Portsmouth Hospitals NHS Trust
Records Management Strategy
2014-2016
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 1 of 14
CONTENTS
1.
2.
3.
4.
5.
6.
7.
INTRODUCTION ......................................................................................................................... 3
PURPOSE ................................................................................................................................... 3
SCOPE ........................................................................................................................................ 3
DEFINITIONS .............................................................................................................................. 3
DUTIES AND RESPONSIBILITIES .............................................................................................. 4
PROCESS ................................................................................................................................... 4
REFERENCES AND ASSOCIATED DOCUMENTATION .......................................................... 14
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 2 of 14
1. INTRODUCTION
1.1
This document sets out an overarching framework for integrating current records
management initiatives. This will enable overall coordination of all records
management activities and ensure alignment with the Trust’s business strategies.
1.2
The records management strategy should be read in conjunction with the Trust’s
policies for the management of clinical and non-clinical records and for retention and
disposal.
1.3
With the commencement and implementation of Connecting for Health’s delivery of
the National Programme for Information Technology (NPfIT), it is imperative that the
Trust has an effective, robust Records Management Strategy.
1.3.1
Increasingly, electronic patient records will be introduced to negate the need
for paper health records, although full implementation may be several years
off. The NHS Care Records Service (Summary Care Record), the Hampshire
Health Record (HHR) and Trust’s Electronic Document Management (EDM)
Programme are all examples of a electronic patient records, that must be
effectively and accurately aligned with existing paper records.
2. PURPOSE
This strategy provides a framework for current records management practices and potential
initiatives. It is a strategy to improve the quality, availability and effectiveness of all Trust
records, providing a strategic framework for records management activities.
3. SCOPE
3.1
This strategy relates to all clinical and non-clinical operational records held in any
format by the Trust as detailed in the Department of Health’s publication Records
Management: NHS Code of Practice, i.e.:
 all administrative records (e.g. personnel, estates, financial and accounting
records, notes associated with complaints etc); and
 all patient health records for all specialties and including records for private
patients treated on NHS premises
3.2
These include records held in all formats, for example:
 paper records, reports, diaries and registers etc;
 electronic records;
 x-rays and other images;
 microform (i.e. microfiche and microfilm); and
 audio and video tapes
‘In the event of an infection outbreak, flu pandemic or major incident, the Trust recognises that
it may not be possible to adhere to all aspects of this document. In such circumstances, staff
should take advice from their manager and all possible action must be taken to maintain
ongoing patient and staff safety’
4. DEFINITIONS
Clinical Record: anything that contains clinical information regarding an individual patient, which
has been created or gathered as a result of any aspect of work of NHS health professionals,
and may be contained on any media.
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 3 of 14
5. DUTIES AND RESPONSIBILITIES
All departments / specialties must have a clear chain of managerial responsibility and
accountability for the records they create. All staff are responsible for the day-to-day
management of records whilst in their possession, or under their control.
The Information Governance Manager is responsible for coordinating audit of records
management practices and reporting on findings.
6. PROCESS
6.1
Aims
The aims of the Trust’s Records Management Strategy are to ensure:





6.2
a systematic and planned approach to records management covering records
from creation to disposal
efficiency and best value through improvements in the quality and flow of
information, and greater coordination of records and storage systems
compliance with statutory requirements
awareness of the importance of records management and the need for
responsibility and accountability at all levels; and
appropriate archiving of the Trust's important records
Key Elements
The Records Management Strategy comprises the following key elements:
6.2.1 Responsibility and Accountability
To provide a clear system of accountability and responsibility for record keeping and
use
It is important that all individuals in the Trust appreciate the need for responsibility and
accountability in the creation, amendment, management, storage of, and access to all
Trust records. A major target is therefore to have a clear chain of managerial
responsibility and accountability for all records created by the Trust. This is the
prerequisite for an effectively coordinated Records Management Strategy.
6.2.2 Record Quality
To create and keep records which are adequate, consistent, and necessary for
statutory, legal and business requirements
Trust records should be accurate and complete, in order to facilitate audit, fulfil the
Trust’s responsibilities, and protect its legal and other rights. Records should show
proof of their validity and authenticity so that any evidence derived from them is clearly
credible and authoritative.
