OPC UK DATA TRANSPARENCY INFORMATION
Last updated 13 July 2022
What this information is about
The information on this page provides further information about how Optimum Patient Care Limited (OPC, we our, us) collects, stores and uses data from its quality improvement and research support services (also called OPC Services). Information on how OPC handles personal data as controller is provided in our Privacy Notice. Both documents should be read together to give a complete view of how personal data is processed by OPC.
To help understand the information on this page, the types of data mentioned are defined below.
This is information which relates to a living individual who can be identified either directly or indirectly from that information. Personal data contains information or identifiers that can identify the person the data relates e.g. name, date of birth, address, contact information, etc. OPC do not process data that can identify patients by name when providing the OPC Services (see further information on these services, below).
Pseudonymised or de-identified data
This is information which has had identifiers (information that will identify the person it relates to) such as name, date of birth, address, contact information, removed and replaced by a code or unique ID that cannot be traced back to the person the information relates to. The patient data OPC receives from GP practices is pseudonymised data as the identifiers of each patient has been replaced with a unique ID. Pseudonymised data is still considered personal data under the GDPR even though OPC cannot directly attribute the information received to a named individual. Only the GP practice can reverse the unique IDs back to the patient’s name.
This is information which cannot identify or re-identify an individual (directly or indirectly), either on its own or when combined with other information. Anonymised data is not personal data. The research data that OPC provides for ethics approved research is anonymised data as it does not contain any information such as name, date of birth, address, contact information etc and any unique ID that was attributed to the data for use with the OPC quality improvement services is removed before its inclusion on the research databases (see further information on the OPCRD and OPCRD-NEXUS, below).
About Optimum Patient Care (OPC)
OPC is a not-for-profit, social enterprise that provides free quality improvement and research support services to GP practices in the UK since 2005. We help practices with reports and activities to assist them in improving the care they provide for patients with chronic and public health conditions such as asthma, COPD and Covid-19, rare diseases and many more. We also help practices to take part part in real-life research and clinical trials.
Read more about our company, our team, our partners and all the quality improvement and research support services we provide.
Data OPC holds and why
Quality improvement data
Participating practices share pseudonymised patient data with OPC, for us to support them with their improvements and NHS approved research. We provide free quality improvement programmes for practices from a wide range of areas including in relation to asthma, COPD, Covid-19 and rare diseases.
The pseudonymised data is collected from GP electronic health records (EHR) using secure data collection software. Any information that will identify a person (e.g. name, date of birth, address, contact information) is removed and a unique code (pseudonym) is given to each patient’s data. The pseudonym enables only the practice to identify their patients. The data is then encrypted and transferred through a secure network called the Health and Social Care Network (HSCN) to OPC.
The pseudonymised data is held securely in the OPC Service Database (OPCSD). We use OPCSD for ongoing provision of OPC Services to practices and to make improvements to our services for practices.
Patients cannot be identified from the data OPC receives from practices. We do not collect data for patients who have opted out from the sharing of their medical data for planning or research purposes. A practice can request at any time for their patients’ data to be removed from OPC databases without disclosing the identity of patients.
The pseudonymised data OPC collects from participating GP practices includes:
Patient demographic and registration information e.g. age (year of birth only), sex, ethnicity, district level postcode, practice joining and leaving dates, etc
Clinical or medical history, symptoms and diagnoses. This is both coded data and redacted text. The data includes date of event, event code, numeric results, etc
Prescriptions, therapies and appliances/devices – details of prescriptions for drugs issued to patient. Comprises coded data and redacted text. The data includes name of medication, ingredient, dose, date of issue, number of tablets, etc
Laboratory tests – e.g. blood tests, lung function tests, the date, the result of the test.
Referrals or information on care received outside the Practice e.g. date of referral, urgency of the referral (routine, urgent) type of referral.
We take steps to exclude information regarding: sexually transmitted diseases, termination of pregnancy, fertility treatment, convictions/imprisonments, physical/psychological/sexual abuse.
Practices contribute pseudonymised patient data to the OPCSD which OPC, as data controller, transfers to our NHS research ethics approved database called the Optimum Patient Care Research Database (OPCRD). Research undertaken using data from OPCRD helps improve science and public health, understanding of medical conditions and how we treat and manage them. It also enables anonymous information of patients from contributing practices to be represented in research which matters and makes a difference. OPCRD has been used for over 90 published research articles.
