary source of data, the accuracy assessors should select for examination a random sample of data which covers all specialties. The recommended sample size is based on the number of records processed in the year in each data group. (For audit sample sizes for each dataset refer to the supporting document titled 'HSCIC: NHS IG - Key Data Items List' found within the Knowledge Base Resources). 15. The aim of this requirement is to ensure that an organisation can demonstrate to itself that it is maintaining accurate information about its service users. Organisations may feel that the minimum levels set out above are too small to give them the assurance they need. Organisations are encouraged to audit more than the minimum set out above to provide this assurance. 16. However, these sample checks can be spread throughout the year in whatever way best suits the organisation. Evidence of sample size should be included in the Information Quality Assurance submission, and any inability to access the full sample may be an issue for further investigation. Suggested Approach 17. A database, spreadsheet or printout of the selected Commissioning Data Sets (CDS) or for mental health trusts, the Mental Health and Learning Disabilities Minimum Dataset (MHLDDS), could be produced from the computer system listing the key data items to be analysed, and the corresponding random sample of health records. The list of records to be pulled should be provided in the order that best suits the local filing system. 18. Using data from the health record, a member of the accuracy checking team should re-code the key data items and enter the codes on a pro forma. Another member of the accuracy checking team should then examine the key data items on the CDS or MHLDDS and write the codes on the pro forma. The two codes are compared and mismatches identified. Reasons for errors must be identified and recorded. 19. Where the data item is not specifically recorded in the health record the following may apply, and the assessor will need to apply judgement as to the action to be taken: a. The field may by local arrangement be filled in with a default code (such as a Management Intention of Day Case for a procedure such as Cataracts, or where there is direct booking by GPs onto theatre lists). Where this is the case, then a written policy / procedure should exist stating how the default will be operated. If such a policy / procedure does not exist then all the appropriate records for this data item should be regarded as inaccurate for the purposes of scoring. If such a policy / procedure exists and is correctly applied in each case, then the appropriate records should be regarded as accurate for scoring purposes. However, allowing default codes can lead to coding being inaccurate and this practice should only be used if absolutely necessary. Information Governance Toolkit Page 3 of 10 R14.1-506 Acute Trust v14.1.0

b. Some records, particularly for outpatients, may contain data items appertaining to events that occurred several years ago, such as Referral Request Received Date for an Outpatient Referral that could be several years old, with no date stamp on the referral letter. In each such case the assessor will need to exercise judgement as to whether the record should be excluded from the accuracy calculation for that data item. Although it is difficult to be prescriptive, a 3 year rule-of thumb may be used with caution in some such cases. 20. The accuracy check is looking for major discrepancies and errors. It is not concerned with minor differences of interpretation. For instance, if a check of the health record reveals that a service user was admitted as an emergency, then recording of an elective code in the data would definitely be inaccurate. If however, it is unclear in the notes as to the exact method of emergency admission (such as between GP and Bed Bureau), then the assessor may exercise some limited discretion. Accuracy of Externally Checked Items 21. NHS Numbers should be obtained and/or frequently checked through the Patient Demographic Service (PDS). The NHS Number Status Indicator Code records whether the NHS Number has been traced and verified (Code 01). A code other than 01 indicates the status of the trace on the NHS Number. NHS Numbers which have been traced and verified through the PDS must be regarded as accurate. 22. The accuracy check for NHS Number is undertaken by checking the NHS Number Status Indicator Code. Only where the code NHS Number Status Indicator Code is 01 should the record be taken as accurate. However, this should also take account of where rigorous checks have been undertaken which prove that the service user genuinely does not have an NHS Number (e.g. certain military personnel). 23. Organisations must have adequate and timely procedures in place for the tracing of NHS Numbers. Evidence will be required that the organisation is using adequate procedures to batch check the NHS Numbers on their system. 24. Evidence of regular monthly batch checking of NHS Numbers and the returned reports will be required covering the last six months. Postcode of Usual Address 25. Where the organisation uses NHAIS or PDS to verify the service user's postcode, then the review team should check in detail the process by which this occurs, and should sample check a minimum of 30 records to ensure that the record matches the appropriate source. 26. Where the service user's statement of their postcode is accepted as the organisation s source, evidence will be required to show that the postcode is regularly checked with the service user on every attendance. There should be audit trail records to show that postcodes are updated appropriately following admissions/attendances, and that there is a mechanism for updating postcodes where independently notified by the service user or GP. NB: Birth Episodes do not carry address details for a baby, and should be excluded from the sample group. Information Governance Toolkit Page 4 of 10 R14.1-506 Acute Trust v14.1.0

