TPP making changes to SystmOne to address data protection concerns

Digital Transformation, News

  • 31 August 2017
TPP making changes to SystmOne to address data protection concerns
Shireen Khalil
Claire Read
May 4, 2017

TPP has confirmed it is piloting new functionality in its SystmOne electronic patient record, with a view to addressing data protection concerns raised by the Information Commissioner’s Office (ICO).

The ICO first raised concerns about TPP in March, specifically in relation to the enhanced data sharing model (EDSM) in its SystmOne electronic patient record system.

SystmOne is used by nearly 3,000 GP practices in England, and the function makes it possible to share information about patients with other users.

The ICO’s worries centred on principles 1 and 7 of the Data Protection Act. These relate to fair and lawful processing of data, and to data security.

On Wednesday (30 August) it was announced that TPP has developed new functionality within SystmOne which is designed to address these issues. The changes are said to follow detailed discussions between the company, the ICO, NHS Digital and NHS England.

In a statement, TPP reported that the functionality “gives GPs greater flexibility and increased control over which organisations have visibility of the GP record”.

The statement added that the changes also enable “patients to work in partnership with their GP to decide who can view their shared record”.

The firm plans to pilot the new arrangements in the coming weeks. Sites involved in the testing have apparently already been selected, and any existing sharing arrangements in place will not be affected by the work.

In its own statement, the ICO welcomed the developments: “These changes, which will be implemented for GP practices using the system along with updated documentation, are welcome and represent significant progress in addressing the concerns raised by the ICO for GP data controllers using SystmOne”.

Both organisations said they would continue to work together during the pilot and following its completion, so as to ensure any final concerns are addressed.

The worries about the SystmOne model sparked a discussion paper published by the independent CCIO and Health CIO networks. It contended that current data protection guidance and regulations are contradictory and not conducive to effective patient care.

Complexities around data sharing are expected to increase with the introduction of the General Data Protection Regulation (GDPR), which comes into force next May.

Designed to make data protection guidance consistent across the European Union, it will introduce significantly higher penalties for breaches.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Prev News

Work needed on genomic and genetic data sharing – NDG

Next News

Healthcare IT news round-up

Related News

Privacy concerns raised over trust’s AI data-sharing deal
AI and Data August 16, 2024

Privacy concerns raised over trust’s AI data-sharing deal

A privacy campaign group has raised concerns over a data sharing agreement between the Royal National Orthopaedic Hospital and an AI startup.
Digital Health’s monthly roundup of contracts and go lives
News August 16, 2024

Digital Health’s monthly roundup of contracts and go lives

This latest roundup includes Northampton General Hospital signing a 10-year Nervecentre electronic patient record (EPR) contract.
TPP awarded Sussex Community NHS EPR contract extension
Leadership and Teams August 13, 2024

TPP awarded Sussex Community NHS EPR contract extension

Sussex Community NHS Foundation Trust has awarded a 10-year contract extension for an EPR system from TPP, worth almost £6.3 million.