Summary Care Record (SCR) governance person (SGP) for SCR in community pharmacies

The SGP has codes added to their smartcard which give them access to the audit and reporting tools of the Summary Care Record system. The RBAC code  is R0001 and contains activity B0016 - Receive Self Claimed LR Alerts and activity B0015 - Receive Emergency View Alerts.

Each pharmacy organisation should put in place its own business processes to check that SCR is being used correctly. Examples of these processes can be found in the full Privacy Officer Guidance for Community Pharmacy. These processes should be documented in a Standard Operating Procedure document. Download a template Standard Operating Procedure document to help define your processes.

There are three main tools for SGPs to use to make sure the rules are being followed.

Access the SGP training.

SGPs need to audit alerts using the alert viewer, by 

• checking to see when SCRs have been accessed. See guidance on using the alert viewer
• establishing if a legitimate relationship was in place, and that any emergency accesses made were explained, and then either:
  • flagging any accesses which need further investigation
  • addressing any incorrect use such as reasons for access not being entered, or
  • closing the alert. 
• escalating any access that seems to be inappropriate to the relevant escalation point for further investigation. This could be the Operations Manager, Pharmacy Superintendent, Pharmacy Owner or Information Governance lead

Any inappropriate access is dealt with in line with the pharmacy organisation's existing information governance policies. If it is found that there has been a confidentiality breach, the patient may need to be informed, in line with the care record guarantee.