OPC receives pseudonymised data from practices who have agreed for the data they provide to be used for ethically approved research purposes. OPCRD has NHS research ethics committee (REC) approval to provide access to anonymised research data for studies with scientific or patient benefits that have ethics approval. Researchers will only ever have access to anonymised data. Such data is no longer identifiable and cannot be linked by the Researchers to individual patients, as such this data is no longer considered personal data for data protection purposes. OPC maintains strict policies in respect of access to anonymised research data as further explained below.
A research study must first get ethics approval from an independent governing body called the Anonymised Data Ethics and Protocol Transparency Committee (ADEPT) before access to anonymised research data from OPCRD is provided. The access is provided under a limited Data Sharing and Licence Agreement, given for a limited time (usually 12 months) for the research to complete its analysis. This agreement ensures the researcher(s) keeps the data secure, uses the data only for the purposes that have been approved, and obeys the data protection laws. The anonymised research data is destroyed by the researcher(s) when the study is completed and the results must be published for public benefit. You cannot identify a person from the anonymised data provided from OPCRD for research or the results of the research.
Clinical research data
OPC supported clinical trials or research is where patients have been invited by their GP practice or doctor to participate in a study, and the patients have given their consent to take part and for their data to be used for research. Pseudonymised data from clinical trials is also contributed to OPCRD for ethically approved research.
Please visit Understanding Patient Data website for more information about the importance of patient medical data for research.
How long we hold data
A GP practice can request at any time for their patients’ data to be removed from OPC databases without disclosing the identity of patients; subject to any requirements on data retention by GDPR or DPA 2018. GP practices can also request the removal of a single patient’s data by providing OPC with the relevant unique code assigned to that individual.
OPC will continue to securely hold the pseudonymised data received from participating practices for the provision of OPC Services to the practices. The pseudonymised data OPC holds in OPCSD will be held for a maximum of five (5) years after the participating practice has terminated OPC Services. The participating practice can also instruct OPC to delete their pseudonymised data from OPCSD immediately when they terminate OPC Services.
OPC shall continue to hold pseudonymised data in OPCRD and OPCRD-NEXUS in perpetuity unless the practice notifies OPC in writing to destroy the data, subject to any applicable legal requirements for data retention.
Please note that is is not possible to remove a patient data from anonymized research data, results or publications, as the patient cannot be identified.
Lawful basis for data OPC holds
OPC is a data processor on behalf of participating GP practices who are the data controllers of the pseudonymised patient data shared with OPC as part of receiving OPC Services. Each practice enters into a service, data processing and sharing agreement with OPC, which permits OPC to collect, pseudonymise and hold the data for providing OPC Services to the practice.
As data controller, the GP practice is responsible for determining the lawful basis under which the processing of your personal data takes place and you should refer to further information on this in the applicable privacy notice the GP practice provides to patients. The lawful basis for these activities is covered by one or more of the following lawful bases:
GDPR Article 6(1)(e): Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (being the GP practice).
GDPR Article 6(1)(e) and Article 9(2)(i): Medicines and medical device monitoring – processing of special category data (e.g. data concerning health) for public interest in the area of public health.
GDPR Article 6(1)(e) and Article 9(2)(j): Medical research and statistics – processing of special category data (e.g. data concerning health) for public interest and scientific research purposes.
OPC acts as a data controller for the purposes of transferring data from the OPC Services to make it available for anonymised research purposes. This applies to the data OPC holds in OPCRD and OPCRD-NEXUS. The lawful basis for this is covered by:
GDPR Article 6(1)(f): Processing is necessary for the purposes of the legitimate interests pursued by the controller (being OPC) or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
GDPR Article 6(1)(e) and Article 9(2)(j): Medical research and statistics – processing of special category data (e.g. data concerning health) for public interest and scientific research purposes.
Approvals and Governance
OPCRD is approved by the NHS Health Research Authority Research Ethics Committee (HRA REC reference: 20/EM/0148) to receive and provide data for scientific, exploratory and public health research.
