Clinical Document Scanning Policy and Procedure

This policy describes and defines the processes to be undertaken

when scanning documentation onto the Electronic Patient Record

(EPR) to ensure adherence to BIP 0008 Code of Practice for Legal

Admissibility and Evidential Weight of Information Stored

Electronically as per British Standard 10008:2014.

Key Words:

Scanning, Patient Document, Day Forward,

Clinical Documentation, Legal Admissibility,

Weight of Evidence, Electronic Records

Version:

Adopted by:

Trust Policy Committee

Date this version

was adopted:

24 February 2022

Name of Author:

Scanning Lead

Name of

responsible

Committee:

Data Privacy Committee

Please state if

there is a reason

for not publishing

on website:

N/A

Date issued for

publication:

February 2022

Review date:

July 2024

Expiry date:

1 February 2025

Target audience:

All staff who access, process and / or maintain

patient records

Type of Policy

Non Clinical

Which Relevant CQC

Fundamental Standards?

9 & 12

Clinical Document

Scanning Policy and

Procedure

Page 2 of 29

Contents

Version Control.....................................................................................................................4

Equality Statement................................................................................................................5

Due Regard............................................................................................................................6

Definitions that apply to this policy.....................................................................................6

1.0 Purpose of the Policy......................................................................................................7

2.0 Summary of the Policy……………………………………………………..…….………........7

3.0 Introduction………………………………………………………………..….…………….…...8

4.0 Duties within the Organisation......................................................................................9

5.0 Legal Admissibility………………………………………………………….………..…..……10

5.1 Retention of documentation……………… ………………………………….………..……11

5.2 Legal Implications……………………………………………………………………………...11

6.0 Technical Requirements……………………………………………………….……………..11

6.1 System Size Limitations………………………………………………………….….………..11

6.2 Use of OCR (Optical Character Recognition)……………….……………….….…..…....11

6.3 Colour Documents…………………………………………………………………..…….…..11

6.4 Duplicate Letters…………………………………………………………….……..…….….…11

6.5 Administrative Letters…………………………………………..……………….……...….…12

6.6 Indexing and Metadata…………………………………………………………………....…..12

6.7 Communication & Letters………………………………………………….……….……...…13

6.8 Record Attachments …………………………………………………………………….…….13

6.9 Compression……………………………………………………………………….…...…..…..13

6.10 Temporary storage of scanned and uploaded documents……..………………...….13

6.11 Scanning Timescales ………………………………………………………………………..13

7.0 Scanning and Quality assurance Processes…………………………………….………..14

7.1 Preparation to Scanning………………………………………………………….……...…...14

7.2 Scanning …………………….……………………………………………………………..…...15

Page 3 of 29

7.3 First Level Quality assurance………………………………………………………….…....16

7.4 Second Level Quality assurance………………………………………………………..…..16

7.5 External Level Quality assurance………………………………………………….…....…..17

7.6 Rescanning………………………………………………………………………….….…..…...18

7.7 Audit …………………………………………………………………………………..…..…..…18

8.0 Monitoring and reporting…………………………………………………………………......18

9.0 Retention………………………………………………………………………………….….…19

10.0 Risks……………………………………………………………………………………….…....19

11.0 Disaster Recovery/Business Continuity…………………………………………….…....19

12.0 Mental Health Act Documentation…………………………………………………..……..19

13.0 Working files……………………………………………………………………….….……....19

14.0 Art/Therapeutic records…………………………………………...……………..……........20

15.0 Copyright Materials……………………………………………….………………….………20

16.0 Training Needs…………………………………………………………….……….…...….....20

17.0 Communication……………………………………………………………………….......…..20

18.0 Monitoring Compliance and Effectiveness................................................................21

19.0 Standards/Performance Indicators.............................................................................22

20.0 References and Bibliography………………………………………...…………….…........22

Appendix 1 Clinical Document Scanning High Level process……….………...................23

Appendix 2 Sample Quality Assurance Log.…….…….………………………..…................24

Appendix 3 Training Requirements .................................................................................25

Appendix 4 NHS Constitution Checklist .........................................................................26

Appendix 5 Stakeholder and Consultation........................................................................27

Appendix 6 Due Regard Screening Template Statement ………………………..................28

Appendix 7 Data Privacy Impact Assessment...................................................................29

Page 4 of 29

Version Control and Summary of Changes

Version

number

Date

Comments

(description change and amendments)

1.0

August

2017

First draft As agreed by Document Scanning Project Board

1.0

October

2017

Final Draft for approval

2.0

April

2019

First revision – removal of procedures and updated with further BIP 0008

information following Stage 1 Audit in March 2019

3.0

March

2020

First revision following successful accreditation to British Standard 10008:

2014:1 Legal Admissibility and Weight of Evidence of Information Stored

Electronically, amendments described below:

Page

Sectio

Description of change

n/a

Removal of reference to RiO throughout including any reference to RiO specific

functionality such as naming conventions.

Front

page

n/a

Addition of a key word

Name of responsible committee amended

n/a

Update to contact details

n/a

Added & slight rewording within definition table

1.0

Slight rewording of paragraph 2 & 3

7&8

2.0

Slight rewording of bullet point numbers 2, 6 & 8

3.0

Addition to the end of paragraph 4.

3.0

Slight amendment to Policy exclusions added

4.2

Paragraph 2 slight rewording to ‘they’

4.4

Changed from Head of Data Privacy

4.6

Addition to end of paragraph

4.7

Addition to end of paragraph

4.8

Addition of paragraph at end outlining line manager responsibility to manage and

escalate issues affecting compliance

4.9

Slight amendment

5.1

Amended to reflect Trust has achieve compliance and what action must be

taken for services not meeting compliance levels required

5.2.1,

6.1

Slight reword of paragraph 2

6.4

Section added to explain in further detail how duplicate correspondence should

be managed where the addressee is different and the correspondence refers to

multiple subjects

6.5

Addition of Clinical Letters to reflect use of SystmOne functionality

6.6

Slight rewording of paragraph 1

Slight rewording of bullet point 1

Removal of naming convention (RiO only)

Slight rewording of bullet point 3 & 4

6.9

New section for system migration.

6.11

Revision to scanning timescales

6.11

Slight rewording of paragraph 3.

7.0

Slight rewording to bullet points 2, 3, 4 & 5

Page 5 of 29

7.1

Bullet point 1

Addition to paragraph 2 to include training, scanner device cleaning measures,

slight expansion on the use of long paper setting.

Slight rewording & amendment to paragraph 4 to include criminal proceedings

and scanner profile tests performed with British Standard test targets (ISO

12653).

Bullet point 2

Addition to end of paragraph 1.

New paragraph added to include safe transportation of documents for scanning;

managing items stuck to documents for scanning such as post-it notes;

separation and slight expansion for managing documents such as photocopies

and document size etc.

