Facilitator Handbook 2005 - PRIMIS
Facilitator Handbook 2005 - PRIMIS
Facilitator Handbook 2005 - PRIMIS
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Your Local <strong>PRIMIS</strong> Scheme<br />
<strong>PRIMIS</strong> <strong>Facilitator</strong> <strong>Handbook</strong><br />
local scheme (PCO, MAAG, research network, etc.), the practice would have several data<br />
collection agreements.<br />
Scheme managers are advised to review and, where necessary, update agreement terms on a<br />
regular basis.<br />
Confidentiality of practices<br />
Practices must be anonymised in feedback or other reports that present analyses of data in a<br />
comparative fashion. This implies that each practice must have a code number or name<br />
assigned to it, and that the key to the code is itself kept securely. Different data quality<br />
improvement schemes may require different anonymised codes. If all practices in a scheme<br />
agree, then practice identities may be disclosed. However, preservation of anonymity should<br />
be the starting point.<br />
Even when using an anonymised code to identify practices, schemes must still take extra care<br />
when presenting analyses showing a small number of practices that share certain<br />
characteristics. For example, if a scheme produced a graph highlighting results for a subset of<br />
practices in a small geographical area that contained only two or three practices, it might be<br />
possible to infer the identity of those practices.<br />
Security of IT systems<br />
The possibility of unauthorised access to data held in the scheme’s computer systems must be<br />
considered. Although any data extract may, in itself, conform to the requirements of patient<br />
confidentiality, linking or otherwise cross-referencing it to other data sets may make it possible<br />
to identify patients.<br />
Anti-virus software<br />
If the scheme is receiving any data directly from practices using MIQUEST, then – as with the<br />
receipt of any external disks – arrangements will need to be made to ensure thorough and<br />
comprehensive use of anti-virus software. The scheme will require virus-scanning software that<br />
is regularly updated. It will also need internal security policies and procedures to be reviewed<br />
and revised appropriately. This issue also needs to be discussed with practices.<br />
Practices will need to review their own internal security arrangements and ensure that good<br />
quality and updated anti-virus software is in place to scan disks received from their local<br />
facilitator. Internal procedures may have to be reviewed and revised to ensure that these<br />
issues are dealt with comprehensively. See the latest version of the <strong>PRIMIS</strong> Guidelines for<br />
further details.<br />
Personal integrity<br />
During the course of their work, the staff of data quality improvement schemes will encounter<br />
confidential information, perhaps in the form of documents or letters in practice offices.<br />
Absolute personal integrity is essential. The subject is complex and reference should be made<br />
to the section on confidentiality in the <strong>PRIMIS</strong> Guidelines.<br />
Data Protection Act 1998<br />
Practices involved in the scheme must be appropriately registered for the Data Protection Act<br />
and ensure that registration is kept in order. See<br />
www.hmso.gov.uk/acts/acts1998/19980029.htm#aofs for more information.<br />
<strong>PRIMIS</strong> 11