In addition DHSSPS has recently issued guidance in respect of the legal admissibility and retention of records electronically

Transcription

1 Paper BSO 15/2011 ELECTRONIC DOCUMENT STORAGE 1. Purpose of this report The purpose of this report is to brief the Board on a proposal to move to a greater reliance on digital records for FPS payment systems and in particular the Dental, Pharmaceutical and Ophthalmic payment systems 2. Background Recent events relating to offsite storage of record have prompted a consideration by the BSO of the storage arrangements regarding its records and in particular payment claim form records in respect of some of the Family Practitioner Services. In addition, the expected cost pressures for the forthcoming CSR period requires a consideration as to how all costs can be reduced through the use of available technology. In addition DHSSPS has recently issued guidance in respect of the legal admissibility and retention of records electronically 3. Recommendation It is recommended that the Board: 1. Consider, comment and approve the paper 2. Agree the proposal that where possible 1 current payment records relating to pharmaceutical, dental or ophthalmic payments are maintained digitally subject to an initial period of six months storage Hugh McPoland Director of Human Resources and Corporate Services 21 January A Small number of manual invoices are still paid and will need to be stored. This equates to approximately 8-10 boxes per month.

2 Storage of records within the BSO and the potential move to digital storage of FPS payment documentation Introduction 1. Recent events relating to offsite storage of record have prompted a consideration by the BSO of the storage arrangements regarding its records and in particular payment claim form records in respect of Family Practitioner Services. In addition, the expected cost pressures for the forthcoming CSR period require a consideration as to how all costs, particularly Goods & Services costs, can be reduced. 2. Estimated costs 2 incurred in the storage of hard copy records are as follows: Pharmacy 22,732 PaLS 2,134 Medical 29,139 Human Resources 616 Ophthalmic 6,040 Legal 3 2,397 Dental 6,145 Finance 1, These costs are likely to change in forthcoming months as we move to a new provider and a new regional contract is negotiated by the Procurement and Logistics Service. 4. Notwithstanding the savings to be made in tender arrangements for storage costs, a further cost reduction strategy is to focus on the reduction of hard copy files and wherever possible to move to the use of digital records where appropriate. Current work processes and technology used would facilitate the introduction of digital storage for payments with almost immediate effect. This could save up to 34,917 in storage costs over the 7 year period. Substantial progress has been made in recent months to scan a number of FPS claim forms (dental/ophthalmic claims and prescriptions) and consideration can now 2 On the basis of current provider contact price 0.125per box 3 Legal are also charged storage per file per sq ft cost not included 2

3 be given to how we can comply with the requirements of all the standards and legislative instruments set out in the attached appendices and at the same time reduce our storage costs through the use of digitalised documents. 5. Hewlett Packard (HP) has advised that there is enough storage capacity (500gb) within the payment system for 3 years worth of images for dental & ophthalmic. 6. The Pharmaceutical system can hold approximately 18 months of images within the payment system and then they are archived to tape by HP. 7. Thereafter the images will need to be saved to disk or other digital format prior to disposal 4 in accordance with the disposal a schedule currently with PRONI for agreement. 8. Dental & Ophthalmic departments have scanned approximately 1,050,000 claims in the last calendar year. The Pharmaceutical department scanned approximately 20,000,000 claims in the last calendar year. The implementation of a policy to rely on digital records after six months would prevent the need to store originals off site and generate savings as set out above. 9. However, such a move to reliance on digital records requires careful consideration and the legal and governance standards are summarised in Appendices 1 and Immediately prior to the last Board meeting the DHSSPS issued a guidance note to HSC organisations on the issue of the legal admissibility and retention of electronic records.(appendix 3 refers) 11. Whilst clearly stating the records can be destroyed after being electronically scanned it sets out a number of the factors to be taken into account which include: the need to protect the evidential value of the record by copying and storing it in accordance with British Standard BIP 0008, the Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically, 4 It should be noted that DHSSPS has recently advised that no records are to be destroyed due to advice from PRONI. Further information will be provided at the Board meeting. 3