14-18

7.0-7.7

Reordering and slight rewording of section

Inclusion of non-conformity process

Addition of incident being recorded for non-return / non action of errors

Addition of expectation for service to check whole batch if 50%+ level of errors

found within internal check

Addition of paragraph to explain further sample checking buy Quality Assurance

team where 50%+ error level found

Addition of internal audit

Addition of monitoring

8.0

Slight rewording.

17.0

Section added for Communication.

18.0

Addition to monitoring to include action for error level over 10%, non- conformity

log ,equipment maintenance, SOP competence, internal QA checking, late

submissions, escalation of errors not corrected, reportable incidents where

documents are missing, on the wrong record or where error documents are not

corrected and returned within 4 weeks, ceasing of checking where errors

increase ≥10%.

19.0

Addition of 100% training in EPR & 10008

Appendices

Removal of appendices 1,3 – all process flow charts are available in the SOP,

only the high level process and scan log example is included in the Policy –

Appendix 1 &2.

Version 4.0

Reviewed with minor amendments to include the overarching Clinical Document

Scanning Standard Operating Procedure now in use.

For further information contact:

The LPT Clinical Document Scanning Project Team via [email protected] .

Equality Statement

Leicestershire Partnership NHS Trust (LPT) aims to design and implement policy documents that

meet the diverse needs of our service, population and workforce, ensuring that none are placed

at a disadvantage over others.

It takes into account the provisions of the Equality Act 2010 and promotes equal opportunities for

all.

This document has been assessed to ensure that no one receives less favourable treatment on

the protected characteristics of their age, disability, sex (gender), gender reassignment, sexual

orientation, marriage and civil partnership, race, religion or belief, pregnancy and maternity.

In carrying out its functions, LPT must have due regard to the different needs of different

protected equality groups in their area.

This applies to all the activities for which LPT is responsible, including policy development and

review.

Page 6 of 29

Due Regard

LPT must have due regard to the aims of eliminating discrimination and promoting equality when

policies are being developed. Information about due regard can be found on the Equality page on

e-source and/or by contacting the LPT Equalities Team.

Definitions that apply to this Policy

Batch

A set of paper documents that have been scanned onto the patient

electronic record with a usual maximum size of a week’s worth of scanned

documentation

Day Forward

Documentation created or received from a specific date onwards.

DPI

Dots Per Inch, a measure of resolution.

Electronic Storage

Storage medium or device used by an information management system to

store information.

EPR (Electronic

Patient Record)

In the Trust this refers to SystmOne. Some patients may have records in

multiple SystmOne units concurrently.

Exception

An exclusion from the usual expected process

Expungement

The process of deleting a document from the system where no evidence of

the document ever having been on the system is available

Legal Admissibility

Evidence to demonstrate that the scanned version is a true representation

of the original.

Metadata

Information regarding document structure and properties such as the

document type and size. Data regarding data.

Non Conformity

A failure in the usual conformity of the process

OCR Optical

Character

Recognition

Software technology that recognises text within documents in order to

search a database for data entry purposes

Original Document

Document from which a copy is made or from which an image is captured.

Original – definition does not mean necessarily original document as we

may have a copy of a document it means the original, paper version

Page

Single image entity, such as one side of a sheet of paper, a drawing or plan

Record

Information created, received and maintained as evidence and information

Resolution

Ability of a scanner or image generation device to reproduce the details of

an image

Scanner

Device used to capture data of a copied image into a digital file format, e.g.

PDF

Scanning

The process that converts the image of a document into a digital form, by

detecting the amount of light reflected from elements of a document into a

form that is suitable for retrieval, processing and communication by digital

computer

System

In this Policy, this always means the Electronic Patient Record (EPR)

TWAIN

A software driver to enable scanned image direct into other applications i.e.

within an EPR such as SystmOne.

Page 7 of 29

1.0. Purpose of the Policy

Although the Record Keeping and Care Planning Policy provides the overarching framework for

achieving high quality safe record keeping, it is based on the principle that the primary clinical

record is now held in an electronic format which brings many benefits to the care of the patient.

The Trust has had a phased implementation of Electronic Patient Records (EPR) with access to

trained, authorised staff only. Paper based records are outdated, impractical, unsecure and

becoming redundant in the digital era; the rise of EPR and the rise in costs keeping paper for its

retention schedule have led to the decision to scan the paper version as an equivalent digital

record and destroy. The Trust (LPT) is committed to the use of electronic document storage

which has many clinical and financial advantages over paper storage, including ease of access

and retrieval and reduction in off-site storage costs. LPT stores documentation received and

created outside of the patient EPR onto the patient’s relevant electronic patient record. LPT does

not use any other stand-alone electronic repository for the storage of patient records to ensure

clinical safety.

The Policy provides assurance to the Trust that where paper based patient records are

reproduced into an electronic version, the legal admissibility and evidential weight will not be

affected by the scanning process, by ensuring that staff undertaking the task of scanning check

the quality of every scanned image ensuring that authorised scanning capable equipment and

defined settings are used. The policy provides guidance to ensure the authenticity, integrity and

legal admissibility of scanned information as per the British Standard 10008:2014 requirements

for BIP 0008-1 Code of Practice Legal Admissibility and Evidential Weight of Information Stored

Electronically.

This Policy is Trust wide and must be adopted with the Standard Operating Procedure (SOP).

The SOP will detail all processes required. This Policy defines the system of processes to be

adhered to when scanning clinical documentation onto the EPR. The Trust has one EPR in use

in scope of this policy and this policy should be reviewed with the Record Keeping and Care

Planning Policy, Information Security Policies and Information Lifecycle and Records

Management Policy.

2.0. Summary and Key Points

The aim of this policy is to ensure that the following objectives are met:

 Records are available when needed – all documentation received or created by the

service must be scanned and uploaded in line with the Trust’s Record Keeping Policy.

Similarly any emails or electronic information such as electronic referrals should be

uploaded within the same time frame;

 Records can be accessed – all information is readily available and readable for those

clinicians who need to access it for patient care;

 Records can be interpreted – the context of the record can be interpreted: who created

or added to the record and when, during which business process, and how the record is

related to other records;

 Records can be trusted – the record reliably represents the information that was actually

used in, or created by, the business process, and its integrity and authenticity can be

demonstrated;

Page 8 of 29

 Records can be maintained through time – the qualities of availability, accessibility,

interpretation and trustworthiness can be maintained for as long as the record is needed,

perhaps permanently, despite changes of format;

 Records are secure – from unauthorised or inadvertent access, alteration or erasure, that

access and disclosure are properly controlled and audit trails will track all use and

changes. To ensure that records are protected and held in a robust format which remains

readable for as long as records are required;

 Records are retained and disposed of appropriately – using consistent and

documented retention and disposal procedures, which include provision for appraisal and

the permanent preservation of records with archival value; and

 Staff are trained – so that all staff are made aware of their responsibilities for record-

keeping and record management processes described in this policy and under statute:

The General Data Protection Regulation and Data Protection Act 2018;

 Staff understand that it is their responsibility to scan in accordance with this policy

and how to escalate any issues and the implications and ramifications of non-conformity,

which may be dealt with under the Disciplinary Policy and Procedure;

 Staff understand that it is their responsibility to check every document that is

scanned and to use a scanner which is authorised for such purposes.

