We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
TPP type 2 issue: information for TPP practices
Letter to TPP practices about a data breach concerning Type 2 opt outs, for General Practitioners using TPP SystmOne.
Message from Martin Severs, Medical Director and Caldicott Guardian, NHS Digital
We have recently become aware of a data breach involving type 2 opt-outs which have been recorded in TPP practices (SystmOne) since 1 April 2015.
Type 2 opt-outs are applied to NHS Digital data disseminations and prevent NHS Digital from sharing a person’s personal confidential data for purposes beyond their direct care.
This letter aims to brief you about the situation and to inform you about three things:
- The nature of the breach
- What we have done about it
- What is going to happen next
You do not need to take any action at this stage, but you do need to be aware of the issue.
The nature of the breach
Patients who have registered a type 2 opt-out in TPP practices (SystmOne) have not had those opt-outs subsequently sent to NHS Digital, due to a coding error by TPP, for which TPP has apologised unreservedly.
This error has affected around 150,000 patients, about 10% of the total number of opt-outs. Patients are affected if they registered a type 2 opt-out in a GP practice using SystmOne, after 31 March 2015.
For those people affected this issue means that their objection to sharing their information hasn’t been honoured, because NHS Digital was never given the information about their preferences.
NHS Digital has strong controls and only shares information where there is a legal basis to do so and when there are strict controls in place about how the data should be used, how it is stored safely, who can access it and when and how it must be securely destroyed.
What we have done about it
We worked swiftly to resolve the issue, which was diagnosed by TPP on Tuesday 26 June 2018.
On 27 June 2018 we stopped all data flows from NHS Digital where type 2 opt-outs should have been upheld.
By the evening of 28 June 2018, we had identified all the newly found opt-outs and had converted them into the new national data opt-out. This was then tested and successfully implemented, meaning that we could restart data flows.
If any of your patients talk to you directly about this issue, then please reassure them that all their type 2 and national data opt-outs are now being upheld and that the cause of the error in SystmOne has been fixed.
As joint data controllers with GPs for type 2 preferences, NHS Digital reported the data breach to the Information Commissioner’s Office on Thursday 28 June 2018.
What is going to happen next?
In conjunction with our stakeholders NHS Digital will:
- Write to all general practices using a TPP SystmOne to explain the breach – this letter
- Brief key stakeholders about the incident, including GP professional bodies
- Write directly to the patients identified in this breach, to apologise and inform them of the current situation. We will do this during July 2018
- Identify all data disseminations whereby type 2 opt-outs should have been applied and contact data recipients about replacing the disseminated data set with a similar data set with the full number of opt-outs applied
- Work with the Information Commissioner’s Office and TPP to further investigate this event and take any necessary remedial action that comes to light, including any upgrades in data quality monitoring
- Contact the other three GP system providers to check their extracts. This is a precaution and we have no evidence to suggest that this issue extends beyond TPP (SystmOne).
We apologise to you and your patients for any inconvenience this has caused. If your patients have any queries, then please reassure them that if they have been affected we will be writing to them by the end of July. They can contact us on 0300 303 5678 if they have any concerns or they can visit our website for more information at https://www.digital.nhs.uk/tpptype2.
We would like to reassure you and your patients that we are taking this issue seriously and have worked hard to put things right as quickly as possible. We have been working closely with TPP to understand what has gone wrong. As you will be aware we have recently introduced that new national data opt-out and patients are now able to set their own data sharing preferences online, by telephone or using a paper form at https://www.nhs.uk/your-nhs-data-matters. This means that they can be reassured that any opt-outs are being sent straight to NHS Digital.
Should you have any additional queries please contact NHS Digital on 0300 303 5678 or visit our website at https://www.digital.nhs.uk/tpptype2.
Medical Director and Caldicott Guardian, NHS Digital