Default Privacy for a Team

There are two privacy label settings for each team

• Team data - the default privacy label of data the team writes

• Team access - the default privacy labels the team can read

When PKB creates a new team in an Organisation, a single privacy label must be set for that team. This is the default privacy label that will be attached to data points added to a patient record by this team. A professional user can override the default privacy label at any time, if appropriate.

Team data

For example, a mental health service could have their default privacy set to ‘Mental health.’ When a user from that team adds a data point, such as a plan, to the patient record, the mental health privacy label will be selected by default. However, the professional can change this by selecting one of the other options, such as ‘General health’, before saving the plan. This would be useful for a mental health crisis plan that needs users with general access to see it. Once the plan has been saved, the privacy label can be changed at any time by the team who added the plan, or by the patient.

PKB recommends that the default privacy of data is “General” whenever possible. In other words, unless hiding the data is genuinely important for the privacy of the patient, the focus should be on sharing the data for the safety of the patient.

Team access

When setting up a new team in PKB, PKB can also set the teams default access to data in patient records. For example, if a team is set up with team access to ‘General health’ and ‘Social care’ when the team accesses a patient record, by default, they will be able to view any data points that have the General health or Social care labels (and would not be able to see Mental health or Sexual health data).

The patient can change what a team can see at any point, should they want to. PKB prompts the patient to review and confirm what each team can see the first time the patient logs into PKB. Here, they will see what the team gets by default but can remove those permissions, or add more.

At any time the patient can go to the ‘Sharing’ section of their record and change what privacy labels each team caring for them can have access to.

PKB recommends that the default access to data is “General” whenever possible. In other words, unless seeing more data is genuinely necessary for the care of the patient, the focus should be on preserving the privacy of the patient.

Break the Glass functionality

In an emergency situation, when a patient lacks capacity to consent (e.g. the patient is unconscious) and the professional’s clinical judgement is that the patient’s safety requires the professional to see the record, they can 'Break the Glass' which allows a professional to see a patient's record without consent, (to find out more please go to PKB’s Manual site).