Challenge

NHS England wanted to update the GP2GP service that allows healthcare teams to transfer patient records securely and quickly.

Approach

We updated GP2GP to flag sensitive data restrictions while balancing care accessibility and protecting vulnerable patients.

Result

The solution integrates seamlessly with NHS systems, reducing admin, enhancing patient care and ensuring confidentiality.

Challenge: transfer patient records securely

23.5 million patients are now able to access and view their health records online. The NHS has taken big steps forward in improving transparency and empowering patients. However, this shift has also introduced challenges for GP practices in managing the sensitive and confidential information held within the patient records.

Some patient information needs to stay private for safeguarding, legal, or clinical reasons. This includes sensitive details about mental health, domestic abuse, or other personal circumstances.

With the expanded access to patient records, questions arose about how to ensure such sensitive information is properly hidden from view or redacted.

Redaction doesn’t remove this information from the patient’s record. It simply restricts access to it or ‘hides’ it in the online viewer. This means that sensitive details remain private and aren’t unintentionally shared.

GP2GP allows healthcare workers to transfer patients’ electronic health records securely and quickly. This ensures seamless transitions between old and new practices when patients change GPs. However, the system lacked functionality to flag parts of the record restricted by the patients’ previous practice. There was a risk that sensitive information could inadvertently be shared when patient records were transferred to a new practice. This could potentially breach confidentiality and undermine trust in the system.

Nurse discussing test results with patient
Nurse Discussing Test Results With Patient In Office Looking At Documents

Our approach: collaborating with healthcare experts

To tackle this, we worked with NHS England and key partners to update the GP2GP service. Our solution allowed GP2GP to include the restrictions put in place by previous GPs, to make sure that any sensitive details stay protected. This flag now sticks with the record during transfers, so the new practice knows what was previously limited from patient access. 

At the outset, we formed working groups that included clinicians, safeguarding leads and technical experts to address everyone’s needs. Clinicians helped keep vital care information accessible. At the same time, safeguarding leads made sure sensitive details remained hidden from vulnerable patients who shouldn’t have access to them.

Because this was a high-priority project, we quickly gathered input from the right stakeholders to design the solution and, within just 2 weeks, we went from identifying the problem to recommending a solution that worked for everyone involved.

We also collaborated closely with primary care system suppliers to integrate the solution seamlessly into their existing systems. By updating messaging standards and working with all the right people, we made sure everything would be compatible across the NHS.

Throughout the project, we managed the testing and provided support to make sure everything met the security and functionality requirements. We acted as central point of coordination, working hand-in-hand with the suppliers to keep things moving smoothly.

Results: managing restricted information efficiently

Built to work seamlessly with NHS systems, the solution now makes it easy for GP practices to manage restricted information without slowing down patient care or adding extra steps.

Less admin, more patient care

With streamlined record handling, GP practices can focus more on delivering patient care and spend less time working on administrative tasks.

Better patient safety

By ensuring sensitive details like safeguarding or mental health records are redacted, we’re helping protect patient confidentiality and prevent inappropriate sharing of information.

Stronger data protection compliance

GP practices now have a consistent and reliable way to manage sensitive incoming records, meeting data protection regulations and reducing risks.

Advancing NHS digitalisation goals

Our solution supports the NHS’s drive toward digital transformation, enabling faster and secure record transfers while safeguarding privacy.

Why Made Tech

With our NHS partnerships, data security expertise, and know-how in managing sensitive patient data, Made Tech was the right team for the job. By working closely with NHS stakeholders, we’ve delivered a secure and reliable solution that puts patient privacy and safety first.

Speak with an expert

Tags