4 the need to consult PRONI in advance with regard to records which may have archival value, as the value may include the format in which it was created; and the costs of the initial and then any later media conversion to the required standard, bearing in mind the length of the retention period for which the records are required to be kept. 12. The guidance goes on to note that if a document is to be admissible in court, its authenticity must be beyond question. Whilst compliance with BIP 0008 does not guarantee legal admissibility it enables organisations to demonstrate that they are following best practice. BIP standards are set out in the DHSSPS guidance document Appendix 3 for ease of reference. 13. The Law Society has also issued guidance on this matter and extracts from it Risk are included in the DHSSPS document (Appendix 3) 14. There is a corporate risk that current hard copy records would be digitalised and then required for future legal cases where it may be necessary to present materials in court. However, in recent years there has been no experience in CSA or BSO of originals of the payment documents used for pharmaceutical, dental or ophthalmic payments being required in court and therefore it is suggested the risk of having to produce originals other than to deal with relatively immediate payment queries (6 months is suggested), is low. In other UK jurisdictions decisions have already been made to destroy hard copy FPS payment claim records after a period of six months, where a digital record is available. 15. It is therefore recommended that BSO moves to a position where; a. Whenever possible 5 current payment records relating to pharmaceutical, dental or ophthalmic payments are maintained digitally subject to an initial period of six months storage. 5 A Small number of manual invoices are still paid and will need to be stored. This equates to approximately 8-10 boxes per month. 4

5 b. originals of payment papers which are already held digitally are destroyed after a period of six months. a. Currently digital images are available as follows i. Pharmaceutical from March 2008 ii. Dental from December 2009 iii. Ophthalmic from November Following resolution of the current issues relating to the destruction of records per se, destruction of originals of these images will create an immediate saving of 1000 approx with recurring savings on a monthly basis as fewer records are placed in storage. Financial Consequences 16. In taking a phased approach to the digitalisation of paper records there will be no additional cost for the procurement of scanning machines which have already been procured and are in operation. 17. There may be a small expenditure in regard to the storage of digital images over a period of time but Hewlett Packard currently provide that storage as part of the contract and there are also appropriate back up arrangements in place. Other Considerations 18. Before finalising the decision to move to exclusive use and storage of digital versions of the FPS payment claim records after a 6 month period it is important to note that the scanning system currently ensures all images are indexed, referenced & fully traceable within the payment systems which will enable compliance with standards set out above and the requirements set out in The Lord Chancellor s Code of Practice on the Management of Records issued under section 46 of the Freedom of Information Act 2000 which states that a. The principal issues for the management of electronic records are the same as those for the management of any record. They include, for example the creation of authentic records, the tracking of records and disposal arrangements 6. 6 Source PRONI 5

6 b. Effective electronic record keeping requires i. a clear understanding of the nature of electronic records; ii. the creation of records and metadata necessary to document business processes: this should be part of the systems which hold the records; iii. the maintenance of a structure of folders to reflect logical groupings of records; iv. the secure maintenance of the integrity of electronic records; v. the accessibility and use of electronic records for as long as required (which may include their migration across systems); vi. the application of appropriate disposal procedures, including procedures for archiving; and vii. the ability to cross reference electronic records to their paper counterparts in a mixed environment. viii. In addition, Audit Trails must be provided for all electronic information and documents. 19. Consideration should be given to seeking formal accreditation of our record systems under the current standard BSI BIP 008 as well as the ISO standard for Records Management BS ISO It should be noted that the Records Management Policy of the Business Services Organisation already covers electronic record systems as stated in paragraph 2 a. It covers records in all formats electronic or paper, created collated, processed used, stored and/or disposed of in the course of BSO business. 21. It should be noted that a revised disposal schedule is currently with PRONI for agreement. 6

7 Recommendation The Board is asked to 22. Agree the proposal that where possible 7 current payment records relating to pharmaceutical, dental or ophthalmic payments are maintained digitally subject to an initial period of six months storage 23. Agee that the digital records be maintained in accordance with the current disposal arrangements wherein they would be disposed of after period of seven years and that steps are taken to allow current hard copy records in storage to be destroyed in accordance with the disposal schedule 8 subject to DHSSPS lifting the current moratorium on destruction of files. 24. There may be an opportunity in the future to scan the current stored documents but at present there is insufficient resource to apply to a comprehensive back scanning of these records. If this situation changes an appropriate business case will be developed. 7 A Small number of manual invoices are still paid and will need to be stored. This equates to approximately 8-10 boxes per month. 8 Following the removal of the current embargo on destruction of records expected in late February

