Risk Stratification and Equity Policy

Rationale

It is a policy of this Practice to provide good care forall patients, subject to the constraints under which the Practice operates. The care is provided equitably and fairly to patients based on need.

The Practice believes that preventative treatment can be an effective form of patient care and considers evidence-based, predictive tools to be a means of identifying "at risk" patients who may benefit from proactive intervention.We believe it would be negligent to exclude patients from consideration, or not to act on the information learned.

The Practice encourages patients to be involved in their health and care, and respects the rights of the individual. This may include declining the treatment or intervention. The Practice respects the rights of the individual to request a course of treatment, but may decline based on clinical reasons or other constraints.

The Practice recognises that good patient care is also dependent on the skills and resources of others.

Policy

Rights of the patient

The Practice will:

  • Operate lawfully and manage resources effectively for the benefit of all patients.
  • Respect the rights of the individual to request or decline treatment.
  • Respect the rights of patientsto confidentiality, including but not limited to those identified in:
  • Data Protection Act 1998
  • Human Rights Act 1998
  • Common Law Duty of Confidence
  • Inform and discuss with patients how their data is being used. This shall include a variety of media (e.g. Practice booklet, website, leaflets, posters, letters, prescription information) and cover areas like risk stratification.
  • Ensure the Practice 'complaints' or other procedure is adequate for discussing, recording and respecting patient concerns and objections about risk stratification.
  • If patient consent for risk stratification is sought but not given, the patient's right to treatment will not be adversely affected. i.e. all patients will be treated equitably regardless of their dissent from risk stratification.
  • If a patient dissents (or withdraws dissent) from secondary use of GP patient identifiable data, the following Read codes shall be added to that patient's clinical record:

9Nu0.Dissent from secondary use of general practitioner patient identifiable data

9Nu1.Dissent withdrawn for secondary use of general practitioner patient identifiable data

The latest Read code on the patient's record shall apply and be considered the patient's wish. No code implies there is no dissent.

A patient's wish cannot be applied retrospectively, however the Practice will make reasonable efforts to delete previous data and results for that patient.

Employees

The Practice will:

  • Enforce Practice policies on information governance and patient confidentiality, for example:
  • Ensure contracts of employment include a patient confidentiality clause
  • Ensure all employees and partnersreceive adequate training on information governance and the need for patient confidentiality.
  • Take appropriate disciplinary action for breaches in information governance.
  • Have Practice policies on confidentiality and information governance.
  • Employ an Information Governor and or Caldicott Guardian to help guide and direct the Practice on information governance.
  • Ensure users needing to use risk stratification tools are given access and adequate training.
  • Revoke access to users when use of the tools and data is no longer required.
  • Be aware of and react to national guidance on information governance and other factors that may affect risk stratification as implemented within this Practice.

Use of Risk Stratification

The Practice will:

  • Use risk prediction and stratification tools for identifying "at risk patients".
  • Use Evidence-based risk predictors including age, gender, race, disease, pregnancy, past history, treatment etc.
  • Use a variety of risk prediction tools, (for example CHADS2, Frammingham, CPM) to identify patients "at risk" ofstroke, cardio- vascular disease, emergency hospital admission, influenzaand other conditions.
  • Ensure risk stratification is performed pseudonymously. This is to ensure the rights of the individual are not infringed and consequently it is unnecessary for patients to opt in,opt out, or otherwise give their consent. In addition, a legal basis is not required when processing pseudonymised data.
  • Periodically review the benefits and processes of risk stratification to ensure the objectives are being met (e.g. improve patient health) and that the processes are robust. As a minimum this will be reviewed annually as part of the IG toolkit.
  • Periodically refresh the risk stratification as clinically justified.

Processing outside the Practice

The Practice will:

  • Perform a risk assessment to ensure adequate safeguards are in place to minimise and protect patient data and confidentiality.
  • Agree the minimum practical dataset required for the specified purposes of risk stratification and ensure the data is not used for other purposes.
  • Ensure there is a contract between the Practice (as data controller) and the third party. This contract may be in the form of a data sharing agreement. The Practice as data controller will normally dictate the conditions of the data sharing agreement.
  • Provide a single weak identifier (e.g. NHS number, date of birth or postcode)if
  • An identifier is essential and pseudonymisation at source is not practical
  • The third party confirms it is compliant with the NHS England guidance on risk stratification.
  • Ensure other patient identifiable information is suitably pseudonymised.
  • Ensure pseudonymisation complies with NHS security standards and be commensurate with the perceived risk.
  • Ensure that the transfer of any data to a third party is done securely and in compliance with NHS security guidelines. This shall include the separate transfer of patient identifiers and pseudonymised clinical information.
  • Be in overall control of the data extraction and upload process. Where this is performed automatically, the Practice shall be able to prevent uploads and interrogate what data has been uploaded.
  • Ensure sub-contractors or agents to the third party comply with the IG requirements.

Intervention

The Practice will:

  • Over time and where appropriate, aim to provide suitable interventions for all patients, depending on their risk.
  • Clinically review patients for an intervention, based on their predicted risk. We recognise that the score is only a prediction and is limited by the factors used within the model. Clinical experience may include or exclude other patients for an intervention irrespective of the risk profiling.
  • After any preliminary manual review, identify patients within a given risk strata for an intervention. This shall only be done by clinicians with a legitimate relationship to the patient. A detailed review of the patient may then be performed using the Practice clinical system to verify whether the patient may benefit from the proposed benefit.
  • Seek patient consent prior to providing the intervention or referral.
  • Record patient consent or dissent for a particular intervention on the clinical system. This is for medico-legal reasons.
  • Record any interventions or their referrals on the clinical system.
  • Where appropriate, record the cessation of an intervention (e.g. patient is no longer on a virtual ward.

Author: Trevor JohnsonPage 1 of 3Draft 1

July 2013