Within LPT, the task of scanning onto clinical records will be undertaken within each relevant

clinical service providing care for the patient. The scanned documentation will be submitted to

the Clinical Document Scanning Quality Assurance Team for independent Quality Assurance

checking as defined within this policy. The objectives will be measured via the production of

figures presented in monthly reports as described in section 7.9 Reporting on an ongoing basis.

The Clinical Document Scanning Team manage the scanning system processes, however,

assistance for technical support with IT equipment/hardware and software (including the EPR)

should be sought from the Leicestershire Health Informatics Service (LHIS) through the Service

Desk.

3.0. Introduction

Where scanning is used the main consideration is that the information can perform the same

function as the paper counterpart did and, like any evidence, scanned records can be challenged

in a Court. This is unlikely to be a problem provided it can be demonstrated that the scan is an

authentic record and there are technical and organisational means to ensure the scanned

records maintain their integrity, authenticity and usability as records, for the duration of the

relevant retention period.

If this is a record type which must or may be selected and transferred to a place of deposit, the

place of deposit should be asked whether they wish to preserve the hard copy and/or the scans.

If the hard copy is retained, this will constitute ‘best available evidence’ for legal purposes, rather

than the scanned copy.

The legal admissibility of scanned records, as with any digital information, is determined by how it

can be shown that it is an authentic record. An indication of how the Courts will interpret evidence

can be found in the civil procedure rules and the Court will decide if a record, either paper of

electronic, can be admissible as evidence.

The standard, ‘British Standard 10008 Electronic Information Management - Ensuring the

authenticity and integrity of electronic information’, specifies the method of ensuring that

electronic information remains authentic. The standard deals with both ‘born digital’ and scanned

records.

This Policy refers to scanned records under British Standard 10008:2014 – BIP 0008-1.

IGA Records Management Code of Practice for Health and Social Care 2016

Page 9 of 29

This policy applies to ‘day-forward’ scanning only and does not refer to the scanning of historical

records or corporate records. Under this policy, all information relating to the care of a service

user, received or created outside the EPR, is required to be scanned in order to be added to the

EPR across all clinical services in the Trust.

Exclusions from this policy are:

 Complaints from service users

 Patient Advice Liaison Services

 LPT Incident report documentation

 Corporate services

 Police National Computer (PNC) outputs

 Medical Records from other organisations

As this information should not be uploaded to the patient healthcare record.

This Policy applies to the scanning of paper based information onto the clinical record; it does not

apply to the electronic transfer of information.

4.0. Duties within the Organisation

The Trust Board has a legal responsibility for Trust policies and for ensuring that they are

carried out effectively.

Trust Board Sub-committees have the responsibility for ratifying policies and protocols.

4.1 Chief Executive

The Chief Executive has overall responsibility for Information Governance within the Trust.

4.2 Caldicott Guardian

The Trust Caldicott Guardian is the Medical Director. They hold the responsibility for

safeguarding the confidentiality of patient information and will oversee the arrangements for the

use and sharing of patient information.

4.3 Senior Information Risk Owner (SIRO)

The Trust SIRO has responsibility for coordinating the development and maintenance of

information risk management policies, procedures and standards for the Trust.

4.4 Data Protection Officer

The Data Protection Officer has responsibility for ensuring policies are in place for the protection

of staff, patient and sensitive organisational information.

4.5 Document Scanning Change Lead

The Document Scanning Change Lead has a responsibility to ensure that the all relevant

scanning activities within the Trust comply with British Standard 10008:2014 and any other

appropriate legislation, through the provision of policy, guidance and instruction to staff who scan

clinical documentation and provide advice where required and manage any external audits.

4.6 Divisional Directors and Heads of Service

Divisional Directors and Heads of Service are responsible for ensuring that appropriate standard

operating procedures are in place to support and ensure that the scanning of information within

their responsible areas are undertaken in line with this policy to ensure the Trust retains

compliance with British Standard 10008:2014.

Page 10 of 29

4.7 Senior Managers

Senior managers are responsible for ensuring that this policy and any supporting policies,

standard operating procedures and guidelines are built into local processes and ensure

maintenance of compliance to ensure the Trust retains compliance with British Standard

10008:2014.

4.8 Line Managers

Line Managers are responsible for ensuring that all staff involved in the scanning of clinical

documentation are fully aware of this policy and their individual responsibilities. Managers must

ensure that staff have undertaken appropriate training to gain access to the EPRs. Managers

must ensure that the staff they are responsible for, who are required to scan clinical documents

as part of their role, undertake the Clinical Document Scanning Training and pass the

assessment before they scan onto a patient record. Managers must ensure the standard

operating procedures are followed in line with this policy and the training competency is

completed and signed off. Line managers ensure access to the EPR is only granted via

Smartcard technology, by an approved Registration Authority Sponsor, once training for the

relevant system has been completed. No access is granted prior to training, this ensures that

electronic identity can be applied to a document’s addition to the EPR. It is line managers’

responsibility to ensure that the staff member is competent in both use of the EPR and Clinical

Document Scanning. Line managers are responsible for ensuring that their services are

achieving the required action and any subsequent measures required such as escalation of

issues to senior managers, the retraining of staff etc. Line managers are responsible for local

process risk assessments with support from the Clinical Document Scanning Team to ensure the

Trust retains compliance with British Standard 10008:2014. Following scanning training (LHIS &

Theory on ULearn staff must be signed off and deemed competent locally with local scanning).

4.9 Staff (including Students on placement)

All staff, whether permanent, temporary or contracted, who scan clinical information into patient

records should be fully aware of their roles and responsibilities for the secure scanning of clinical

information and for ensuring that they comply with these on a day-to-day basis. They are

required to complete the Clinical Document Scanning Training via U-Learn and pass the

assessment before scanning onto a patient record to ensure the Trust retains compliance with

British Standard 10008:2014.

5.0 Legal admissibility

Legal admissibility is a core Records Management principle and if a document is scanned it must

be a true representation of the original.

Proving the authenticity of a scanned document is crucial if required as evidence in Court and

that any document scanned into or uploaded has not been changed since the time of its storage.

For example, a referral letter received by post which is scanned and uploaded to the EPR via a

folder on the network is a true representation of the original providing the appropriate processes

and quality measures were undertaken when creating the scanned image.

The organisation has a duty to ensure documents created or scanned, stored and migrated

through electronic systems meet the evidential weight as outlined in the Civil Evidence Act 1995

to ensure Legal Admissibility should a Court require it.

Compliance with this procedure does not guarantee legal admissibility. It is possible to maximise

the evidential weight of a record/ document by setting up authorised procedures and being able

to demonstrate in Court that those procedures have been followed, to ensure the best possible

evidence can be produced in case of Court proceedings.

