CQC digital record system guidance places emphasis on availability, security and governance with a person-centred approach

Care Quality Commission has released guidance on best practice for digital record systems, focusing on the role of “good quality records” in providing “safe, effective, compassionate, high-quality care”, and sharing four principles for providers around keeping systems person-centred with emphasis on availability, security, and governance.

The first of the four principles highlights how systems should “put people at the centre of their care and treatment, promoting and enabling good outcomes for them”. CQC highlights that users should be able to expect to be involved in decision-making on their care; that care is personalised to their needs; and that their care records reflect their choices and preferences. In line with this, it states that providers should be able to demonstrate the ways their system meets these needs, how people are using their system, and that users are aware of what the digital system means for them.

With regards to availability, CQC emphasises that “the right people” need to be able to access information when they need to. Users should therefore be able to expect to have access to their care records “in a way that meets their needs and preferences”; to be involved in decisions to share their personal information when needed; and to be supported by staff who have access to their information to fully understand their needs. CQC notes that providers should demonstrate a “clear understanding” of their role in providing appropriate access to information, as well as how they support people in understanding or sharing this information.

Under security, CQC considers that people should be able to expect that information about them is stored securely; that they should be treated with dignity and respect; and that they are protected from avoidable harm. This includes letting people know if their privacy or confidentiality has been breached, and ensuring that information about people is being used in theirs or the general public’s best interest. Providers could demonstrate that staff understand how to keep people’s information safe; that information is stored in line with GDPR; that they have a clear plan for data breaches or cyber attacks; and that they comply with the Data Protection and Security Toolkit or equivalent as a minimum.

Finally, CQC sets out guidance for governance, emphasising that systems should be be assessed and monitored to minimise risks and improve the quality of care. It should be expected that digital records systems help keep people safe and promote good outcomes, and that the quality of information being recorded about users is “accurate, complete, and up-to-date”. Providers should demonstrate this by taking actions to continuously improve services, including maintaining devices and ensuring software is updated, and identifying risks and quality issues to take appropriate action quickly.

HTN’s recent panel on taking a data-driven approach to operational improvements, day-to-day management, and proactive care, highlighted the importance of up-to-date data in care planning, and in promoting preventative care.

Earlier in the year, we heard from Vijay Magon on the challenges and considerations for providers in the secure management of patient data.

To read the CQC’s guidance on digital record systems in full, please click here.