Patient Online Services

Online Services

You can now book, view and cancel appointments and order repeat prescriptions online.

Before you can use this service you will need to come to reception to obtain your login details. You will need to bring a form of photographic identification with you.

Click here for Patient access

Protocol for Patient Requesting Access to Online Services

Click here to download this information including the form to sign up for access to online services (DOC, 135KB)

Introduction

In order to support the 2014/15 and 2015/16 GP Contract, this procedure relates to patients requesting access to elements of their record via online services (Patient Access). As stipulated in the 2014/15 GP Contract, contractual obligations for Patient Online Access were to allow patient the ability to:

• Book/cancel appointments
• Order Repeat prescription
• View Summary Information (allergies, adverse reactions and medications)

The 2015/16 GP contract has been enhanced and now stipulates that practices are also to allow patients:

• Detailed Coded Records Access (DCRA)

Patients accessing their records online will have access to limited information. As a result of this, the patient continues to have the right to submit a Subject Access Request under the Data Protection Act 1998. However, as this differs from access via online services the patient must submit this request in writing to the practice. The practice still have the right to charge a fee for providing the information in a printed form, though should Patients accessing their Coded Data online are able to copy and paste or print the information from the screen thus there is no fee for this.

Registration for online services

This practice accepts applications from patients as well as their proxy. Proxy access refers to access to online services by somebody acting on behalf of the patient with the patient’s consent.

The appropriate application form must be completed prior to any online access being enabled.

Appendix A –Application for online access to my medical record should be used for patient’s wanting to access their own detailed coded information held within their medical record.

• The application form includes: Password confidentiality is the responsibility of the patient.
• Advice on unexpected bad news and/or abnormal results.
• Guidance on incorrect information / errors noting that the patient has responsibility to inform the practice with details of where incorrect information or an error has been found.

The practice reserves the right to review and remove access at any point in the future if it is thought that it is in the best interests of the patient or if the services are being misused.

ID Verification

ID verification is required to ensure access is granted to patients/proxy users that have a legitimate reason to access a record. This will prevent access being granted to the wrong person and support the practice to adhere to information security guidelines. There are a number of options for identification verification including:

Documentation (for patients unknown to practice staff)

As is current practice, should there be a request for Online Access, two forms of documentation must be provided as evidence of identity, one of which must contain a photograph. Acceptable documents include passports, photo driving licences and bank statements. If none of the above are available household bills may be accepted at the discretion of the Practice Manager, IT & Data Quality Lead and named administration staff.

Self-Vouching

Vouching for a patient’s identity requires an authorised member of the practice staff who knows the patient well enough to verify that they are who they say they are, and that no deception is taking place. Self-vouching will not be considered as usual practice and will be at the discretion of the Practice Manager & GP Partners.

Documentary evidence that confirms identification checks have taken place will include:

• the nature of those checks
• who did them and when
• Completed registration form. (To avoid non-clinical information being stored in patient records, copies of bank statements, passports and other personal documentation will not be scanned into those records.)

At the point of request for Patient Online Access patients are to be provided with the Patient Access Registration Form (Appendix A) and a Patient Information Leaflet, (Appendix B).

Timescales

Reception/Admin staff will be able to grant access to patients who present with the correct identification, for appointments and medication on request.

If patients request access to their detailed coded information they will be notified that it may take the practice up to 28 days to review their application and grant access if appropriate. This is a guide only and in some circumstances may take longer.

Considerations/Approval of Access

The practice will not approve on-line access to detailed coded information if it is deemed that it may cause physical and/or mental harm the patient.

Patient records will be checked by trained members of staff within the practice the names of which will be communicated internally.

Named staff will be responsible for checking if patients are on certain registers for example, learning difficulties register, child protection register, mental health or have been identified as a possible victim/perpetrator of domestic abuse. Named staff will consult with the patients usual GP if required before access is granted /denied.

Named staff will consider the following:

Mental Health Problems

• Patients within the Practice with a mental illness have as much right as any patient to have access to their records, however
• If there is a likelihood that access to their record may cause an individual physical or mental harm then it may be necessary to redact some of the information within their record, or
• In extreme circumstances, refuse access to the whole record, in this circumstance the named GP responsible for the care of the patient will have a conversation with the patient to explain the reasons for refusal of access.

