• Trusts have until end of the week to submit data to PHIN on private work
  • NHS providers have concerns about information governance issues
  • Trusts could potnentially be prosecuted under the Enterprise Act

The Competition and Markets Authority has warned NHS trusts that they could be prosecuted if they do not comply with requests for information on their privately funded work by the end of this week.

A letter from the CMA warned providers they could face action under the Enterprise Act 2002 if they do not send data to the Private Healthcare Information Network.

Organisations have until the end of the week to send basic information to PHIN and must start submitting performance data by the end of October.

Eventually PHIN will include information such as infection rates, rates of adverse incidents, and indicators showing the relative health improvement brought about by certain treatments

Data broken down by consultant and information on fees charged will be due in 2018 and 2019 respectively.

The CMA ordered all providers of private healthcare to begin publishing quality data, following an inquiry into the private healthcare market, which began in 2012 under its predecessor bodies the Competition Commission and the Office of Fair Trading. The inquiry finally closed in April this year.

The letter sent by the CMA to trusts at the end of April was headed: “Action you must take now to comply with the Private Healthcare Market Investigation Order 2014”.

The authority threatened to publish the names of bodies that do not comply and to notify the Care Quality Commission and NHS Improvement.

NHS trusts have told HSJ they have concerns about whether information will put them in breach of information governance regulations.

Head of policy and strategy at NHS Providers Saffron Cordery said: “Trusts understand that under the law they are obliged to sign up to the PHIN order.

“However they have legitimate concerns about how any data they submit under the order will be used, and in particular they want assurance that patient information data will be used in such a way that it remains confidential and does not identify patients.”

PHIN is registered with the Information Commissioner’s Office and has completed the NHS information Governance Toolkit process.

A spokesman for PHIN said: “There is no conflict between the requirements of the CMA’s order and the Data Protection Act or other data protection legislation. Where private hospital operators, including NHS trusts and FTs, have ongoing concerns we would suggest that they speak with us to clarify.

“PHIN has a data-sharing framework contract with NHS Digital and has been successfully audited for compliance with the requirements of that contract, including in relation to information security and confidentiality.

“PHIN further has several Data Sharing Agreements in place with NHS Digital including NIC-28602-D7G4J, under which the Independent Group Advising on the Release of Data considered and approved the release of specified data for linkage to data to be supplied by private hospital operators per the [CMA] order, where that data would include NHS numbers and postcodes.”