Organisation Networks

Organisation networks allow multiple organisations to be joined with one another to share patient care. For example, a group of providers in a region may agree to work together to increase data sharing to provide better care for patients.

You can set up Organisation Networks to work with other providers you already share patient care with. For example, a group of providers in a city or region may agree to work together to increase data sharing to raise safety, lower costs and better care for patients. This is essential in England for Integrated Care Systems (ICSs), in Wales for health boards, in the Netherlands for provinces, and so forth.

If you do not do this, every time a professional outside your organisation tries to access the record of one of your patients, through the user interface, they must ask your organisation to provide the decryption keys. The manual authorisation is cumbersome for you, it will delay record access by days for other professionals, and the patient will not receive safe care from a shared record.

If you do this, professionals in your region can see patient data at the point of care. They only need to click a few screens to document the consent they have to see the patient's record.

What data are shared when

Networks automatically share decryption keys but not the consent for accessing data. To access the data, PKB prompts the user to get explicit consent (e.g. with the patient in clinic); document implied consent (e.g. because the patient has been referred to the team); or ask for one-time break-the-glass access (e.g. because the patient is unconscious in an emergency).

PKB stores a copy of all private keys for all the customer's patients in the customer's institution-wide private key store. No matter which team creates the patient's record, the private keys are stored by the institution, available to all teams. Each team must still get or document consent before they can access the data. This fits into an institution's existing practices for data sharing between teams.

Any employee can document that they have the right to look at a patient's record and proceed to look at the record. The audit trail and employment contracts allow the institution to follow up and punish abuse of these data access privileges and in the meantime, clinical teams can quickly see data to provide safe care to the patient.

PKB customers in a network synchronise their private keys with all other institutions in the network. Each team must still get or document consent before they can access the data. Note that this does not require new data sharing agreements between the institutions in the network – the agreements each institution has with PKB are sufficient. The initiating institution in the network must reassure itself that the newly joining members of the network have the right processes to follow up and punish abuse of these data access privileges. This feature is critical for regions using PKB as a patient-controlled health information exchange. If you would like advice on the processes and assurances you need to set up a network please contact us.

Initiating Organisation

Every network must have one initiating organisation. This initiating organisation is usually the one that signed the information sharing agreement with PKB on behalf of the rest of the network. The initiating organisation accepts new members on behalf of existing network members.

It is important to delegate to an initiating organisation because the processes have large consequences (all private keys are shared with a new member) and low frequency (new members are rarely added). So only a small number of organisation administrators can be proficient enough to do this and they must be in a single organisation.

How to set up a network

PKB can set up a network. To be added to the network, contact your PKB account manager.

Your addition must be accepted by the organisation administrator of the initiating organisation within the network. All other organisation administrators in the network are notified by email of this acceptance.

On acceptance, the private keys are exchanged between the new organisation and the accepting organisation within the network.

From that date onwards, whenever a patient's decryption key is added to one organisation in the network, it is copied to all the other organisations in the network.

Process Map for setting up a network

Organisation networks vs affiliate teams

An alternative to organisation networking is creating affiliate teams. Networks automate data sharing at scale between institutions while affiliates speed up manual data sharing on a patient-by-patient basis. Affiliation is best suited for teams who do not regularly share patient care but will occasionally refer a patient to another organisation's service.

Process for network teams

  1. Institution A and Institution B are in the same network.

  2. Patient key is coped from Institution A to Institution B.

  3. Team B1 in Institution B can find patient's record.

  4. Team B1 clicks to document consent and access patient's record.

Process for affiliate teams

  1. Institution A's Team A1 and Institution B's Team B1 are affiliated.

  2. Co-ordinator from Team A1 clicks to share a patient's record with Team B1.

  3. Team B1 can find and access the patient's record with the consent they had received from Team A1's professional.

Networked teams vs affiliated tams diagram