We've completed NHS England's thorough assurance process so we can be bought/used by healthcare organisations in England. We have been assured and comply with the high data of privacy/security and clinical standards set in NHS England's Digital Care Services Catalogue.
Do you have a DPIA?
As the Data Controller, when using Pharmlogic, it is your responsibility to complete a DPIA. As a Data Processor, we cannot complete it for you. However, to be as helpful as we can, we have some DPIA templates completed where you can find all the necessary information to help complete your organisation's DPIA. To access these, email us at [email protected].
Who has access to the patient data?
Healthcare professionals are authenticated when they log into Pharmlogic with their username and password or NHSmail Single Sign-on (SSO).
What data do they have access to?
Users can only access patient data of the other Pharmlogic integration with the Personal Demographic Service (PDS) if they have the patient's NHS number. To ensure accuracy and data minimisation, the only data returned is the patient's name, gender and the last three digits of the patient's mobile number. This means that the user has the minimum information to verify that this is the correct patient.
The PDS search (NHS number) must return an exact match, so a user could not search for a patient by name. The only personal data returned from PDS is the name, gender, and last three digits of the mobile number. The mobile number is obfuscated except for the last three digits so that the number can be verified with the patient or another system.
What measures are in place to protect patients and their data?
Uses have to agree to an acceptable use policy that includes confirming that the service will not be used to communicate SMS messages that are sensitive or clinically urgent.
Pharmlogic scans SMS messages for abusive content and flags to its Clinical Lead if any are detected.
Full audit trails are kept of all searches and uses of the PDS integration.
Patient flagged as a safeguarding risk on PDS will not be returned in the search.
Is Pharmlogic NHS approved?
We've completed NHS England's thorough assurance process so we can be bought/used by healthcare organisations in England. We have been assured and comply with the high data of privacy/security and clinical standards set in NHS England's Digital Care Services Catalogue.
If you still have any questions or concerns, feel free to chat with us using the black message bubble in the bottom right-hand corner of this page.