Page 11 of 29

5.1 Retention of original documentation

Services that do not meet the requirements of British Standard 10008:2014 will be required to

ensure their paper copies are retained for respective retention periods; services adhering to

British Standard 10008:2014 and meeting Trust objectives will have their paper copies securely

destroyed following a short retention period (unless exemption from destruction applies refer to

section 7.11).

5.2 Legal Implications

The main risk to the Trust, if scanning is undertaken without consideration and

implementation of this policy and its requirements, is that the Trust will not be able to prove the

integrity of the EPR and that all EPRs may be dismissed as hearsay and therefore not be used

as evidence within a Court of Law, Tribunal or Case Review.

The Trust will be required to produce authenticated outputs from the EPR where records are

requested and the paper copies have been destroyed.

6.0 Technical requirements

6.1 System size limitations

Documents fewer than 5 MB in size in scanned format can be uploaded as one document to the

EPR (SystmOne). There may be a short delay in some EPRs when retrieving documents greater

than 1.5 MB in size.

Where one document breaches the system size limitation for upload, it is permissible to scan and

upload the record in defined sequential parts ensuring the format Page X of Y is used e.g., Part 1

of 3, Part 2 of 3 etc.

6.2 Use of OCR (Optical Character Recognition) software

OCR technology may be installed and enabled within the EPR for certain functions within the

system however, due to accuracy concerns and associated risks, the Trust does not allow the

use of OCR technology within patient records including when uploading documents.

6.3 Colour Documents

 The following documents must be scanned in colour:

Psychiatric Observations / ECG’s / Prescription cards / DNR sheet / Track & Trigger /

NEWS

This list is not exhaustive; please refer to the local SOP or request a clinical decision if required.

Copies of prescriptions do not need to be in colour.

6.4 Duplicate letters

Where duplicate letters e.g., carbon copy letters to different MDT members, are being added to

the patient record, either on a single record or shared records, please refer to the services

operational process for managing this. Letters addressed to different clinicians (even where the

letter content is the same) are not duplicate letters and should be uploaded to the patient record.

Documents that have not been scanned should not be submitted for QA check.

Page 12 of 29

Where duplicate letters are for multiple patients i.e., siblings, the relevant number of copies

should be taken then the patient NHS numbers and name as minimum 3 items added to each

relevant document and uploaded to the correct record. Information should not be obscured as

per record keeping standards.

6.5 Letters

Administrative Letters

Letters of this nature, which do not require a clinical signature (or electronic audit) i.e., an

appointment letter, must be created via the EPR and directly saved back into the EPR by the

administrative author.

Clinical Letters

Letters of this nature, which do require a clinical signature (or electronic audit) i.e., an

assessment letter, these can be drafted by administrative staff and saved as a draft, the clinician

can then review and save as final within the EPR.

6.6 Indexing and Metadata

An electronic documents’ metadata may contain information about how long the document is,

who the author is and when the document was created. Metadata is held in the background of

the system and therefore may not be visible to front end users of the system. Some metadata is

entered by the user onto the system at the point of adding the document to the patient record,

such as:

 Document type

Pre-defined pick lists of available options are contained within the EPR and the user must select

a document type when adding the scanned image to the patient record. Document types are

clinically agreed prior to adding to the live EPR.

 Document date

Appropriate document dates must be entered when the document is uploaded by selecting the

appropriate date from the EPR system’s calendar. The date may vary according to the content

and nature of the document. The following should be observed:

 Document contains clinical intervention date e.g., an Outpatient letter from another hospital:

the date of the clinical intervention is to be used

 If there is no clinical intervention date i.e.,’ This patient was reviewed recently’ then the date

of the letter/document is to be used.

If there is neither then the date stamp received or created by the Trust will be used.

If there is no clinical event i.e., an appointment letter, this is to be dated the date of the

letter. Future dates cannot be entered into the EPR.

Service exceptions must be raised with the Clinical Document Scanning Team.

 Document Author

This must be entered as the author of the document. If this is external and is not known, then

‘unknown’ must be entered. Where there are multiple authors i.e., observation forms completed

within an inpatient environment, the name of the ward / home must be used.

Page 13 of 29

SystmOne has 2 areas to store items that may not have been created within the EPR:

Communications & Letters and Record Attachments. The following guide must be observed:

6.7 Communications & Letters

This is to be used to store correspondence and documents.

6.8 Record Attachments

This is to be used to add other file types to the patient record, such as images and medical

device output files.

6.9 System Migration

Where EPRs are transferred or replaced, or a legacy system is introduced, steps must be taken

to ensure that the original metadata is protected and not altered in any way to ensure digital

preservation. System upgrade User Acceptance Testing (UAT) must include any implications to

the storage of scanned documentation. A risk assessment must be completed to ensure all risks

are documented and controlled.

6.9 Compression

Compression settings should only be used where there is no loss of information to the scanned

version of the document, i.e., lossless compression, which does not remove any aspect of the

image. LPT does not use any compression settings other than what is already defined in the

scanner profiles to avoid any loss of document / information integrity / outside acceptable limits

6.10 Temporary storage of scanned or uploaded documents

Where the document cannot be scanned straight to the EPR (Non-TWAIN complaint) i.e., where

the document is too large for a desktop scanner to be scanned using TWAIN driver), a folder

must be created within the department/service’s network Drive folder; this will be used to

temporarily store the scanned documents. If one of the Trust’s Multi-Function Devices (MFD) is

used, these are defaulted to scan to the email address associated with the staff member’s

Managed Print Service (MPS) badge or can be set to scan to a secure folder

Once the document has been uploaded the scanned image must be removed from the

drive/scanner or email account that the scan was sent to. Staff must not retain any scanned

image once it has been successfully uploaded, this will reduce the risk of duplication and ensure

start to finish completion of the process. The scanned document must be uploaded to the service

user’s health care record as soon as is practicably possible after it has been scanned.

These topics are covered in the Clinical Document Scanning Training which is mandatory for staff

required to scan onto healthcare records as part of their role.

6.11 Scanning Timescales

Scanning of clinical documentation should occur within clinically risk-based timescales that will be

agreed and implemented locally. Complete documents should be scanned onto patient records

unless clinical need necessitates partial documents to be scanned.

Depot / medication cards should be scanned once the card is complete, medication is changed/

discontinued, or the patient is discharged; whichever is sooner.

DNAR (Do Not Attempt Resuscitation) forms should be scanned upon patient discharge, with a

photocopy of the original form forwarded to the Quality assurance Team, as the original must

accompany the patient to their onward destination.

Page 14 of 29

7.0 Scanning and Quality assurance Processes

The processes required to comply with British Standard 10008 will include the following stages:

 Preparation to Scan (including training)

 Scanning

 First Level Internal Quality assurance – Quality Control

 Second Level Internal service Quality Assurance Checks

 External Quality Assurance Checks

 Rescanning

 Audit

Flowcharts for each process can be found within the SOP.

