TPP have introduced new functionality to give patient's greater control over who can see their electronic health record. We have created a simple guide to help you understand how it works, what it does and how to switch it on.
Currently, sharing preferences are set per unit for which the patient is registered. The patient has the option of sharing their record in and out at each site. This functionality is staying exactly the same and will not change.
TPP have added a step for authenticating sharing in preferences at a unit who is not currently on your GP unit allowed list. For example, if a District Nursing service tries to register one of your patients, and you have not pre-authorised the service (put them on your allowed list), the service will have to contact the patient directly to obtain from them the authorisation code which will have been sent automatically to the patient on referring them in and setting the Sharing In preference. The authorisation code can get sent via an SMS text message, an email or via SystmOnline.
It may be that the District Nursing service sees many of your patients and you wish to bypass this extra authentication step. This is where your allowed list comes in. If you add the District Nurses to your list, the extra step is missed and the sharing preferences stay exactly the same.
If another community service tries to register one of your patients, and they are not on the allowed list, they must contact the patient for the code. The decision is then in the patient’s hands, and iif there is not a legitimate reason, the patient can refuse the request.
It may be worthwhile spending some time thinking about the services that you frequently use and making a list of them before starting the following guide.
1. Access the sharing in preferences screen by clicking Setup > Users & Policy > Share In Rules.
2. If no changes have been made, the currently selected option will be “No Organisations Require Verification”. This means that the new functionality has not yet been activated. Click Custom to display the allowed and disallowed lists.
3. In the top half of the screen, we will add units to the “Do Not Require Verification” box. You may wish to add certain unit in bulk to your allowed list, such as A&E and MIU units. To do this, click the Add Organisation Types button and select the A&E and A&E MIU options and click OK. You may not wish to this with other unit types, such as Community Services as this will mean that any community unit in the country can see the patient record without having to go through the verification step.
4. To add the local units that your practice uses frequently, click the Add Organisation button to open the browser.
5. The organisations in your local area will be displayed at the top of the list. Click them one at a time and click OK to add them to your list. Use the search box to find units that are not visible on the list.
6. Finally, add your own surgery to the list. Click OK when the list is completed.
7. If there are any units that you do not want to be able to access your patient’s records without the verification, add them to the bottom box “Organisations That Cannot Access The Shared Record”.
You can change these preferences on a per-patient level.
1. Open the required patient record.
2. Click the Share In Rules node (this may need to be added to your tree).
3. This screen displays the patient’s current ways they can receive verification codes. In this example, we have a patient’s email address and mobile number, but they do not yet have online access.
4. By default the patient will be using the Practice Default method, however you could select Custom and add organisations to the allowed or disallowed lists as in the example above.