Challenge
23.5 million patients are now able to access and view their health records online. The NHS has taken big steps forward in improving transparency and empowering patients. However, this shift has also introduced challenges for GP practices in managing sensitive and confidential information.
Some patient information needs to stay private for safeguarding, legal, or clinical reasons. This includes sensitive details about mental health, domestic abuse, or other personal circumstances.
With the expanded access to health records, questions arose about how to ensure such sensitive information is properly hidden from view or redacted.
Redaction doesn’t remove this information from the patient’s record – it simply restricts access to it or ‘hides’ it in the online viewer. This means that sensitive details remain private and aren’t unintentionally shared.
GP2GP allows healthcare workers to transfer patients’ electronic health records securely and quickly. This ensures seamless transitions between old and new practices when patients change GPs. However, the system lacked functionality to flag parts of the record restricted by the patients’ previous practice, creating a risk of sensitive information being inadvertently shared when patient records were transferred to a new practice. This could potentially breach confidentiality and undermine trust in the system.
Our approach
To tackle this, we worked with NHS England and key partners to update the GP2GP service. Our solution allowed GP2GP to include the restrictions put in place by previous GPs, to make sure that any sensitive details stay protected. This flag now sticks with the record during transfers, so the new practice knows what was previously limited from patient access.
At the outset, we set up working groups that included clinicians, safeguarding leads, and technical experts to make sure that our solution would address everyone’s needs. Clinicians helped ensure that vital care information stayed accessible, while safeguarding leads made sure that sensitive details wouldn’t be seen by vulnerable patients who shouldn’t have access to them.
Because this was a high-priority project, we knew we had to move quickly. We gathered input from the right stakeholders to design the solution and, within just 2 weeks, we went from identifying the problem to recommending a solution that worked for everyone involved.
We also collaborated closely with primary care system suppliers to ensure the solution would integrate seamlessly with their existing systems. By updating messaging standards and working with all the right people, we made sure everything would be compatible across the NHS.
Throughout the project, we were in place to oversee the testing and offer our support, making sure that everything met the security and functionality requirements. We took on the role of the central point of coordination, working hand-in-hand with the suppliers to keep things moving smoothly.
Results we achieved together
Built to work seamlessly with NHS systems, the solution now makes it easy for GP practices to manage restricted information without slowing down patient care or adding extra steps.
Less admin, more patient care
With streamlined record handling, GP practices can focus more on delivering patient care and spend less time working on administrative tasks.
Better patient safety
By ensuring sensitive details like safeguarding or mental health records are redacted, we’re helping protect patient confidentiality and prevent inappropriate sharing of information.
Stronger data protection compliance
GP practices now have a consistent and reliable way to manage sensitive incoming records, meeting data protection regulations and reducing risks.
Advancing NHS digitalisation goals
Our solution supports the NHS’s drive toward digital transformation, enabling faster and secure record transfers while safeguarding privacy.
Why Made Tech
With our NHS partnerships, data security expertise, and know-how in managing sensitive patient data, Made Tech was the right team for the job. By working closely with NHS stakeholders, we’ve delivered a secure and reliable solution that puts patient privacy and safety first.
Digital transformation is more than tools and buzzwords. Rethink how you deliver digital services to make them more accessible, efficient and better for users.
As patient numbers rise, digital technology can help you lighten the load.