7.1 Preparation to Scan

Once staff members are trained in the EPR & associated scanning functionality, have

successfully completed, and passed the U Learn training session for Clinical Document Scanning

and have completed the SOP Competency, scanning can commence.

 Scanning equipment

Only Trust approved scanning equipment must be used. Staff will have access to a desktop

scanner or Multi-Function Device (MFD). The use of the LPT scanning profiles is mandated for

desktop scanners, other scanning devices e.g., Multi-Function Devices (MFDs) scanning

guidance must be followed.

Scanning equipment must be regularly cleaned, maintained, and tested as per service

agreements and any issues must be reported to the LHIS Service Desk. Desktop scanners

should be cleaned monthly by users or as required according to the manufacturer specification

and cleaning records should be maintained. Cleaning guidance can be obtained from the Clinical

Document Scanning Team. MFDs will be maintained in line with SLA’s.

The procurement of scanners must always be completed via the Trust’s ordering process.

Only Trust approved scanning profiles must be used, as they enable documents to be scanned

and stored in an unchangeable format, users’ software does not allow changes to be made to

document once it has been scanned. Staff found using software to edit scanned documents will

be subject to action under the Trust Performance policy and relevant information security policies

and statue where relevant for criminal proceedings. The Trust scanning profiles have been

tested with test targets from British Standard ISO 12653 to evaluate the quality of outputs from

the scanner.

The relevant SystmOne gateway must be in use within the relevant unit being scanned onto the

on the local network that the scanning is being undertaken from.

Page 15 of 29

 Document Preparation

Staff must ensure that each page for scanning is examined and properly prepared as described

in the Preparation of Documents Prior to Scanning flowchart in appendix 1 to ensure that as

high a quality image as possible is obtained. Staff must follow standards to include the following

information as a minimum: DOB, Patient name and NHS number. The Staff member must

check the document before adding to the patient record on the EPR; this is the stage that the

scanning operative assures that the scanned documents are a true, accurate and complete

copy of the original.

Staff must ensure that prior to scanning; documents are transported safely and securely by

using appropriate methods i.e., a box file to minimise the risk to the original document’s

integrity. Any documents presented for scanning with temporary notes (such as a Post It note)

must be returned to the clinician for removal. It is not appropriate to scan documents with such

items attached. Where this is not possible, the document should be photocopied (using the

flatbed) and scanned, then the temporary note removed, and the document scanned without the

post it note. The temporary note should be re-attached to the document for submitting to the

Clinical Document Scanning Quality Assurance Team.

Documents that are photocopied prior to scanning i.e., the patient has taken the original after it

was scanned and we have retained the copy; the photocopy must be marked ‘copy’ to indicate

that the scan is a scanned photocopy of the ‘original’ version.

Documents must be scanned at their original size e.g. A4, A3 etc. Long paper such as ECG

traces can be scanned via the desktop scanners, please seek support from the LHIS Service

Desk if required to ensure that the ‘long paper’ setting is enabled on applicable scanners.

7.2 Scanning

Staff must ensure they check every scanned image of the original document once they have

scanned it onto the service user’s record. Staff must use a Trust approved scanning device set

to an authorised profile.

 Non-Conformity

Where the scanning process is interrupted or cannot be completed for example, a document is

removed from the batch after it has been scanned as a clinician requests the document before it

is sent for QA or a technical issue arises part way through scanning; a non-conformity log (with

rationale) must be completed and attached to the relevant documents and submitted separate

from the batch to ensure compliance with British Standard 10008:2014.

 Exception reporting

Where a good quality scan cannot be achieved following 3 attempts using the defined guidance

(if for example, the original is of a very poor quality), an exception report must be sent with the

document to the Quality Assurance Team separate from the weekly batch. These documents will

not be counted as part of any batch. This is to ensure that these are logged and risk assessed for

any acceptable limits of information loss or retained. Documents that are not accepted as an

exception will be returned to the service for rescanning as appropriate.

 Submission of batches

o Weekly batches of original scanned documentation must sent to the Quality assurance

Team within double envelopes/tamper proof envelopes / approved secured and

tagged transportation crate, labelled with the service name, relevant SystmOne unit

name and scanned date range of documents. A tracking transit form must be used

and this will provide a receipt from the collecting porter. Empty boxes (where in use)

will be returned to the services once they have been processed.

o Batches of scanned documents sent later than 2 weeks must be submitted with a

100% internal quality check. Batches received after this time affect local error

correction rates and can affect the Trust adherence to British Standard 10008:2014.

Page 16 of 29

o Do not mix batches of uploaded documents to different SystmOne units or mix/add to

documentation returned for re-checking with fresh batches.

 Scanning Guidance

A simple guidance procedure flow chart can be found at Appendix 1. This may be laminated

and used as an aide memoire to assist when scanning/uploading documents. Further guides

are available on the Intranet and within the SOP

7.3 First Level Internal Quality Assurance

Staff must ensure that once a document has been scanned:

 The document has been uploaded to the correct patient record

 The same number of pages has been scanned and all are the correct orientation to the

original (please note, the orientation of blank pages does not matter).

 All pages are legible

 The clinical intervention date is entered as the document date, not the date the document

is scanned

 Documents must not be scanned with items such as Post It notes in situ

 The scan is an exact replica of the original paper document

 All documents must be scanned straight and the whole of the document needs to be

visible, with nothing missing or covered / obscured on the scanned document.

 Both sides of a page must be included even if the second side of the document is blank –

blank pages / sides must not be deleted.

 Documents must be scanned in colour where coloured text, marks or diagrams made on

documentation provide a record of clinical care to the patient or holds clinical worth

(includes documents on coloured paper).

This list is not exhaustive - further reasons that a document will fail the quality assurance

process can be found within the SOP.

Once a document is scanned it should not be reprinted for clinical purposes, with the exception

of outside agencies / transfer to other Trusts or a Subject Access Request.

7.4 Second Level Quality Assurance Checks

Services must carry out an internal quality check on a random sample of batched documents

against their scanned images on the EPR

Internal service Quality Assurance Checks are a valuable tool in ensuring the service adheres to

processes described in this policy and issues are identified and rectified service level. It also

allows team and service level performance monitoring. Managers or peers will perform Quality

Assurance checks for 5 – 20% of batches according to service performance. This will be

increased where high error rates are prevalent. This should occur before the batch is sent to the

central Quality assurance Team for checking in line with British Standard 10008:2014 compliance

The Staff member performing the internal Quality Assurance Checks will select a random sample

of the batch and check the paper version against the scanned image. If the image does not

match the paper version then the internal Quality Assurance log must be completed as per the

process (available in the SOP) and the document must be removed and rescanned where

applicable. If errors over 50% are discovered within the local Quality Assurance check, the whole

batch must be checked within the service.

Supplementary training is available for staff undertaking Internal Audit Checks on request from

the Clinical Document Scanning Team. The documents selected for an internal check must be

separated from the rest of the batch and clipped to the log sheet then placed on top of the rest of

the batch being submitted.