6.2.3 Management
Achieve systematic, orderly and consistent creation, retention, appraisal and disposal
procedures for records throughout their life cycle
Record-keeping systems should be easy to understand, clear, and efficient in terms of
minimising staff time and optimising the use of space for storage.
6.2.4
Security
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 4 of 14
Provide systems which maintain appropriate confidentiality, security and integrity for
records in their storage and use
Records must be kept securely to protect the confidentiality and authenticity of their
contents, and to provide further evidence of their validity in the event of a legal
challenge.
6.2.5 Access
Provide clear and efficient access for employees and others who have a legitimate
right of access to Trust records, and ensure compliance with Access to Health
Records, Data Protection and Freedom of Information legislation
Access is a key part of any records management strategy. Fast, efficient access to
records unlocks the information and knowledge they contain.
6.2.6 Audit
Audit and measure the implementation of the records management strategy against
agreed standards
The performance of the records management programme will be audited.
6.2.7 Training
Provide training and guidance on legal and ethical responsibilities and operational
good practice for all staff involved in records management
Effective records management involves staff at all levels. Training and guidance
enables staff to understand and implement policies, and facilitates the efficient
implementation of good record keeping practices. New staff receive training (an
introduction to records management and current issues) at Trust Induction.
6.3
Current Position
National Drivers
Records Management: NHS Code of Practice is a guide to the standards of practice
required in the management of NHS records, based on the current legal requirements
and professional best practice. The guidance applies to all NHS records and contains
details of the recommended minimum retention period for each type of record.
The NHS in England is introducing the NHS Care Records Service (NHS CRS) to
improve the safety and quality of patient care. Over time, the NHS CRS will begin to
provide healthcare staff with quicker access to reliable patient information to help with
treatment, including in an emergency.
Computer systems are already used to keep notes of patient appointments, medicines
prescribed, test results and details of any referrals to other healthcare staff. X-rays
and scans are also increasingly held on computers rather than sheets of film. The
NHS Care Records Service will make providing care across NHS organisations, such
as the GP practice and the hospital safer and more efficient.
The purpose of NHS CRS is to allow information about patients to be accessed more
quickly, and gradually to phase out paper and film records which can be more difficult
to access.
The (NHS) Care Record Guarantee sets out the rules that govern how patient
information is used in the NHS and what control the patient can have over this. It is
based on professional guidelines, best practice and the law and applies to both paper
and electronic records.
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 5 of 14
The NHS Care Record Guarantee is significant for records management practices as
it includes information on:





People’s access to their own records
How access to an individual’s healthcare record will be monitored and policed
and what controls are in place to prevent unauthorised access
Options people have to further limit access
Access in an emergency
What happens when someone is unable to make decisions for themselves
NHS Number Standard for Secondary Care – the Trust is currently in the process of
outlining and implementing a Project Plan to meet the requirements of the NHS
Number Standard for Secondary Care. The key purpose of the NHS Number
Standards is to improve patient safety by using the NHS Number to link patients to
their records. The NHS Number should be present in all active patient records and
determined as early as possible in the episode of care.
The NHS Number is the only National Unique Patient Identifier in operation in the NHS
at this time. The use of the NHS Number is fundamental to improving patient safety
across all care settings by:
 Reducing clinical risk caused through misallocation of patient information
 Resolving some of the barriers to safely sharing information across healthcare
settings
 Assisting with long term follow-up processes and audit
There are four major principles:
 The NHS Number will be included as a patient identifier on all systems and
documents which include Patient Identifiable Data
 The NHS Number will be the “first choice” for searching electronic patient
records
 All practical attempts should be made to determine the NHS Number before or
at the start of an episode of care, but if this is not possible then tracing should
be performed as early as possible in the episode
 The NHS Number will be supplied as a patient identifier for any Patient
Identifiable Data that passes across system or organisational boundaries
Information Governance Toolkit (Records Management Standards)
All NHS organisations should have in place an organisation-wide Information Lifecycle
Management (ILM) Policy or equivalent policies, to include the process for managing
risks associated with clinical records on all media. A strategy for implementing the
policy should also be in place that identifies the resources needed to ensure records
of all type are properly controlled, tracked, accessible and available for use and for
eventually archiving or otherwise disposing of records. All documents should be in line
with the principles contained within the NHS Records Management Code of Practice.
