Home
  Overview
  Trial Summary
  Pilot Areas
  FAQ
  News
  Updates
  Resources
    Articles
    Events
    Resource Pack
  Links
  Contact Us

Resources - Articles

Medicines Management and Patient Confidentiality

Medicines management promises exciting new opportunities for both patients and pharmacists. It offers expeditious and comprehensive services, such as chronic disease monitoring, from a trusted and known healthcare professional. For example, patients at risk for coronary heart disease could check their blood pressure at a community pharmacy and have their readings communicated to their doctor.

A new way of working is created for pharmacists and this means that patient-specific information is being passed between surgery and pharmacy. Since most pharmacies do not yet have secure electronic information links to GPs, the principal communication method continues to be the post. The exchange of patient-specific information raises the issue of patient confidentiality, an area already contained in the pharmacist's code of ethics (Part 2C - confidentiality) but one that needs to be re-examined when designing a new medicines management service.

Pharmacies have always had access to sensitive information, like the medicines people are taking. However, now this information isn't just residing on a patient medication records system, it is being passed on to other healthcare professionals. This is a positive migration. It means that patients' healthcare providers are talking to each other. This improved communication should minimise duplication of treatment and improve overall care.

The NHS has recognised this area for concern and is committed to assuring patients that their data will remain confidential. There are three primary areas to be concerned with when setting up a medicines management service: Data Protection, the Caldicott Guardian and the NHS' Confidentiality Model. Each area is detailed below as well as some questions that you will want to answer before delivering a medicines management service of your own.

Data Protection
Any organisation processing personal data must be registered with Data Protection. This includes all pharmacies. When delivering a medicines management service, look at the kind of data you will be gathering and make sure that your registry with Data Protection covers it. If not, make sure to update your registry.

    Q: Who within the pharmacy will be responsible for ensuring that the pharmacy is registered with Data Protection and appropriate updates are made to the register?
Caldicott Guardian
Every NHS organisation employs a Caldicott Guardian. This is a healthcare professional who is responsible for safeguarding the confidentiality of patient information.

When disclosing any patient information, the Caldicott Principles should be followed:

  • Justify the purpose
  • Don't use patient identifiable information unless it is absolutely necessary.
  • Use the minimum necessary patient identifiable information.
  • Access to patient identifiable information should be on a strict need to know basis.
  • Everyone should be aware of his or her responsibilities.

    • Understand and comply with the law.

    Q: Who is your Caldicott Guardian?
    Q: What information are you posting, faxing, emailing?
    Q: Does it include patient-identifiable information such as age and postcode?
    Q: If yes, does it need to include this information - does it serve a specific need? Could you anonymise it and satisfy your requirements? For example, include only the first half of the postcode.

The NHS Confidentiality Model
The NHS follows what it calls "The Confidentiality Model" focusing on Protecting, Informing, Providing Choice and Improving.

Protect
Patient's information should be treated with care. Pharmacies should have Standard Operating Procedures (SOPs) that ensure that all staff, locums and volunteers are at all times fully aware of their responsibilities regarding confidentiality.

Patient information should be kept in a physically secure location. Paper records should be kept under lock and key. Electronic records should be password-protected.

Inform
Patients must be made aware that information will be recorded and shared. There should be informational leaflets available to patients within the pharmacy that discuss what data is collected and how it may be used. Provide Choice
Patients must be given the choice to opt out of schemes where they do not wish to have their health information disclosed. This choice must be respected. Pharmacists need to fully explain the ramifications of this choice - it may mean that the patient cannot participate in the medicines management scheme and has to visit his/her doctor more frequently.

Information needs to be accessible in a suitable format or language. If the pharmacist is in doubt that the information has been understood, the PCT may have an individual that can assist with access issues. Contact your PCT for support.

Improve
And, finally, improvements should always be made wherever possible.

It may seem that some of these practices are extreme for certain medicines management services. Many patients will not care if someone else knows their blood pressure or overhears a conversation about their repeat prescriptions. However, some will. In addition, these steps in protection are laying the groundwork for new services. If good practice is set for coronary heart disease, then the same good practices may be applied to mental health disorders.

    Q: Whose responsibility is it to 'inform' and exactly how will that be done?
    Q: What will happen if a patient decides not to give consent?
    Q: How will improvements be tracked and incorporated?
Confidential v Anonymous
An important distinction in patient confidentiality is the difference between confidential and anonymous. Anonymised information is that which does not identify an individual directly and which cannot reasonably be used to determine identity. Therefore, it does not contain the patient's name, address, full post code or any other identifiable information.

Anonymised information is not confidential and may be used with relatively few constraints. When designing a medicines management service, remember that almost all of your progress reports and assessment information can be anonymised and, therefore, shared with a wider audience. Alternatively, specific patient scenarios could be anonymised and sent to a doctor or colleague for advice.

In conclusion, when considering patient confidentiality issues, you may want talk to, and seek the advice of, others who already provide additional services, as well as contacting pharmacy organisations such as PSNC, NPA and RPSGB. They may well have already encountered these issues and be in the position to give you practical guidance as to how to approach the matters.

You may also want to talk to both your Pharmaceutical Adviser and your local GP surgeries in order to agree how the issues are to be approached.

As community pharmacists continue to expand their roles to perform more and more professional services, their knowledge of patient confidentiality will grow. In tandem, informed patients will recognise the valuable role their community pharmacist plays as a member of their healthcare team.

Read More About Patient Confidentiality

Confidentiality: NHS Code of Practice

Protecting and Using Patient Information, A Manual for Caldicott Guardians

Data Protection Act 1998

© PSNC 2002. All Rights Reserved.   |   Site developed and managed by Webstar Health