Improving Health, Improving Lives
NHS Calderdale Clinical Commissioning Group Logo

Data Sharing (1718014)

1: How many of the GP practices within your CCG have switched on ‘Enhanced Data Sharing’ from TPP?

We can confirm that all S1 TPP practices within our geographical area have EDS switched on. Calderdale CCG has 21 S1 TPP practices in its geographical area.

2: How is patient data being protected from being viewed by individuals who are not involved with that patient’s care?

We do not hold records to provide you with a comprehensive answer to your question. As individual GP Practices are the data controller of patient identifiable information held within paper and electronic records in the Practice, we suggest that you may wish to direct your request to GP Practice level to fully understand local policy, procedure and processes in place.

 3: How do patients with sensitive medical issues eg. Mental Health, HIV positive, early pregnancy, prevents their data being shared?

Please see our response to question 2 above.

4: How is the CCG working to ensure data protection compliance and the avoidance of misuse of the data?

GPs are data controllers in their own right and are therefore responsible for compliance with all necessary laws and IG standards.  GP Practices within the NHS (Calderdale CCG area] receive specialist advice and support in information governance from an external third party.  NHS England has arrangements in place with eMBED Health Consortium to provide information governance support for all primary care providers.    This includes answering queries about data protection, confidentiality, IG incidents, information security and IG policy.  The CCG works to promote best practice in data protection and information sharing when working on practice level schemes.  

5 a): Does SystmOne have the capability to identify unauthorised access to a patient record by a user not involved with the patient’s care?

The TTP S1 software has a full audit trail and any access is fully auditable and via a Registration Authority smartcard. Any patient data access that either over rides patient dissent to view/share or accesses without consent given, generates an automated alert to the practice’s privacy officer for investigation.

 5 b): If so, how is this unauthorised access to patient data reported to the CCG?

We do not hold the records to provide you with an answer to your question. Please see the response to question 4.

6: How is the CCG planning to report unauthorised access to the patient?

We do not hold the records to provide you with an answer to your question.  Please see the response to question 4.

7: What plans does the CCG have to handle data protection claims from patients whose data has been illegally accessed?

We do not hold the records to provide you with an answer to your question. Please see the response to question 4.

Online Publications

 We have detailed below links to information including statements from The Phoenix Partnership (TPP), Dr John Lockey, Chair of the SystmOne National User Group (SNUG) and the British Medical Association (BMA) including Frequently Asked Questions for Practices:



NHS Choices
NHS Constitution
NHS Constitution
Disability Confident Employer Badge

NHS Calderdale Clinical Commissioning Group: 5th floor, F Mill, Dean Clough, Halifax, HX3 5AX. Tel: 01422 307400

| Accessibility | Privacy Notice | Glossary of Terms | Work for us |

Icons provided by Icons8. Free Stock Videos by Videezy

© NHS Calderdale CCG 2019