OPCRD also has HRA Confidential Advisory Group (CAG) approval for confidential identifiable patient information (namely – NHS number, date of birth and sex) to be sent from participating practices to NHS Digital for HES hospital data linkage (CAG reference: 21/CAG/0001). The linked data is stored in OPCRD-NEXUS. OPC does not access or hold the identifiable patient information and the information is destroyed by NHS Digital after linkage. Read more about OPCRD-NEXUS.
All research requiring the use of anonymised data from OPCRD must get approval from the Anonymised Data Ethics and Protocol Transparency committee (ADEPT). ADEPT is an independent body of experts who control which research gets access to OPCRD data. If the research involves patient participation, then ADEPT will require the study to also have NHS research ethics approval.
All approved research must sign and comply with a strict Data Sharing and Limited Licence Agreement. It places responsibility on the approved researcher to keep the data secure; to use it only for the approved study; and to destroy it when the study is completed. All studies must have an intent to publish their results for public benefit.
OPCRD data is never sold or provided for insurance or marketing purposes.
OPC works with the DATA-CAN patient and public engagement group to involve patients and the public in how we collect, handle and use patient data for research. Clinical trials also have to involve patients and the public in how trials are designed and carried out.
How we are funded
OPCRD is available to academic organisations such as universities, and non-academic organisations such as charities and commercial companies, for ethically approved research.
OPC receives data access fees from researchers who access OPCRD anonymised research data. We provide access to anonymised data for single study use which we call single licence, or access for multiple study use which we call unlimited licence. Please visit https://opcrd.co.uk/licence-fees/ for more information about OPCRD licence options for researchers. The money is used to provide free OPC Services to GP practices across the UK, and to maintain the database for health and scientific research.
OPC also receives funding from organisations that conduct NHS approved studies, when OPC supports practices with taking part in the studies. We also receive funding support from our affiliate organisations – OPC Global and OPRI.
Data from our databases is never sold, or provided for insurance or marketing purposes.
Your data protection rights
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information. We will try to assist with any requests we receive from data subjects, however rights are only exercisable against data controllers under the GDPR and so we may need to pass your request to (or ask that you approach) the relevant entity that controls the data (e.g. your GP practice):
Your right of access
You have the right to ask us for copies of your personal data held by OPC.
Your right to rectification
You have the right to ask OPC to change or correct information you think is inaccurate about you. You also have the right to ask OPC to complete information you think is incomplete.
Your right to erasure
You have the right to ask OPC to erase your personal data in certain circumstances.
Your right to restriction of processing
You have the right to ask OPC to restrict the processing of your information in certain circumstances.
Your right to object to processing
You have the right to object to processing if we are able to process your information because the process is in our legitimate interests.
Your right to data portability
This only applies to information you have given to OPC. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information with your consent.
You are not required to pay any charge for exercising your rights. We have one month to respond to you. Please note that we are only able to help you exercise your data protection rights if we hold your personal data and we can identify you.
Please send an email to us (Email: email@example.com) if you wish to make a request, or contact our office line on (Tel: 01223 967855).
You can opt out of sharing data
You have the right to opt out of the sharing of your patient data by your GP practice with OPC. Opting out of sharing your health information will not affect the care you receive from your GP practice.
If you do not wish for your data to be shared by your GP practice, or you would like your data to be removed from our databases, please contact your GP practice who can provide OPC with a code (the pseudonym they assigned) to remove your data without disclosing your identity. Individuals in England can also opt-out of data sharing through the National Data Opt Out scheme.
It is not possible to remove a patient from anonymised research datasets, research results or publications, as patients cannot be identified once the data is anonymised.
Data Protection and Security
OPC quality improvement and research support services are provided under strict data security and protection policies to assure patients, practices and researchers that we collect and use data securely and lawfully in compliance with data protection laws – the GDPR and the Data Protection Act 2018 (DPA 2018). OPC is a registered data controller with the Information Commissioner’s Office, registration number: ZA197058.
OPC undertakes and complies with the NHS Data Security and Protection Toolkit (ref: 8HR85) assessment annually. The assessment ensures OPC complies with the National Data Guardian’s data security standards.
OPC has ISO 27001 and ISO 9001 certification (certificate number 385342022). This accreditation demonstrates that OPC operates in accordance with a global framework of information security and quality assurance and management.
