You can request photos from patients in our EMIS & SystmOne integrated product, Accurx Desktop - see here for more details on how to do this!

As the data controller, when using Accurx, it is your responsibility to complete a DPIA. As a data processor, we cannot complete it for you.

However, to be as helpful as we can, we have filled in the key parts of a template DPIA for requesting patient photos using Accurx.

Use your clinical judgment to decide whether a photo should be added to the medical record.

For example, if you think a photo will help document your clinical decision or help track the progression of a wound, then you could decide to save it. Whereas if a photo is sensitive and you would prefer that colleagues don’t see it, you may decide not to save it to the record.

Yes - as with the processing of other patient data, the lawful basis for processing and saving photos submitted by the patient is the provision of health care or social care services: 9(2)(h) ‘…medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems…’

Accurx data (including photos) is hosted on Microsoft Azure servers in their London Data Centre. All data sent is encrypted when in transit (when it is sent) and at rest (when it is stored). Accurx follows the Microsoft Azure NHS Blueprint for Platform-as-a-Service web applications, specifically designed for NHS services. Please see here for more information on Cloud Security and for further information on Azure Storage encryption, click here.

Patient images - along with other patient data - are kept in line with the Records Management Code of Practice for Health and Social Care 2016. These require us to hold records on behalf of GP practices until 10 years after a patient has died. However, we would delete the data earlier than suggested by this code if either:

Or:

This is not routinely possible for Accurx members of staff. As with other record systems, we are required to be able to access patient data in exceptional circumstances to fulfil our legal obligations as a data processor, such as deleting the photo, or assisting the data controller in providing subject access and allowing data subjects to exercise all their other rights under the GDPR.

If such access is required, only designated Accurx staff can access the data we store on the London Microsoft Azure Data Centre servers. Extensive controls are in place, a full audit trail is kept, and no staff member would view any photos as part of this process.

Yes, you can delete a photo once it has been received - see here how to do delete a photo and for further explanation of photo deletion. 👍

We follow NHS Digital IG requirements, which require us to keep a photo for audit trail purposes, even if you have deleted the file in our platform. We can only physically (i.e. permanently and completely) delete a photo from the audit trail that we hold in response to 1) receiving a valid physical deletion request, or 2) relevant court orders or other legislative circumstances.

We are an NHS Digital-approved supplier.

Accurx has successfully completed NHS Data Security and Protection Toolkit assurance (under NHS ODS code 8JT17), and both the Cyber Essentials and the Cyber Essentials Plus* certification.

We are fully compliant with DCB0129, which is for manufacturers of health IT software such as Accurx, and we have been assured by NHS Digital against this standard.

N.B. DCB0129 applies to Accurx products but DCB0160 does not.**

We comply with GDPR and all NHS rules and regulations on IG. You can find more information here on our IG for Staff page and the IG Resource Centre.

If you still have any questions or concerns, feel free to chat with us using the green message bubble in the bottom right-hand corner of this page. 👉