Without a comprehensive approach the Trust will be unable to fully implement the
Freedom of Information Act 2000 requirements.
Care Quality Commission (Outcome 21: Records Management)
(1) The registered person must ensure that service users are protected against the
risks of unsafe or inappropriate care and treatment arising from a lack of proper
information about them by means of the maintenance of—
(a) an accurate record in respect of each service user which shall include
appropriate information and documents in relation to the care and
treatment provided to each service user; and (b) such other records as are
appropriate in relation to —
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 6 of 14
(i) persons employed for the purposes of carrying on the regulated activity,
and
(ii) the management of the regulated activity
(2) The registered person must ensure that the records referred to in paragraph (1)
(which may be in paper or electronic form) are—
(a) kept securely and can be located promptly when required
(b) retained for an appropriate period of time
(c) securely destroyed when it is appropriate to do so
NHSLA Risk Management Standards
(1.7) Health Records Management
The Trust must have an approved documented process for managing the risks
associated with paper and electronic health records.
The document process must include:
 Duties
 Legal obligations that apply to records
 How a new record is created
 How health records are tracked when in current use
 How health records are retrieved from storage
 Process for retention, disposal and destruction of records
 How the organisation monitors compliance with all of the above
(1.8) Health Record-Keeping Standards
The Trust must have an approved document process for health record keeping.
The documented process must include
 Basic record-keeping standards, which must be used by all staff
 Process for making sure a contemporaneous record of care is completed
 How the organisation trains staff, in line with the training needs analysis
 How the organisations monitors compliance with all of the above
6.3.1 Local Drivers
Storage issues –This facility does not have unlimited storage and routine disposal of
records must be undertaken to ensure its storage limit is not compromised.
Accessibility –The Information Governance Steering Group will continue to receive
regular reports on casenote availability and other accessibility issues to maintain
appropriate monitoring.
Governance – there are recognised governance issues around the quality of health
records, including the accuracy and completeness of documentation, misfiling of
information and poor physical state of the record. The improved establishment of the
Health Records Quality audit process has enabled a greater awareness of governance
issues to be identified and addressed.
Volume of electronic records – due to the less virtual nature of electronic records there
is a greater potential for uncontrolled increases in volume and the use nonstandardised filing conventions and records management practices. Assessment and
remedy of such issues will require a co-ordinated approach from ICT and records
management leads.
Information Risk Management Management of Local Risks
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 7 of 14
Any risks associated with Records Management practices – e.g. issues with casenote
availability – should follow the Trust’s normal risk reporting processes.


Risks will be initially identified on Clinical Service Centre Risk Registers, to be
presented through the Risk Assurance Committee (RAC) for a decision on
whether to escalate to the Trust-wide Corporate Risk Register
From the Corporate Risk Register, high-risk will go on to the Trust’s Assurance
Framework
This approach will ensure consistent reporting and management of risks associated
with Records Management and offer the opportunity for early identification of risks that
could affect other areas.
Strengths
 Dedicated management posts related to the function of the Health Records
Library
 Information Governance Manager responsible for providing strategic direction
for the management of records, supported by clinical and non-clinical records
management policies
 Information Governance Steering Group includes clinical and corporate
records management as standing agenda item, and responsible for
progressing the work programme associated with records management
 Establishment of Senior Information Risk Officer with Executive responsibility
for information risk management (where associated with poor records
management)
 Information Risk Management Programme identifying information assets,
information asset owners and associated risks, which incorporates records
management practices
 Establishment of purpose-built Health Records Library which, whilst based at
an off-site facility, is manned 16 hours per day from 0600 – 2200 and during
this time can provide records in an emergency within 30 minutes. Operational
changes within the Health Records Library have seen a significant increase in
quality of case note availability (to around 99%)
 More robust and established Health Records Quality Audit, assessing the
quality of clinical record keeping
 Health Records Steering Group established to address issues Trust-wide
relating to medical records management.
