Do you have a DPIA?
As the data controller, when using accuRx, it is your responsibility to complete a DPIA. As a data processor, we cannot complete it for you. However, to be as helpful as we can, we have filled in the key parts of a template DPIA for accuRx Fleming.
Who has access to the patient data?
Healthcare practitioners are either authenticated by being required to logon via NHSmail Single Sign-on (SSO) and having their associated organisation (in SSO) matched to an allow list of all community and acute trusts, or Vision and Microtest practices; or they have an allow list of trust email address.
What data do they have access to?
Users can only access patient data via the AccuRx integration with the Personal Demographic Service (PDS) if they have both the patient’s NHS number and date-of-birth. To ensure accuracy and data minimisation, the only data returned is that patient’s name, gender and the last three digits of the patient’s mobile. This means that the user has the minimum information to verify that this is the correct patient.
The PDS search (NHS number and DoB) must return an exact match, so a user could not put in random NHS numbers, or search for a patient by name. The only personal data returned from PDS is the name, gender, and last three digits of the mobile number. Name is used to personalise the message and to confirm that the correct patient is chosen. An individual in possession of the NHS number and DoB would also be in possession of the name and gender. Name, DoB and NHS number make up the standard set of demographics. The mobile number is obfuscated except for the last three digits, so that the number can be verified with the patient or another system.
What measures are in place to protect patients and their data?
- Users have to agree to an acceptable use policy that includes confirming that the service not be used to communicate SMS messages that are sensitive or clinically urgent messages.
- AccuRx scans SMSs for abusive content and flags to its Clinical Lead if any are detected.
- Full audit trails are kept of all searches and uses of the PDS integration.
- Patients flagged as a safeguarding risk on PDS will not be returned in the search.
- Any video consultations are not recorded or stored.
How secure are the video consultations?
The video consultation service is hosted by Whereby, who are fully compliant with GDPR.
A unique URL to the video consultation is generated and all participants are visible in the consultation, no third party can 'listen in'. The video and audio communication is only visible to participants on the call and is not recorded or stored on any server. The connection prioritises ‘peer-to-peer’ between the clinician’s and patient’s phone and follows NHS best practice guidelines on health and social care cloud security. For a more detailed explanation of how the security around the video consultations works, see here.
Are they recorded?
No. The video and audio communication is only visible to participants on the call and is not recorded or stored in any form.
How is my personal mobile number used?
Your phone number is used to send you an SMS containing the link for the video consultation. Your phone number is not shared with the patient, or linked to your accuRx account.
Can I use my personal phone for the consultation?
Yes, as no patient data is stored on the clinician's phone.
If the clinician has a webcam and headset, the video consultation can be conducted on the clinician's desktop PC.
Is it NHS approved?
Yes. We are an NHS Digital approved supplier and also specifically an NHS Digital approved video consultation supplier. We have Data Security and Protection Toolkit assurance (ODS code: 8JT17), and have the Cyber Essentials Plus certification.
In response to this guidance, we have built a number of tools to support practices responding to the COVID-19 outbreak. Further information can be found here.