Murat Soncul - Governance and Ethics when using Clinical Information for Research

Governance and ethics when using clinical information for research

Dr Murat Soncul, Head of Information Governance

Consent, Ethics and Data Security Workshop12 June 2014

Bioinformatics and Biostatistics at the NIHR Biomedical Research Centre for Mental Health

www.slam.nhs.uk

- Why do we need clinical information in medical research?

- How to use of clinical information in medical research

- Consent and what if consent is not practicable?

- Health Service (Control of Patient Information) Regulations (section 251 support)

- Summary

Objectives

www.slam.nhs.uk

- To identify prevalence of disorders

- To identify causes of diseases

- To measure outcomes of treatment

- To assess long-term and/or unexpected effects of treatment

- To identify contributing factors in healthcare and outcomes

- To monitor diseases

- Variations by time and place

IntroductionWhy do we need clinical information in research?

www.slam.nhs.uk

ConsentHow to use clinical information in research?

Direct from participants

From health records

Informed consent to participate

Informed consent to access records

Access anonymised data

www.slam.nhs.uk

Research must sometimes use data without informed consent while retaining identifiers

ConsentWhat if consent is not practicable?

Large scale study

Full coverage of cohort is essential

Exclusion of those who do not consent would introduce bias

Identifiers are required to link different datasets

Identifiers contain useful information

Contact for consent is likely to cause distress

www.slam.nhs.uk

The NHS Act 2006 and the Regulations enable the common law duty of confidentiality to be temporarily lifted so that confidential patient information can be transferred to an applicant without the discloser being in breach of the common law duty of confidentiality.

In practice, this means that the person responsible for the information (the data controller) can, if they wish, disclose the information to the applicant without being in breach of the common law duty of confidentiality. They must still comply with all other relevant legal obligations e.g. the Data Protection Act 1998.

Approval also provides reassurance that that the person(s) receiving the information has undergone an independent review of their purposes and governance arrangements.

Section 251 of the NHS Act (2006)Health Service (Control of Patient Information) Regulations

www.slam.nhs.uk

Research (and other activities such as health service audits, evaluations) with a medical purpose that is in the publicinterest,

Should clearly demonstrate that consent is not practicable,

Access to identifiers must be temporary,

Must be compliant with the Data Protection Act .

In other words…

www.slam.nhs.uk

Data protection principles

www.slam.nhs.uk

Fair processing:‘No surprises’ – The need to inform patient what you are doing with their data

- Patient public engagement- Clear and easy to understand information materials - Demonstrate an exit strategy

In line with data subjects rights:- Access to personal data- Enable dissent / opt-out

Secure processing:- Demonstrate compliance with NHS security and governance standards

Data protection principles

www.slam.nhs.uk

The key purpose of the CAG To promote and protect the interests of the patient whilst at the same time facilitating appropriate use of confidential patient information for purposes beyond direct patient care.

CAG provides independent expert advice on whether applications to access patient information without consent should or should not be approved.

Confidentiality Advisory Group (CAG)

www.slam.nhs.uk

Summary

• Access identifiable clinical information with informed consent

• Anonymised clinical information can be accessed without consent

• When consent is not practicable and identifiable patient information is required for research, audit and service evaluation with medical purpose that is in the public interest, seek support to temporarily set aside the common law of duty of confidentiality and access identifiers, provided that:

There is an exit strategy Access is deemed reasonable in public/patient opinion Patients are sufficiently informed and have opportunity to opt-out Conditions of the Data Protection Act are met for secure access, storage and destruction

Connect with us

www.slam.nhs.uk

[email protected]

@maudsleyNHS_IG