Weaknesses
 Issues with some aspects of health records management, e.g. documentation
standards, misfiling of patient information etc. – activities which are the
responsibility of those individuals handling the records
 Financial restrictions may apply should any records management solutions be
identified
 Instances of records being decanted on wards, which can introduce a risk to
patients if the decanted record is not subsequently married back with the main
record
 Lack of detailed assessment of the quality of electronic record keeping and the
potential proliferation of electronic records (due to their virtual nature)
increases the potential for unstructured / non-standardised filing systems
 Lack of staff trained in casenote tracking within PAS
Opportunities
 The IGSG to identify and address records management related issues across
the Trust and thus reduce risk
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 8 of 14





6.4
Records Management e-learning modules provide by Connecting for Health
and available online on the Information Governance Training Tool
To impress on senior managers the importance of records management and
the key role in which it plays in service delivery and to promote consistency of
practice
Departments to increase working with ICT to achieve a better understanding of
local needs relating to electronic records management
An increased understanding of day-to-day records management issues should
result from increasing the requirement for all CSCs and corporate functions to
undertake corporate records inventories
Increase in the availability of specialist Electronic Document Management tools
(for the management of corporate records), which could be explored to aid
compliance with best practice in this area (although products would carry
potentially significant outlay and / or maintenance and / or licence costs)
Implementation
The action points, in the table below, have been developed from the Trust’s records
management policies which require the following fundamentals to be present:
 existence of an overall policy statement on how records (including electronic
records) are to be managed;
 endorsement of policy by senior management;
 dissemination of policy to staff at all levels;
 provision of corporate mandate for the performance of all records and
information functions;
 organisational commitment to create, keep and manage records which
document activities;
 definition of roles and responsibilities;
 definition of responsibility of personnel to document actions and decisions in
the records and to dispose of obsolete records;
 provision of framework for supporting appropriate standards, procedures and
guidelines;
 provision of monitoring mechanisms to ascertain compliance with appropriate
standards, procedures and guidelines; and
 review of policy at regular intervals (at least once every two years)
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 9 of 14
The key elements of this strategy will be implemented as follows. Previous versions of the Strategy identify key elements that have been completed
and which have become established practice (note the non-consecutive numbering):
Strategic Goal
1 Responsibility and
Accountability
Objective
To provide a clear system of
accountability and
responsibility for records
Action
1.5 Manage implementation of the records
management strategy, including provision of
advice on records management,
establishment of good practice guidelines
and of compliance with relevant legislation
and NHS guidance
2.2 Reduce the duplication of records to
improve information sharing, reduce cost and
save space
2 Record Quality
To create and keep records
which are adequate,
consistent, and necessary for
statutory, legal and business
requirements
Responsibility
Information Governance
Steering Group
Target
Date
Ongoing
Head of Information
Management and
Governance
Head of Patient Services
Ongoing
Information Governance
Manager
SIRO
Senior ICT Security
Specialist
2.4 Identify all records vital to the continuing
functioning of the activities of the Trust in the
event of disaster and make provision for their
protection (to be cross-referenced with the
Trust Risk Management Strategy)
Information Governance
Manager
Ongoing
Business Continuity Lead
Link with relevant standards from
the IG Toolkit regarding business
continuity and Information Asset
Risk Assessments
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 10 of 14
Strategic Goal
Objective
Action
3.1 Review existing records management
practices to establish what needs to be done
to comply with the ‘Records Management:
NHS Code of Practice’
3 Management
4 Security
To achieve systematic, orderly
and consistent creation,
appraisal, retention and
disposal procedures for