OPC staff are regularly trained on data security and protection, including compulsory annual certified training provided by NHS Digital, and NIHR certified Good Clinical Practice (GCP) training. We conduct regular checks and audits to ensure compliance with the GDPR and DPA 2018.
How OPCRD receives pseudonymised data from GP practices but only provides anonymised data for research
The process of how OPCRD receives pseudonymised or de-identified data from practices, but only provides anonymised data for ethics approved research is described below:
GP practice agrees to contribute their de-identified patient data to OPCRD.
GP practice is supported by OPC to set-up their electronic health record system to allow only patient data that has been de-identified to flow to OPC. This means patients cannot be identified from the data the GP practice sends to OPC.
Patients who have opted-out of data sharing are not included in data shared with OPC.
Data is initially stored on the OPCSD following its extraction from the GP practice then undergoes further pseudonymisation and removal of data fields before OPC transfer the data onto the OPCRD, which it maintains as data controller.
OPCRD has NHS research ethics approval to provide anonymised data for research purposes.
Researchers request to access data from OPCRD for a specific study.
All requests are reviewed by an independent body called ADEPT. Only research studies approved by ADEPT can access anonymised research datasets from OPCRD.
The de-identified data required for the approved research is anonymised before it is provided to the researcher. You cannot identify a person from anonymised data or from any results or reports from anonymised data.
Researchers sign a limited Data Sharing and Licence Agreement, which ensures researchers follow strict rules on how the data is used and how long they can hold the data. The data is destroyed when the study is finished.
How OPCRD links hospital data
OPCRD-NEXUS is a secure database that will hold anonymised GP patient data from OPCRD and anonymised hospital patient data such as Hospital Episode Statistics (HES). Hospital data for practices in England is provided by NHS Digital. OPCRD-NEXUS is hosted securely by a third party called Harvey Walsh Limited (Harvey Walsh).
The process is described below:
OPCRD has CAG approval for participating GP practices to send patient identifiers to NHS Digital for the only purpose of providing hospital or HES data.
GP practices send a secure file containing patient identifiers (NHS number, date of birth and sex) to Harvey Walsh, who collect the files from many practices and send it to NHS Digital.
NHS Digital provides only de-identified hospital data for the requested patient identifiers.
NHS Digital send the de-identified hospital data to Harvey Walsh. Harvey Walsh also receives de-identified GP data from OPCRD.
Harvey Walsh joins the de-identified GP data to the de-identified hospital data to form the GP-hospital linked dataset which is stored securely at Harvey Walsh in a database called OPCRD-NEXUS.
OPCRD-NEXUS never receives any patient identifiable information from GP practices or from NHS Digital.
OPCRD-NEXUS data is then used to conduct research for studies which have received approval from an independent body called ADEPT.
Only research results or outputs are provided to the researcher. All outputs are fully anonymous and you cannot identify a person from anonymised.
Data Protection Policies and DPIAs
For access to our data security and protection policies, please contact us using the information below.
For access to OPC data protection impact assessments (DPIAs) completed for OPC Services for GP practices please contact using the information below.
Informing patients – posters for our GP practices
We encourage all GP practices who use OPC Services to display posters at their surgeries or on their websites to tell their patients that they work with OPC, they share pseudonymised data with OPC, and how patients can opt out of their data being shared with OPC.
Click here to download a copy of OPC posters for practices, or please contact us to request a copy using our contact information at the end of this webpage.
If you have any questions or complaints or you require any information about how we handle data at OPC, please contact our Data Protection Team by email, phone or post using the details below:
Write to us: Optimum Patient Care, 5 Coles Lane, Cambridge, CB24 3BA
Email us: firstname.lastname@example.org
Phone us: 01223 967 855
Our Data Protection Officer is Francis Appiagyei. You can email him at email@example.com or write to him using our postal address above. Please mark the envelope ‘Data Protection Officer’.
You can make a complaint about the way we process your personal information to the Information Commissioner’s Office (ICO) using their contact information below. You can also request independent advice from the ICO.
Phone: 0303 123 1113
Post: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
ICO website: https://ico.org.uk/make-a-complaint/
Data transparency page last updated 13 July 2022