Code of Registered GP 27. In many cases there will be enough information in the health records to correctly identify the registered GP. In individual cases where this evidence is not in the case note, the code of Registered GP should be checked against NHAIS records, and any discrepancy treated as an inaccuracy. The fact that there may be a time-lag in updates to NHAIS is allowed for in the scoring system. Process Checks 28. Where the provider can clearly demonstrate that the provider s Board has formally made a policy decision that for named data items the computer is the primary source and that no appropriate source document is being retained, the following alternative approaches should be taken: a. Where data items are automatically assigned by the computer the accuracy checker will examine the procedures for maintaining the reference files and verify that the assignment process is operating correctly - using a sample of at least 50 records for each affected data item. The accuracy of the data input to the algorithm should also be evaluated. b. Where data is collected directly onto the computer, the accuracy checker will check the processes for the collection and input of the data item. The reviewer will also check that the processes and procedures are complied with routinely. Again, a sample of at least 50 transactions for each applicable data item should be used (NB: multiple data items may be checked simultaneously). c. Where the service user completes a questionnaire or other written enquiry (such as for capturing Ethnic Category), which is not normally retained either in the health record or elsewhere, the accuracy checker will check that procedures are in place which ensure the accuracy of the data recorded. 29. Results from using these approaches should be notified to the Board and made available to the HSCIC if requested to do so. 30. Organisations should retain the service user questionnaires for a minimum of two years (as per the Department of Health Records Management NHS Code of Practice available from the Knowledge Base Resources) for scrutiny and sample checking during this check, and these should be available subsequently for evidence. Again, a sample of at least 50 records for each applicable data item should be used. Key Data Items All audits undertaken should meet the guidance found in 'HSCIC: NHS IG - Key Data Items List' available in the Knowledge Base Resources, or for mental health trusts - should cover the data items in the Mental Health Services Data Set. 31. Full details of data definitions and format specifications can also be found in the NHS Data Dictionary, the NHS Commissioning Data Set Manual, the Mental Health Services Data Set documentation and relevant Data Set Change Notices (DSCNs). Information Governance Toolkit Page 5 of 10 R14.1-506 Acute Trust v14.1.0

Knowledge Base Resources Key Guidance Title Details Last Reviewed Date HSCIC: NHS IG - Key Data Items List (PDF, 367 KB) HSCIC: Requirements for Submission of Commissioning Data Set Data to SUS NHS Data Dictionary: Commissioning Data Set Mandated Data Flows HSCIC: Secondary Use Service - How do I analyse Data Quality HSCIC: Mental Health Services Data Set A list of the CDS and key data items for use when undertaking accuracy audits on service user data. Organisations that provide NHSfunded care must submit the relevant Commissioning Data Set (CDS) data to the Secondary Uses Service (SUS). These providers must ensure that the requirements listed on this web page are all checked and met, as set out by the NHS Standard Contract, issued by NHS England. The minimum Commissioning Data Sets information flow requirement to enable Hospital Episode Statistics, 18 Weeks ACTIVITY reporting, and Payment by Results to be supported by the Secondary Uses Service is shown in the table on this web page. Further information about the three tools provided to enable measurement and monitoring of data quality - KPI Reports, Data Quality Dashboards (DQD) and Data Quality Reports (DQR). The Mental Health Services Data Set (MHSDS) is a patient level, output based, secondary uses data set which will deliver robust, comprehensive, nationally consistent and comparable person-based information for children, young people and adults who are in contact with Mental Health Services. As a secondary uses data set it intends to re-use clinical and operational data for purposes other than direct patient care. 22/02/2016 Information Governance Toolkit Page 6 of 10 R14.1-506 Acute Trust v14.1.0

Standardisation Committee for Care Information (SCCI): SCCI0011 Mental Health Services Data Set DH: Records Management NHS Code of Practice 2008 This SCCI web page contains the Requirements Specification, Implementation Guidance and other key and supporting documents of relevance to the Mental Health Services Data Set. The Code is a guide to the required standards of practice in the management of records for those who work within or under contract to NHS organisations in England. It is based on current legal requirements and professional best practice. The guidance applies to all NHS records and contains details of the recommended minimum retention period for each record type. Currently under review and updated version due to be published in 2015. 22/02/2016 24/01/2016 Exemplar Materials Title Details Last Reviewed Date Surrey & Sussex Hospitals NHS Trust: Data Quality Procedure (DOC, 190 KB) Accuracy check methodology. Useful Websites Title Details Last Reviewed Date NHS Data Model and Dictionary HSCIC: Personal Demographics Service The NHS Data Model and Dictionary provides a reference point for assured information standards to support health care activities within the NHS in England. It has been developed for everyone who is actively involved in the collection of data and the management of information in the NHS. The Personal Demographics Service (PDS) is the national electronic database of NHS patient demographic details such as name, address, date of birth and NHS Number. Information Governance Toolkit Page 7 of 10 R14.1-506 Acute Trust v14.1.0