Page 17 of 29

7.5 External Quality assurance check

The Clinical Document Scanning Quality Assurance Team will carry out authorised checking

processes on the batches of scanned original documents received before either retaining the

documents in line with the relevant records retention schedule or until secure destruction can be

undertaken.

The Quality Assurance team have ‘read only’ access to the EPR; this is the required level of

access for the role as the team do not make amendments to the patient record. The Quality

Assurance team assess the scanned quality by viewing the uploaded document on the EPR

against the original or copy (where indicated) paper version.

 The quality assurance check describes the processes, controls and records that the service

will put in place to provide assurance that the quality assurance processes are sufficient to

successfully catch and therefore remove scanning defects. This does not check

documentation for clinical completeness. This will be undertaken by the Clinical Document

Scanning Quality Assurance team to assure confidence in the quality control process and to

ensure that all pages are legible, the same amount of pages have been scanned and they are

exact replicas of the originals. The amount of scanned documentation selected for Quality

Assurance checks will be calculated on a risk-based approach and will vary according to

performance. The second level checks will be stepped up as required in consultation with

service leads. Random increases will also be initiated.

 The Quality Assurance check will also ensure the correct document category is used when

saving the document to the patient record to ensure swift clinical retrieval upon review of the

patient record.

 The Quality Assurance check will be viewed on the EPR under normal viewing conditions as

per the technical specification installed by the Leicestershire Health Informatics Service.

 The Quality Assurance team index all batches received into the team to ensure appropriate

tracking of clinical documentation.

 Where a 50% or greater error rate is found within the sample being checked, a further sample

will be taken for checking. Where this further check results in another 50% or greater error

rate; the whole batch will be returned to the service with the error log for correction and

internal check of the batch remainder. This must then be resubmitted with an internal quality

assurance check for the batch remainder.

All new services submitting documentation to the Clinical Document Scanning Quality Assurance

Team will commence at 100% second level checking with reductions following satisfactory audit

of check results over an initial 4 week period. The check involves a minimum sample of 20% of

the batch up to a maximum of 100%, with a mid-way reduction to 50%. Any services not

meeting the requirement maximum error correction rate of 10% and below will not form part of

the Second level Quality Control checking process until this rate can be achieved.

 Second level quality control checks should be undertaken and returned for re-scan or

archived within one month. Where this cannot be achieved, services will be informed.

 Training will be provided for staff that perform second level Quality assurance.

 Quality control sheets are completed for every checked batch and must be retained for

audit purposes (see appendix 2)

 Documentation that does not meet the Quality standards will be returned securely to the

service via the portering service, which is tracked with a Quality Assurance control sheet

which details the error(s).

 Errors that are not rectified after the second return will be raised with the Clinical

Document Scanning manager for further review to be raised with the team / services’

manager where applicable.

Page 18 of 29

 Documentation that has been uploaded in error / to the wrong record will require removal

and adding to the correct record where applicable. An incident will be opened for these

occasions.

 The sample size of checks performed will be from a risk based approach.

 Returns that remain outstanding after four weeks will result in an incident being opened

and the batch remainder will be archived without the outstanding error documents.

7.6 Rescanning

Where the scanned image does not meet the requirements the service must correct the error

which may include re scanning the document, taking appropriate action to avoid the issue from

reoccurring. Staff undertaking scanning must ensure that the results meet Quality Assurance

requirements. Only staff with the appropriate access can remove a document from the system;

for SystmOne this is ‘marked in error’ but the document remains accessible within the deleted

items node, which staff with an enhanced access role can access. Changes made to documents

after upload are held within the audit trail within the EPR. Examples of the types of issues that

would result in a rejection during Quality Assurance checks can be found within the SOP.

The original document and the completed, signed scanning error log sheet must be returned

signed to the Quality Assurance team once rescanning is complete and the error has been

removed / rectified.

The batch must not be added to once it has been processed for the first time by the Scanning

Quality Assurance Team. If any documents are removed from the batch i.e. as they should not

have been added to the patient record, this must be indicated in the appropriate column on the

scan log sheet to account for the variation in the batch number once it is returned to the Scanning

Quality Assurance Team. Staff members must ensure that the Scan Error log sheet is

appropriately completed and signed to comply with audit requirements.

7.7 Audit

 Internal

The identity of the staff member who was logged onto the system when the document was

scanned is held within the EPR within the system audit. The service will need to provide

assurance that appropriate procedures are in place to provide evidence that a scanned image is

an accurate and unchanged copy of the original and therefore maintains its integrity.

Internal audit of quality assurance checks performed by the Clinical Document Scanning Quality

Assurance team occur monthly to ensure that processes as described by this Policy are adhered

to within the team.

The procedure and processes will be audited annually to ensure that procedures are being

observed as per the requirements of British Standard 10008:2014. These audits will be

undertaken by the Clinical Document Scanning Team and reviewed by the Head of Service.

 External

External audit undertaken by the British Standards Institute (BSI) will occur within selected

services to ensure the Trust retains certification under British Standard 10008:2014.

8.0 Monitoring and reporting

Team level error correction figures will be provided on a monthly basis to relevant managers and

performance charts will be provided at Trust Level. Services are expected to provide assurance

Page 19 of 29

for the management of their relevant correction errors. Areas of non-compliance will be

investigated to uncover the cause of any issues. Managers are expected to take the appropriate

action under the Trusts Performance & Conduct policy where these issues prevail as a direct

causation of the scanning errors and staff are accountable for this. Errors made within the

Clinical Document Scanning Quality Assurance Team will be provided on a 6 monthly basis.

Data for any incidents opened by the Clinical Document Scanning Team will be provided to

relevant managers / meetings on a quarterly basis.

9.0 Retention

All original documentation will be retained and archived in date boxes once quality control checks

have taken place until destruction (exclusions to destruction are documents relating to

Huntingdon’s or other archival value, research consent forms that must be retained by R&D team

or where litigation is suspected or any other documentation that the Trust deems appropriate to

retain). All destruction is based on risk assessment.

10.0 Risks

A Risk Log describing all relevant risks and the required action will be held on the Clinical

Document Scanning intranet page. Risks will be recorded on the Trusts’ risk management

software, Ulysses, as appropriate. Local services will undertake regular local process risk

assessments and share these with the Clinical Document Scanning Team.

11.0 Disaster Recovery / Business Continuity

If the EPR is unavailable then the service must follow their local Disaster Recovery Plan. Any

documents created during the system being unavailable must be added to the patient record as

soon as is practically possible following system reestablishment.

If clinical entries cannot be made within timescales then an incident report must be completed.

This may mean the retention of some patient documentation on site e.g. Emergency Grab

sheets, patient demographics as indicated by the services emergency plan. These can be held

securely in red temporary file folders.

12.0 Mental Health Act Documentation

The existing processes for Mental Health Act related paperwork must be continued. MHA

paperwork must not be sent to the central Quality assurance Team.

