Governance

It is important to follow the GPhC standards on patient confidentiality and consent when accessing SCRs. Information in the SCR is subject to relevant NHS information governance requirements. Therefore, to monitor and audit access to SCRs, information governance safeguards must be in place.

Every pharmacy organisation must appoint a SCR governance person (SGP) who is responsible for auditing SCR access. Each time a SCR is viewed, an alert will be generated on a system database called the alert viewer. There is a process for reviewing alerts, although not all alerts need to be looked at individually.

For guidance on alert monitoring, look at NHS Digital’s guidance at nhs.uk/ services/summary-care-records-scr/summary-care-record-scr-in-communitypharmacy/ scr-governance-person-sgp-for-scr-in-community-pharmacies.

It is the responsibility of the SCR governance person to check if access was appropriate and legitimate. This process of checking will ensure access to SCRs is monitored and that any unauthorised access will be noticed and acted upon. In the case of inappropriate access (for example, without permission or good reason), it is the SGP’s responsibility to investigate.

The pharmacy should also consider and review procedures for preventing accidental disclosure, staff training, managing critical incidents, and whether they are appropriate for SCR use.