The patient is the focal point for the entire PKB record; PKB puts the patient in control of all information about them, and who gets to use that information with them.
Everyone, including doctors, nurses and carers, use the Patients Know Best account with the patient because the patient gave them permission to do so. At any point, they can give more people access, increase or decrease their access level, or take away permission from those previously given access. The patient is able to initiate and participate in secure messages with any combination of members of their network at any time.
The patient is encouraged to contribute their own information to the record including tracking their symptoms, adding lab test or measurements, and filling out consultations or care plans in collaboration with their clinical team.
A patient may wish to grant access to their record to a trusted carer, enabling the carer to add other carers and professionals to the record on behalf of the patient. The carer is also able to contribute data to the record just as the patient could as well as using the Events and Messages section with the patient's team.
This is particularly common in cases where the patient is a child or has decreased capacity or technical literacy, although any patient (or professional on behalf of the patient) can add a carer.
The carer account is structured just as the patient account is; when the carer logs in they are presented with their own PKB record (which may or may not have data in or be shared with their own professionals and teams). The carer then navigates through Sharing > Friends and Family, and will then see those they care for in a list. Clicking on one of these names brings up that patient's account.
The team professional is invited, along with their colleagues in the team, by the coordinator. A team professional automatically has access to all patients sharing with the team, and any patient in the team can message any clinician in the team provided they are set as contactable. This mirrors the set up that exists with paper records, where any professional working within the team would be able to pick up and read any patient's file.
The professional is able to add other people and contribute data to the record on behalf of the patient as well as exchange secure messages with their colleagues, patients, carers and any individual professionals added to each patient record. The professional has the ability to send consultations to patients to be filled out as well as adding and editing any relevant care plans in a patient's record.
The individual professional is added to single patient accounts, rather than having access to full teams. A good example of an individual professional would be a GP who may have been added to the record by the speciality team at a hospital, a carer or indeed the patient themselves. The professional is able to work only with patients they are specifically added to on PKB, contributing data and messaging the network.
The coordinator is the first person invited to a PKB team, so they are key members and help drive successful use of the system. This ensure the right people are added to the team's PKB site. The coordinator is responsible for inviting the professionals to the team as well as the patient cohort.
The coordinator is often the most technically expert member of their team, and so coaches and catalyses their colleagues’ adoption of patient-centred PKB usage. PKB staff spend a lot of time training and helping the coordinator because healthcare professionals ask the coordinator for training and help. The coordinator also manages each team’s settings, including care plan templates, symptoms tracked and patient communication materials within the library.
The Organisation Admin is responsible for performing 3 key tasks for all patients within all teams in the organisation
- adding missing demographics
- checking for demographic mismatches between PKB and incoming HL7 feeds e.g. from the lab
- managing organisation networks
The privacy officer (PO) user in PKB is for a user who monitors and enforces correct usage by their organisation from a privacy perspective.
After logging into the PKB web site as a PO user you can disable sharing for patients that have gone through the informed consent process to prevent any user from seeing their medical record.
Privacy Officers should be tied to Information Governance (or the Data Protection Officer) in an organisation, directly, or via authority (e.g. an Executive Assistant that works on behalf of IG or DPO office and manages work streams).
This is because Privacy Officers are not meant to be purely administrative, they help a patient understand the organisations’ approach to sharing and how PKB is being utilised. PKB advise that Privacy Officers engage with the patient (either face to face or by phone), ensure the patient understands the implications of disabling sharing and how this might impact information continuity across connected care teams.
The Privacy Officer may also be required to answer specific questions regarding PKB usage within their organisation and reassure the patient regarding PKB features such as privacy labels, audit log and professionals’ access to their record. Only after this has been completed should the Privacy Officer approve Disable Sharing.
The actual process of enabling Disable Sharing can be done by an appointed administrator but the initial patient engagement and conversation should be undertaken by a suitably qualified individual. PKB advises that this individual should be well versed in patient-privacy and confidentiality matters.
The enforcement aspect associated with the Privacy Officer role within PKB arises given they are usually the designated recipient of Break The Glass reports and may look into other occurrences or reports initiated by either the patient or via standard PKB-generated reports (i.e. BTG reports) along with managing the Disable Sharing request workflow.
In most cases, the Privacy Officer will be a Head of Information Governance or Data Protection Officer. After patient-engagement has completed and the appointed individual has approved the patients’ Disable Sharing request, configuration within PKB can be managed via an appointed administrator.