Access for children, parents and guardians

• Child access will automatically be disabled when a child reaches the age of 11
• A competency assessment will be carried out. Regardless of outcome a parent/guardian/carer will re-apply using the Proxy Access Registration Process, where a competent child must authorise the request for Proxy Access. This will be at the discretion of a clinician.
• A child deemed competent may have access to their online record or authorise a parent/carer to have Proxy Access
• Where a child is deemed not to be competent, a parent will apply for access but will be registered as a Proxy User. (This will be reviewed by the practice annually, or when the child attends a further appointment – whichever is the sooner)

Proxy Access

A competent patient can choose and consent to allow access to relatives and/or carers. The form included in Appendix 3 must be completed.

The patient will authorise a Proxy Application in the following circumstances:

A patient who has been deemed as competent has authorised and consented to online access.

• Circumstances when the practice will consider authorising proxy access WITHOUT the patient’s consent will be when a child 11-16 has been assessed and is deemed as not being competent to make a decision on granting proxy access. Should there be such circumstances the practice will: Ensure the patient has provided consent to the Proxy application
• Ensure the level of access granted to the Proxy is appropriate and does not exceed what has been agreed by the patient
• Contact families/carers of children approaching their 11^th birthday to remind them that online access could potentially cease, and invite them to come to the surgery for a discussion regarding options available

Coercion

‘Coercion’ is the act of governing the actions of another by force or by threat, in order to overwhelm and compel that individual to act against their will.

The practice will include the implications of Coercion during the patient application process for online services by way of issuing them with a patient leaflet detailing the implications.

The practice will consider the risk of Coercion on a case by case basis as requests for access are received, and if necessary will decline access.

The patient’s named GP will discuss with the applicant the reasons for refusal of access.

If coercion is identified as a risk with regard to a patient previously registered for online services, then access will be immediately removed.

Levels of Access for Patients

There are different levels of Access available to patients. All requests for Online Access will be dealt with on a patient by patient basis and the suggested access will be granted within the agreed timescales. All patients must be deemed competent to be granted access to Detailed Coded Data, however, some elements may be marked as sensitive/confidential and will not be shared via Online services. Access levels can be as follows:

• Appointments, Repeat Prescriptions and Summary Information
• Appointments, Repeat Prescriptions and Detailed Coded Record Access

Patient Access does not override a patient’s right to submit a Subject Access Request which will be processed following our practice protocol in line with the Data Protection Act 1998.

The practice will not automatically grant access to Detailed coded Data to those patients currently with access to appointments, repeat prescription and Summary Information. Patients wanting access to their Detailed Coded Information MUST complete and submit an additional Access Request form. This will be considered within the practice and granted if deemed appropriate within 14 days. This is a guide only and in some circumstances may take longer.

At any point the practice can revoke Online Access to patients if the functionality is abused. This will be dealt with internally following practice protocols as stated as above.

Appointments

This practice will allow a patient to book GP appointments in advance on line.

There is a process in place for any patient abusing the online appointment booking services, as follows:

• Practice will issue an initial warning letter
  • If the action continues the Practice will suspend access for two calendar months
  • The practice will then reinstate the functionality to the patient
• If the abuse continues the Practice will inform the patient that their ability to book/cancel online appointments will be removed on a permanent basis.

Repeat Prescriptions

Patients with repeat medications that have been reviewed by the GP can order these via on line services. Repeat medication requests can be made up to 7 days in advance of the prescription becoming due. Patients should be made aware that they must leave 48 WORKING hours before coming to collect their prescription from us or their nominated pharmacy.

Hiding sensitive consultations

All domestic abuse consultation will be highlighted as confidential and will therefore be removed from online viewing. This must be made clear to patients that anything they say in relation to this during a consultation will not be viewable online.

Any consultations of a sensitive nature may be highlighted as confidential. Access to online records will be on a patient by patient basis. It is the responsibility of the Clinician entering into the clinical records to ensure that it is coded as confidential.

3^rd Party Information

This practice will not share any information held within a clinical record that is deemed as 3^rd Party Information without explicit consent from the 3^rd Party. Any of our patients wanting access to these details must make the practice aware by submitting a Subject Access Request.

Contents of a medical record

During the patient online registration process patients will be issued with a Patient online leaflet on which they are notified that their medical record may contain information that is historical and therefore forgotten, not relevant to themselves (including scanned letters), bad news or may show abnormal test results. If patients do identify any such information it is there responsibility to notify the practice immediately so we can take the appropriate action.