HSCIC: Secondary Uses Service - Guidance and other useful documents This section of the SUS web pages provides links to documents which will help you get a general appreciation of what data is stored in SUS, how it is used and how to gain access. 24/01/2016 Requirement Origins NHS Care Record Guarantee commitment 8 Principle 4 of the Data Protection Act 1998 EL (97) 47: Managing data quality improvements and data accreditation Audit Commission: Data Remember - Improving The Quality of Patient-Based Information 2002 Changes The following is a list of material changes since the last major version of this requirement: Guidance and attainment levels amended to require organisations to make findings from data quality reviews available to the HSCIC if requested to do so. New attainment levels 2b to explicitly state that audit reports should be documented. Attainment level 3 amended to explicitly state that following an audit, organisations should take action to improve poor accuracy. References to the Mental Health and Learning Disabilities Minimum Dataset have been updated to the Mental Health Services Data Set. Information Governance Toolkit Page 8 of 10 R14.1-506 Acute Trust v14.1.0

Attainment Levels (Including Checklist) These are cumulative eg to attain Level 3 you must complete all Level 1, 2 and 3 criteria. 0 There is insufficient evidence to attain Level 1. 1 Data quality is addressed as part of the Information Lifecycle Management Policy and a documented procedure and a regular audit cycle for accuracy checks on service user data is in place. a Responsibility for developing the policy and an audit plan for checking the accuracy of service user data has been assigned to the data quality review/monitoring group. A note or e-mail assigning responsibility or the terms of reference of a group. b There is a documented and approved audit plan that includes service user data accuracy audits. A documented audit plan that includes service user data accuracy audits. Minutes of the meeting where the audit plan was approved or email or personal endorsement in writing from an appropriate senior manager. c Staff guidance on accuracy checking has been publicised and distributed to easily accessible locations targeting all relevant staff. Staff guidance published on the intranet, or hard copies found in staff communal areas or in departmental procedures folders. 2 The accuracy of service user data audits cover all key data items identified in the supporting guidance for this requirement. The results are documented and reported to the Board/senior management, or delegated sub-committee as part of ongoing data quality progress reviews and made available to the HSCIC if requested. a The accuracy of service user data audits, conducted in accordance with the guidance provided and sample sizes specified in the supporting document for this requirement, covers all key data items. Methodology documentation, audit working papers (for example working papers should include a completed template example of how data accuracy is checked, which includes all required key data items). Information Governance Toolkit Page 9 of 10 R14.1-506 Acute Trust v14.1.0

b Audit reports are documented, with recommendations and agreed actions for improving poor accuracy. Copy of audit report and recommended actions. c Progress updates are reported to the Board, delegated sub-group or senior management at set intervals. Minutes of the meeting where the audit reports were reviewed. 3 The data quality policy forms part of the broader Information Governance Policy (see requirement 105). Actions are taken to address areas of persistently poor data quality. a The data quality policy forms part of the broader Information Governance Policy. Minutes of the IG committee showing attendance of a data quality (DQ) lead at the meetings, and minutes of IG committee showing regular discussion of DQ issues. b Where recommended actions are not achieved, the audit actions are escalated to the Board/senior management, or delegated sub-committee for action. Copy of agreed actions, which may include; risk assessment for extending timescales, an agreement for a training programme to ensure staff responsible are trained to overcome patterns of poor data quality in their area, documenting new processes. Amended or revised agreed actions. c [Level 3 Maintenance - only required if Level 3 achieved in previous year] Policies and audit plans are regularly reviewed and aligned with the latest central guidelines. Minutes/meeting notes where the procedures and audit cycle have been reviewed, including the decisions made and any updates to the procedure or audit cycle. Past Level: (available online from IGT) Current Level: Target Level: Target Date: Information Governance Toolkit Page 10 of 10 R14.1-506 Acute Trust v14.1.0

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback