Devon Electronic Patient Record (EPR) Privacy Notice

The Devon EPR is a secure digital system that stores your health information. It helps healthcare staff across Devon provide better care by sharing important details about your health, treatments, and appointments. Only staff who need your information to care for you are allowed to access your record.

Your health record is stored in one secure system for all three NHS Trusts in Devon. Doctors, nurses, and support staff who need your information to care for you can see your record. Sometimes, partner organisations (like other NHS Trusts, GP surgeries, or care providers) may also need access to your record to help with your care. There are different ways these organisations can access your record for direct care purposes. All sharing is covered by strict agreements to make sure your data is handled safely and only by people who need it. Each Trust has a registered Caldicott Guardian (a senior staff responsible for protecting patient information) who must approve all data sharing agreements.

The main reason your health information is shared is to help provide you with care. Even when sharing is required, the Trusts still must follow data protection laws and keep your information confidential. Because health information is sensitive, there are extra rules to protect it. The Trusts can share your data when it’s needed to provide or manage healthcare services, as allowed by law. The law says NHS organisations must share data when it helps with your treatment and is in your best interests, unless you object or the service is anonymous.

You can raise concerns about how your data is accessed, shared or managed, either to your care team, or with our Information Governance Teams (details on each Trust’s privacy notice). 

Only staff who need your information to do their job are allowed to access and view your health record. All Staff must follow these rules, which are part of both their contract and workplace policies. If someone looks at your record without a valid reason, it’s considered unlawful. The Trusts monitor access to health records and if someone is found to have accessed or used information unlawfully, action will be taken according to policy.

You have the right to say if you don’t want your records shared between the three NHS Trusts for patient care, and we will respect this where possible. If you object, a clinical professional or Caldicott Guardian will talk with you about any risks of limiting sharing. You’ll be asked to acknowledge these risks, and your objection will be recorded. Some Cross-Trust staff may still need access for technical or legal reasons, but only a small group.

Please note this objection is separate from the National Data Opt Out (NDOO), which does not apply to sharing for direct patient care.

If we use any innovative technologies, including AI, we will always use these technologies in line with national guidance and best practice.

An EPR is a collection of patient health information in a digital format, that can be shared across different health care settings. It will include a range of information, including medical history and treatment, medication and allergies, immunisation status, laboratory test results, radiology images, vital signs and personal statistics like age and weight. It will also be the place where we book appointments, request tests and prescribe medicines and write clinical notes. 

The Devon EPR allows for the three Trusts to work in partnership to provide a single acute care record.

With secure, immediate access to live patient records across Devon, the EPR will give clinical staff more time to deliver higher quality and safer care. For you, this will mean you don’t have to remember your medical history or repeat the same information making your care journey more joined-up.   

To ensure a safe clinical journey, the Trusts store your health information in one secure record. Your data is available (subject to certain restrictions listed below) to healthcare professionals, and relevant support and administration staff, employed by, or working in support of, any of the three Trusts.  

We may also provide access either directly or indirectly to partner organisations to ensure safe continuity of care. Where we provide this access, appropriate data sharing agreements are put into place so colleagues can understand their roles and responsibilities in both accessing and handling your data and to document the technical and organisational controls. 

Data sharing can take place through multiple forms when supporting direct patient care: 

• Direct Access to the EPR - If an organisation needs to add to (in addition to viewing) your healthcare record they may be provided direct access to the EPR and will be adherent to Devon EPR Policies. These will usually be third party organisations who are performing a task on behalf of one or more of the Trusts, such as Liaison Psychiatry services. 

• EpicCare Link - If an organisation needs to view your record, they may be provided access via a portal called EpicCare Link. They may also have limited capability to upload information relevant to your care. The organisation will sign up to a data sharing agreement and are individually assessed prior to approval. This usually applies to our local GP surgeries, however, other organisations, such as other NHS Trusts, hospices and other care organisations may also sign up to this access.

• Care Everywhere – Our EPR can communicate with other organisations that use the same system supplier (Epic). We automatically share, and can be shared, summary information (such as your medication, allergies, lab results and problems) with these organisations in the UK. We may also extend this functionality to other organisations who use different EPRs where technologically possible. We can also share information with international organisations; however, this will only be done under one of two circumstances:
  
  
  • You (or a legally authorised third party) have provided explicit consent
    
    
  • There is a deemed vital interest or public health concern, and it is not possible, or appropriate, to gain your consent. 

• Other forms of information sharing – Where the Trusts share information with each other, or third parties, we will ensure all appropriate arrangements are in place. Should we rely on your consent as our lawful basis for sharing we will ensure this is appropriately documented. You will be provided with the appropriate privacy notice where such sharing occurs; please see above links to the Trusts own privacy notices which will cover any further sharing. 

We ensure all agreements are approved by the Trust’s Caldicott Guardians before access is provided. 

All our data sharing, as outlined in this privacy notice, is for supporting direct patient care and therefore we consider it necessary to perform a ‘public task’ (Article 6(1)(e) of the UK GDPR) placed on us.  

The Health & Social Care (Safety & Quality) Act 2015 places a duty on organisations providing healthcare services to share data where it supports the provision of care to an individual, and is in their best interests, unless the individual objects or it relates to an anonymous access service (such as sexual health services).

This duty does not remove the need to comply with data protection legislation or common law confidentiality requirements (please see section below).  

As we process health information, which is considered ‘special category’ and warrants additional protection, we rely on the following condition of processing: ‘Article 9(2)(h)’ of UK GDPR. This allows us to share this data where we need it to comply with our legal obligations to provide or manage healthcare services. 

We would first advise patients to sign up to MY CARE, our patient portal.

MY CARE gives patients and approved proxies (such as family members and attorneys) quick access to view key parts of a medical record and interact with the Trusts to support care and treatment. MY CARE can be used to update certain personal information, manage appointments via scheduling tools, interact with the Trusts via messaging and complete questionnaires and other care management tools. For full details on MY CARE, please review the Terms and Conditions. 

If you require further information, not currently provided in MY CARE, you may contact the Trusts and make a request for this information. These requests are handled by each Trust individually so you will need to contact each organisation separately. Please see the above links to each Trust’s privacy notice. 

All rights requests will be handled by the individual trusts, please see each of the Trust’s privacy notices to understand how they manage these requests. 

To ensure a safe clinical journey, there are only certain sections of your health record that are restricted by technical controls to staff who may need to access your record across Devon.

We also apply additional restrictions to who can access parts of your record in line with our policies, such as where you may receive a service that would only ever need to viewable between the care teams/department involved. 

The Trusts have clear policies in place to prohibit staff unlawfully accessing health information. Staff are subject to these rules both in policy and in contract.

Staff are only authorised to access a patient’s record where it is necessary to perform their role; where this is found not to be the case, this may be considered a breach of the Data Protection Act 2018 and the Computer Misuse Act 1990.  

We conduct regular audits and use monitoring techniques to identify potentially inappropriate access, and if any staff be found to have unlawfully accessed health information, action will be taken in accordance with our policies.  

If criminal activity is identified, the Trusts will report this to the relevant regulatory/law enforcement organisations, as well as professional bodies as appropriate. 

The Trusts take all concerns seriously. You can raise these directly with either your care team, or with our Information Governance Teams (see contact details at top of this notice). You may also contact the Data Protection Officer (DPO) at the Trust responsible for your care. 

Yes, this is your health information.

If wish for your information to not be shared between organisations for patient care purposes, we will always try to respect this.

You can object to the following: 

• Having the data shared between the three Trusts where it relates to sharing for patient care. 

• Having your data shared through Care Everywhere (other trusts with EPRs that we can directly communicate with) 

• Having your data shared through EpicCare Link (GPs etc.) 

We will ask a clinical professional, who may be a member of your care team, or one of our Caldicott Guardians to discuss your concerns and outline any risks that limiting the sharing may mean. You will be asked to acknowledge any risk, and the Trust will record your objection to this sharing. 

If your objection is upheld, we can apply certain privacy controls between the Trusts for those who would otherwise access your information for patient care purposes.

Under our joint agreements, the Trusts share several back-end services to support the EPR. If you request that we do not share your record between the Trusts, and this request is upheld, a smaller group of cross-Trust staff may still need to access your record to ensure security and functionality, and to ensure the Trusts can meet other lawful requirements under which we operate a shared service.

Any objection to your record being shared will only limit access for staff who would access it for direct patient care purposes. 

Please note, any objection is separate to the National Data Opt Out (NDOO) programme, which is a national policy. The NDOO does not apply to direct patient care sharing of health data.  

National Data Opt-Out - NHS England Digital

The Trust’s store your data securely on UK servers.

The Trust’s EPR system supplier is Epic Healthcare, who are based in Wisconsin, USA. There are occasions when troubleshooting issues, we may need to transfer limited patient information securely to our system supplier’s servers in the USA. All appropriate contracts and safeguards are in place to ensure these transfers are completed legally and that your rights will be respected as they would be in the UK.  

Having an integrated EPR across Devon will allow the Trusts to be innovative in our use of technologies (including AI) to support your care; we will always consider the use of these technologies in line with national guidance and best practice. We will always assess any impacts these technologies may have on our patient’s fundamental rights. Primarily, our use of these technologies will always be to support your patient care delivered by the three Trusts; should there be any secondary purposes or use cases, we will ensure transparency with our patients and put all relevant safeguards in place.

Whilst the Trust’s will always endeavour to address your concerns with your directly, you have a right to complain to the Information Commissioner if you are dissatisfied with the way the Trust has handled or shared your personal information:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Tel: 0303 123 1113 (or 01625 545745 or 44 1625 545745 if calling from overseas)
Website: https://ico.org.uk