STRUCTURE: CCGs in Leeds are seeking to become an “accredited safe haven” so they are more able to use patient identifiable data under NHS information governance rules.

It comes amid growing concern among commissioners about their ability to use data for purposes such as validating invoices, identifying patients at particular risk of health problems, and connecting health to social care data.

A paper to the governing body of Leeds West CCG for July says: “The Health and Social Care Act, along with the recent Caldicott Review on the use of personal information within the NHS, has clarified the position that the CCG should only use patient confidential data (PCD) by exception and that failure to do so would be unlawful.

“At present, there is no legal basis for CCGs to use PCD unless it is for direct patient care, is covered by patient consent, is in the ‘public interest’ or is permissible under a Data Protection Act exemption (known as a Section 251). There is currently an S251 exemption that allows the CSUs to process certain NHS datasets containing PCD, but only until October 2013.

“The latest national guidance states that commissioning organisations will be able to become an Accredited Safe Haven (ASH), though the accreditation process is set to become quite stringent.

“This means that an ASH will be able to use NHS numbers but will not be able to use these to identify other patient details. The use of the NHS Number may facilitate a solution for the current lack of ability for the CCG to undertake financial invoice validation.

“Leeds West CCG wants to become an ASH and to enable this, a cross-CCG task and finish project is to be established in July to coordinate the work required to get the CGG to ‘level 2’ in an assessment framework called the IG Toolkit. This will be more efficient approached at a city-wide level.

“This will include documenting the data flows that previously used PCD, the impact of not being able to use PCD and considering possible re-worked processes.”