Records, Data security & IG
Published on: 9th February 2022 | Updated on: 20th October 2023
Data security and information governance covers many topics related to the protection of data, systems, and networks.
Electronic health records (EHR)
The EHR hub section of the website summarises information and current policy on digital electronic health records (EHRs) including the NHS Summary Care Record (SCR).
Policy (EHR) | Community pharmacies and patients are being provided with an increased ability to use EHRs where appropriate consent is arranged. | |
EHR list | Many record-sharing projects are being developed nationally (e.g. SCR) and locally (e.g. Shared Care Records such as Leeds Care Record). | |
SCR | This is an electronic summary of key clinical information (including medicines, allergies and adverse reactions) about a patient, sourced from the GP record. | |
NCRS | NCRS will be a successor to the Summary Care Record application (SCRa) portal. | |
GP Connect ‘Access records’ project | This project enables electronic clinical information (including medicines, allergies and adverse reactions) about a patient, sourced from the GP record to be used for direct care. It excludes enabling access to records information from sectors other than the GP sector. | |
Shared Care Records (ShCRs) | ShCRs should be accessible for those health and care staff which need to access information or record information into it for others. | |
System supplier integration and write access | There are a range of providers marketing shared electronic health record solutions. Community Pharmacy England is supportive of providing healthcare professionals including community pharmacists with appropriate role-based read and write access to EHRs where patients have provided consent. Such access has the potential to greatly improve patient outcomes. |
Other EHR topics
Reasonable Adjustment Flag (RAF) information
NHS Data Security and Protection Toolkit
NHS services providers, including community pharmacy contractors, must give assurances to the NHS each year on their data security and protection systems and procedures, by completing the Toolkit. Read more and visit the guidance at: Data Security and Protection Toolkit (DSPTK)
Data security hub
The Data security & IG hub includes relevant guidance.
Data security a-z
- Access control methods (e.g. passwords)
- Antivirus
- Backups
- CIS2 (authentication for health and care professionals)
- Cyber and technical security advice about how to prevent and deal with data and cyber issues
- Data handling, record keeping and disposal
- Data quality
- Data Security and Protection Toolkit (DSPTK)
- DSPTK FAQS factsheet (or webpage)
- DSPTK HQ batch submission feature (step-by-step guide)
- DSPTK HQ batch submission feature (factsheet)
- GDPR and workbook
- Fax usage
- Mobile messaging
- Mobile device usage and ‘bring your own device’ policy
- National data opt-out system for patients (for data processing for planning/research)
- NHS login – an authentication system for patients (used by NHS App and other apps) to reduce the number of logins/accounts needed by patients
- Opt-out
- Roles (e.g. IG lead)
- Routers
- Smartcards
- System settings and IT updates
- Templates
- Ten steps to help improve data and cyber security within your pharmacy (factsheet)
- Top tips and case studies
- Training
- Video conferencing and video consultations
- Windows 10 versions end-of-support transition guidance
Return to the Pharmacy IT hub, Contract and IT, or IT a-z index
For more information on this topic please email it@cpe.org.uk