records during their lifecycle
To provide systems which
maintain appropriate
confidentiality, security and
integrity for records in their
storage and use
3.12 (Whilst electronic records are subject to
the same creation, appraisal, retention and
disposal process as paper records) develop
guidance as appropriate to take into account
the particular technical requirements of
electronic media
4.1 Develop and promulgate policies and
procedures to protect records from
unauthorised alteration or erasure, to ensure
that access to records is properly controlled,
and to maintain adequate audit trails to track
the use and location of records held
4.5 Develop appropriate Information Sharing
Protocols and Subject Specific Information
Sharing Agreements for the exchange of
confidential and personal information
4.6 Provide guidance on ‘back-up’, archiving
processes and audit trails for electronic
Responsibility
Information Governance
Manager
Target
Date
Ongoing
Head of Information
Management and
Governance
Head of ICT Operations
Information Governance
Manager
December
2014
Consideration of increased used
of SharePoint for document
control or increase ‘manual’ audit
of electronic records
Senior ICT Security
Specialist
Information Governance
Manager
Information Asset Owners
Ongoing
Link with System Security
Policies and Information Asset
Risk Assessments
Information Governance
Manager
Ongoing
Head of Information
Management and
December
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 11 of 14
Strategic Goal
Objective
Action
records, as well as on measures to prolong
their access and use for as long as required,
including migration across systems and onto
different types of media
Responsibility
Governance
Target
Date
2014
Senior ICT Security
Specialist
Information Asset Owners
Information Governance
Manager
Business Continuity Lead
Link with Information Asset
Business Continuity Plans.
Guidance re: data warehouse
and Interoperability Toolkit
5 Access
7 Training
To provide clear and efficient
access for employees and
others who have a legitimate
right of access to Trust
records, and ensure
compliance with current Data
Protection and Freedom of
Information legislation
5.2 Develop systems to determine any
access restrictions at the point of records
creation
To provide training and
guidance on responsibilities
and good practice for all staff
involved with records.
7.1 Provide (for all staff, departmental
managers, and in particular for local record
managers) procedure manuals and
instructions, guidance on good practice, and
advice on procedural issues and
requirements. These instructions should
cover all records management systems
within the Trust, information quality and
security, data protection, information
handling, and legislative and statutory
Information Governance
Manager
Link with central guidance
“Information Governance
Baseline – 2012/13” re: systems
development
December
2014
Senior ICT Security
Specialist
Head of Information
Management and
Governance
Ongoing
Information Governance
Manager
Health Records Manager
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 12 of 14
Strategic Goal
Objective
Action
Responsibility
Target
Date
requirements
7.2 Raise the profile of records management
within the Trust through publicity about the
issues involved and the staff responsible
Information Governance
Manager
Ongoing
Head of Patient Services
D:\81920865.doc
Version: 6
Review Date: September 2016
Page 13 of 14
7. REFERENCES AND ASSOCIATED DOCUMENTATION
NHS Care Record Guarantee
http://www.nigb.nhs.uk/guarantee/crs_guarantee.pdf
Trust Non-Clinical Records Management Policy
http://www.porthosp.nhs.uk/ManagementPolicies/Non%20Clinical%20Records%20Management%20Policy.doc
Trust Clinical Records Management Policy
http://www.porthosp.nhs.uk/ClinicalPolicies/Clinical%20Records%20management%20policy.doc
Trust Records Retention and Disposal Policy
http://www.porthosp.nhs.uk/ManagementPolicies/Records%20Retention%20and%20Disposal%20Policy.doc
Records Management: NHS Code of Practice
http://www.dh.gov.uk/en/Publicationsandstatistics/Publications/PublicationsPolicyAndGuidance/
DH_4131747
Care Quality Commission – Essential Standards for Quality and Safety (Outcome 21: Records)
http://www.cqc.org.uk/sites/default/files/media/documents/gac_-_dec_2011_update.pdf
NHS Litigation Authority Risk Management Standards – Standard 1: Governance (1.7 and 1.8)
http://www.nhsla.com/NR/rdonlyres/6CBDEB8A-9F39-4A44-B04C2865FD89C683/0/NHSLARiskManagementStandards201213.pdf
NHS Connecting for Health – Information Governance Training Tool
https://www.igte-learning.connectingforhealth.nhs.uk/igte/index.cfm
Records Management Strategy
Version 4. Issued: 01 March 2010 (review date March 2012)
14
Page 14 of