Information governance for Personal Health Records

Clinical risk management standards: these are for the safe manufacture, deployment and use of health IT systems. You must follow these standards.

Information standards for health and social care are assured and published by the Data Coordination Board.

International standard for functions that may be present in a PHR: this relates to the International Organization for Standardization (ISO) HL7 Personal Health Record System Functional Model, Release 1 (also known as PHRS FM). 

NHS numbers are used to identify patients and link them to their records, so that patient information can be shared across health and social care organisations.

NHS terminology and classifications are national standards for recording and categorising health information. They include SNOMED CT (a structured clinical vocabulary) and clinical classifications standards.

Standards for the clinical structure and content of patient records: these standards from the Royal College of Physicians are to make sure that patient records are accurate and that data can be shared across multiple systems.

Standards for the structure and content of health and care records: the Professional Record Standards Body (PRSB) develops these national standards. They include hospital referral letters, discharge summaries, plus inpatient and outpatient letters.

PHRs rely on data being shared between clinicians and patients.

Information might need to be shared between more than one health and social care provider, before it can be used by the patient.

Providers need to have data sharing agreements (DSAs) in place, to detail what information can be shared and how it can be used. These are sometimes called information sharing agreements (ISAs).

Local areas told us during research that it took too long to get DSAs agreed by all the organisations involved. It often took months just to get the template approved.

There are two online tools known to us, which have been created by local organisations to help this process. These can be used to create, manage and maintain DSAs.

They are now available to be used by other areas. You can visit their websites and get in touch with them directly:

• visit the Data Controller Console, or you can also email [email protected]
• visit the Information Sharing Gateway, or you can also email [email protected]