Control and monitoring of access
The right of access to the Oxfordshire Care Summary is proposed by the project board and approved by the Oxfordshire CCG Caldicott Guardian. Rights of access may also be discussed by the programme board and by the Oxfordshire Information Governance Steering Group. In addition to this:
- Users must undergo IG training and specific OCS training. They must also agree to the terms and conditions of use.
- Users must access the OCS from an N3 connection, using a secure log-in and password.
- The OCS will display a log of all those who have accessed each patient’s OCS
- Access to the OCS will also be pro-actively audited to ensure that any clinician accessing the OCS has a legitimate reason for doing so.
Information sharing framework
All data supplied to the Oxfordshire Care Summary is described and agreed in Information Sharing Protocols between the organisations supplying the info and the organisations that are receiving the info, and is approved by the Caldicott Guardian of each organisation.
- All views of data shown by the OCS are tested to check that they show what has been entered in the original system
- All views of data are risk assessed to ensure that the presentation of the data does not pose a clinical risk or cannot easily be misinterpreted by the user; any residual risk has been accepted as acceptable by the programme board.