GDPR & Child Health Immunisation Data (CHIS)
Date sent: Wednesday 27 February 2019
To ALL BBOLMC Practices
|Issue date: 27.02.19|
The communication below was recently sent around by the BMA regarding the new electronic child health (CHIS) system being in potential breach of GDPR.
Whilst the issue is resolved, the BMA advises to not sign any new data agreements regarding the CHIS until further notice, and any practices that have signed agreements should contact the GPC directly at the email address shown below.
Electronic transfers of childhood vaccination data, potential GDPR breach
We have received reports that LMCs in the West Midlands region have received communications from their local community trust with regard to changes to the process for electronic transfer of childhood vaccination and immunisations data from GP systems to the Child Health Information Service (CHIS). We believe this issue also impacts practices in London and southwest regions and up to 3,300 practices. It is also possible that this issue may impact other extraction services; we are in the process of clarifying this.
Having received legal advice, the GPs committee is concerned that practices using the new proposed extraction system to share childhood immunisation data may be placing themselves in breach of GDPR. We have now received assurances from the local commissioners of this service that no GP practice in the West and North Midlands will be asked to sign up to this process until the matter is resolved. Our advice when being approached to sign any new data sharing agreements pertaining to changes to the CHIS in England is that no GP practice should sign up to any new extraction system until our concerns have been addressed.
Dr. Matt Mayer
CEO – Berkshire, Buckinghamshire & Oxfordshire LMC
Mere House, Dedmere Road, Marlow, Buckinghamshire, SL7 1PB
Tel: 01628 475727 – Fax: 01628 487142 – Mob: 07429 690592
Note: My role as CEO of BBOLMC is job-shared with Richard Wood. Queries may be responded to by either of us