13.0 Working files

Any assessments that may take more than one clinical contact to complete may be securely

fastened and stored in individual labelled red temporary files, until the document is complete and

can be scanned in entirely. It is expected that as a minimum, a clinical entry will be made within

the EPR which will reference the assessment being undertaken / a summary of the appointment /

scan in the partially completed assessment if it is of clinical value to the patient / other clinicians

at that point – as per clinical judgement. Once completed the red files can be de-badged and re

used for another patient.

Page 20 of 29

14.0 Art/therapeutic materials

Images of these can be scanned onto the EPR with patient consent or keep partially completed

items in the red file. Upon the patient’s discharge, give the document back to the patient unless

they request it is destroyed. Enter an entry onto the EPR detailing patient decision to take back or

rationale to destroy the item.

15.0 Copyright materials

Where copyright explicitly prevents the storage of completed material / documentation, alternate

storage arrangements must be sought from the Head of Data Privacy or Data Privacy Manager.

16.0 Training Needs

All staff required to scan clinical documentation onto clinical records are required to undertake

Clinical Document Scanning Training via the Trusts e-learning platform. This session ensures

that staff are fully aware of the principles of this Policy and the processes to be adhered to when

undertaking the task of scanning onto clinical records. This training is a one-off session, to be

repeated where there are performance issues, a change in post or following return to work after

long term absence, as required by management. Records of attendance at training sessions and

assessment outcomes will be requested from the workforce team by the team manager. Local

managers must ensure that staff members are competent by completing the SOP competency

framework and ensuring that local internal quality assurance checks are undertaken.

Training in EPR functionality will be provided by the Leicestershire Health Informatics Service

(LHIS) to ensure that staff required to scan onto the EPR as part of their role are fully competent

in the use of the functionality. Quick Reference Guides are available as aide-memoirs for the

technical aspects of the EPR.

17.0 Communication

Regular communications will be distributed by the Clinical Document Scanning Team via the

intranet, newsletters, meetings with services/teams, error correction figures are submitted to

teams / team managers. There is representation by the Team at forums such as the Data

Privacy Committee (who the team report into) and IM&TDG in addition to the distribution of

incident data and recording of any risks on applicable systems.

Page 21 of 29

18.0 Monitoring Compliance and Effectiveness

Ref

Minimum

Requirements

Evidence for

Self-

assessment

Process for

Monitoring

Responsible

Individual /

Group

Frequency

monitoring

P11

Weekly batches of

scanned

documentation

Section 7

Audit

LPT Scanning

Team

Monthly

P11

Minimum check of

20% following

reduction from

100% & 50%

second level check

Section 7

Audit

LPT Scanning

Team

Monthly

P14

Policy understood,

SOP & competency

locally completed for

each staff member

Section 7.1

SOP &

Competency

sign off

Line Managers

As required

P14

Audit

Section 8

Audit

LPT Scanning

Team / Line

Managers

3 monthly

P15

Staff checking paper

documentation

against the scanned

copy

Section 7

Quality

assurance

LPT Scanning

Team

Monthly

P15

Testing of

equipment

Section 7

Testing

Staff member

6 monthly

P15

Maintenance of

equipment

Section 7.1

Cleaning &

testing

Staff member

Monthly

P15

100% internal check

for submitting

batches over 2

weeks late

Section 7.2

Staff member

Line manager

Weekly

P16

Non Conformity Log

Section 7.2

Reporting of

process

interruptions

Staff member

As required

P16

Internal QA

checking

Section 7.4

Monitor

errors locally

Line Managers

Weekly

P17

Ceasing external

QA checks where

errors creep up to

≥10%

7.5

Clinical

Document

Scanning

Team

Clinical

Document

Scanning Team

Monthly

P17

Services to achieve

10% or less error

correction rate

Section 7.9

Self audit,

receipt of

Error

Correction

Figures

Line Managers

Monthly

P18

Audit

Section 7

Audit

LPT Scanning

Team

Monthly

Page 22 of 29

Ref

Minimum

Requirements

Evidence for

Self-

assessment

Process for

Monitoring

Responsible

Individual /

Group

Frequency

monitoring

P18

Reportable incident

where documents

are missing,

uploaded to the

incorrect record or

error documents are

not returned within 4

weeks

Section 7.5

Clinical

Document

Scanning

Team

Clinical

Document

Scanning Team

As required

19.0 Standards/Performance Indicators

TARGET/STANDARDS

KEY PERFORMANCE INDICATOR

All Trust staff should be aware that the

organisation performs comprehensive

System access audit trails on a regular basis.

100% of system access audits provide

evidence of legitimate and authorised

access only.

Adherence and retention of accreditation to British

Standard 10008:2014-1 Legal Admissibility and

Weight of Evidence of Information Stored

Electronically

Internal audit

Local error correction figures

External audit by British Standards

Institute

All staff undertaking Clinical Document Scanning to

be trained in both system & 10008 processes

100% of staff to be trained

20.0 References and Bibliography

This policy was drafted with reference to the following:

 Code of Practice for Legal Admissibility and Evidential Weight of Information Stored

Electronically (BSI 2014)

 IGA Records Management Code of Practice for Health and Social Care 2016

 The Civil Evidence Act 1995

 Confidentiality: NHS Code of Practice

 The General Data Protection Regulation and Data Protection Act 2018

 The Electronic Communications Act 2000

 The Computer Misuse Act 1990

Page 23 of 29

Staff member trained in all required

areas, completed competency

framework*

Scan and process within EPR*

Perform check of own work referring to

training, policies & processes

Internal QA check (NOT

performed by the scanner

operative)*

Submit for external QA check within a

week of scanned (submitted later than

2 weeks requires 100% local check)*

Clinical Document

Scanning QA team

receive*

Clinical Document Scanning

QA team perform QA

check*

No errors found *

Archived by Clinical Document

Scanning QA team for secure

destruction *

Returned for corrective action*

Correct errors(if the error

documents are not resubmitted

by 30 days –an eIRF is opened)*

Clinical Document Scanning Quality

Assurance Team responsibility

Service / Team responsibility

Errors found *

Escalate to local line manager if

errors are not resolved after 2

returns –local management action

required

Implement document

scanning

Clinical Document Scanning

High Level Process

CDS_High Level Process_v1_20200827

Errors

found

No errors

found

Colour Key

*Refer to specific process for services/team

*Refer to specific process for Clinical Document Scanning Team

Correct

errors

If scanning a

Document does not

produce a good scan

after 3 attempts –

raise as an

exception

If there is an

Interruption to the

scanning process or

a paper document is

removed post

scanning – log this

as a non conformity

Appendix 1

Page 24 of 29

Clinical Document Scanning Team QUALITY ASSURANCE Check Log

Service:

Batch date

from:

Batch date

to:

Date

Received:

Batch number:

Recheck?

If Yes -

amount for

recheck:

Total number

of scans in

batch:

Is a

Management

check

enclosed?

If yes -

management

check

amount:

Management

check %

remainder in

batch:

Amount

checked:

Check %

For completion by QUALITY ASSURANCE Team

FOR COMPLETION BY SERVICE

Document

date

yyyymmdd

Document

received

date /

date on

EPR (if

applicable)

yyyymmdd

NHS

Number

xxx xxx

xxxx

Correctly

named file

Electronic

Patient

Record

Y/N

Document

Type

(description

document)

Uploaded

to correct

patient

Y / N

Original

document

or Copy

Original /

Copy

Issues

Y / N

Issue

Details

(allows

multiple)

Comment

Document

removed

from

batch?

Y/ N

(service to

complete)

Reason

for

removal

from

batch

Date Corrected

yyyymmdd

Total Number of errors:

Error Percentage %

Checked by (Sign name):

on behalf of Scanning Quality Assurance Team

Checked by (print name):

Date:

ACTIONS COMPLETED (to be completed by Service):

Print & Sign Name

Designation:

Date:

Appendix 2

Sample Quality Assurance log sheet

Page 25 of 29

Training Requirements

Training Needs Analysis

Training topic:

Clinical Document Scanning

Type of training:

(see study leave policy)

☐ Mandatory (must be on mandatory training register)

 Role specific

☐ Personal development

Directorate (s) to which the

training is applicable:

 Adult Mental Health & Learning Disability Services

 Community Health Services

☐ Enabling Services

 Families Young People Children

☐ Hosted Services

Staff groups who require

the training:

Any staff required to scan clinical documentation onto the

EPR (Electronic Patient Record)

Regularity of Update

requirement:

As determined by line manager

Who is responsible for

delivery of this training?

Self – training available via ULearn platform

Have resources been

identified?

Yes

Has a training plan been

agreed?

Yes

Where will completion of

this training be recorded?

 ULearn

☐ Other (please specify)

How is this training going to

be monitored?

Via line managers, quarterly reports provided from the

Clinical Document Scanning Team to the services from

Workforce of staff completion

Appendix 3

Page 26 of 29

Appendix 4

The NHS Constitution

The NHS will provide a universal service for all based on clinical need, not ability to

pay. The NHS will provide a comprehensive range of services

Shape its services around the needs and preferences of individual

patients, their families and their carers



Respond to different needs of different sectors of the population



Work continuously to improve quality services and to minimise

errors



Support and value its staff



Work together with others to ensure a seamless service for patients



Help keep people healthy and work to reduce health inequalities



Respect the confidentiality of individual patients and provide open

access to information about services, treatment and performance



Page 27 of 29

Stakeholders and Consultation

Key individuals involved in developing the document

Name

Designation

Sam Kirkland

Head of Data Privacy / Data Protection Officer

Mary Stait

Data Privacy Manager

Claire Mott

Clinical Systems Change Lead – Clinical Document Scanning

Rachel Lowe

Information Request Officer - Clinical Document Scanning

Circulated to the following individuals for comment

Name

Members of Data Privacy Committee

Appendix 5

Page 28 of 29

Due Regard Screening Template

Section 1

Name of activity/proposal

Clinical Document Scanning Policy

Date Screening commenced

22/02/2021

Directorate / Service carrying out the

assessment

Finance and Performance

Name and role of person undertaking

this Due Regard (Equality Analysis)

Claire Mott, Clinical System Change Manager

Give an overview of the aims, objectives and purpose of the proposal:

AIMS:

The aim of this policy is to set out how the scanning of clinical documentation will be undertaken

within the organisation (Leicestershire Partnership NHS Trust).

OBJECTIVES:

The purpose of this policy is to ensure that standards as defined in BIP 0008 British Standard

10008:2014 are adhered to when scanning clinical documentation for the purpose of destroying

the original copy.

Section 2

Protected Characteristic

If the proposal/s have a positive or negative impact

please give brief details

Age

Positive

Disability

Positive

Gender reassignment

Positive

Marriage & Civil Partnership

Positive

Pregnancy & Maternity

Positive

Race

Positive

Religion and Belief

Positive

Sex

Positive

Sexual Orientation

Positive

Other equality groups?

Positive

Section 3

Does this activity propose major changes in terms of scale or significance for LPT? For example, is there a

clear indication that, although the proposal is minor it is likely to have a major affect for people from an

equality group/s? Please tick appropriate box below.

Yes

High risk: Complete a full EIA starting click here

to proceed to Part B

Low risk: Go to Section 4.



Section 4

If this proposal is low risk please give evidence or justification for how you reached this decision:

This policy defines the processes requiring adherence for the processing of patient clinical

documentation and the conversion into scanned images that are legally admissible.

Signed by reviewer/assessor

Date

25/02/2021

Sign off that this proposal is low risk and does not require a full Equality Analysis

Head of Service Signed

Date

25/02/2021

Appendix 6

Page 29 of 29

Appendix 7

DATA PRIVACY IMPACT ASSESSMENT SCREENING

Data Privacy impact assessment (DPIAs) are a tool which can help organisations identify the

most effective way to comply with their data protection obligations and meet Individual’s

expectations of privacy.

The following screening questions will help the Trust determine if there are any privacy issues

associated with the implementation of the Policy. Answering ‘yes’ to any of these questions is

an indication that a DPIA may be a useful exercise. An explanation for the answers will assist

with the determination as to whether a full DPIA is required which will require senior

management support, at this stage the Head of Data Privacy must be involved.

Name of Document:

Clinical Document Scanning Policy

Completed by:

Claire Mott

Job title

Change Lead

Date 22/02/2021

Screening Questions

Yes /

Explanatory Note

1. Will the process described in the document involve

the collection of new information about individuals?

This is information in excess of what is required to

carry out the process described within the document.

2. Will the process described in the document compel

individuals to provide information about them? This is

information in excess of what is required to carry out

the process described within the document.

3. Will information about individuals be disclosed to

organisations or people who have not previously had

routine access to the information as part of the

process described in this document?

4. Are you using information about individuals for a

purpose it is not currently used for, or in a way it is

not currently used?

5. Does the process outlined in this document involve

the use of new technology which might be perceived

as being privacy intrusive? For example, the use of

biometrics.

6. Will the process outlined in this document result in

decisions being made or action taken against

individuals in ways which can have a significant

impact on them?

7. As part of the process outlined in this document, is

the information about individuals of a kind particularly

likely to raise privacy concerns or expectations? For

examples, health records, criminal records or other

information that people would consider to be

particularly private.

8. Will the process require you to contact individuals

in ways which they may find intrusive?

If the answer to any of these questions is ‘Yes’ please contact the Data Privacy Team via

Lpt-dataprivac[email protected]

In this case, ratification of a procedural document will not take place until review by the Head of

Data Privacy.

Data Privacy approval name:

Sam Kirkland -

Date of approval

25/02/2021

Acknowledgement: This is based on the work of Princess Alexandra Hospital NHS Trust