8 Appendix 1 Background to storing of Records within BSO All Health and Personal Social Services (HPSS) records are public records under the terms of Public Records Act (Northern Ireland) The Act sets out the broad responsibilities for everyone who works with such records. The HSC also has a statutory duty to make arrangements for the safe keeping and eventual disposal of its records. This paper is designed to consider the need for continuing the use of paper records within key functions of the Business Services Organisation. The retention of records is governed by the DHSSPS Policy, Good Management, Good Records which sets out a number of standards which HSC organisations are expected to comply. It states that an effective records management service ensures that such information is properly managed and is available whenever and wherever there is a justified need for information, and in whatever media it is required to: support patient/client care and the continuity of care; support day-to-day business which underpins delivery of care; support sound administrative and managerial decision making, as part of the knowledge base for HPSS services; assist medical, social and other audits; support improvements in clinical and social care effectiveness through research and also support archival functions by taking account of the historical importance of material and the needs of future research; support the planning for and development of new services; and provide accountability. It also sets out what must be recorded? All work done (i.e. activity carried out or provided) by HPSS staff must be recorded and held in registered files. These files constitute the records of the organisation. Each file should make up a comprehensive record of what was done, how it was done and why. Files should also evidence any actions and decisions that were rejected and why. Prior to the implementation of Electronic Document and Records Management Systems approved by the National Archives (London) 2002, electronic records cannot be accepted as the definitive record. Generally, any item should be kept in a registered file that: contains information or work relating to a file subject; 8

9 shows the reasons why something has been accepted or rejected or why something has been done or not done; shows who was involved in the decision making or work done; contains financial papers, statistics, or treatment and care relating to the file subject; relates to the success or failure of any work or project associated with the file subject, or success or failure to meet targets, standards. The Code of Practice on the Management of Records under Section 46 of the Freedom of Information Act 2000 issued by the Lord Chancellor s Department (now called the Department of Constitutional Affairs) states that: 8.2 Records of a business activity should be complete and accurate enough to allow employees and their successors to undertake appropriate actions in the context of their responsibilities, to facilitate an audit or examination of the business by anyone so authorised; protect the legal and other rights of the authority, its clients and any other person affected by its actions; and provide authenticity of the records so that evidence derived from them is shown to be credible and authoritative. 9

10 Appendix 2 Legislative Requirements surrounding the Storage of Records Public Records Act (Northern Ireland) 1923 All HPSS records are public records under the terms of the Public Records Act (Northern Ireland) Chief Executives and senior managers of all HPSS organisations are personally accountable for records management within their organisation. They have a duty to make arrangements for the safe keeping and correct disposal (under the Disposal of Documents Order (Northern Ireland) 1925) of those records under the overall supervision of the Deputy Keeper of Public Records whose responsibility includes permanent preservation. Limitations (Northern Ireland) Order 1989 The Limitations (Northern Ireland) Order 1989 sets out the statutory provisions governing the time limits for bringing a claim against another. This means that records should be kept for as long as is necessary to facilitate the requirements of the Order. The main provisions of the Order are:- The limitation period for a claim based on contract is 6 years (Article 4). This is the rationale behind keeping invoices, etc for that length of time; The limitation period for a claim for personal injury caused by negligence is 3 years from the date of injury, or, if later, 3 years from the date of knowledge of the person injured. This date of knowledge is the date when the injured person first had knowledge that the injury was significant and attributable wholly or partly to the alleged negligence (Article 7); The limitation period for a person under legal disability (e.g. a person with learning disability ) is before the expiration of six years from the ate when the person ceased to be under a disability or died which ever event occurred first notwithstanding that the time limit has expired. The limitation period for a claim for negligence, not involving personal injury is 15 years (Article 12). An example of this would be the giving of negligent financial advice which caused economic loss rather than personal injury; The limitation period for actions founded on instruments under seal is 12 years (Article 15). Some agreements made by departments may well fall into this category; 10

11 The limitation period for actions to recover an interest in land is 12 years (Article 21). This period is extended to 30 years where the Crown is seeking to recover interest in land. There are some cases where the time limit is extended. All such information held by the BSO is also governed by the Data Protection, Freedom of Information and the Environmental Information Regulations. The DHSSPS guidance also sets out a retention and disposal schedule which has been agreed with the Public Records Office. In addition, all public organisations must comply with the NI Records Management Standard (NIRMS). An additional requirement is to ensure compliance with the Lord Chancellor s Code of Practice on the Management of Records issued under Section 46 of the Freedom of Information Act

12 Legal Admissibility and Retention of Records Electronically Issued By DHSSPS January 2011 Appendix 3 Background Good Management Good Records (GMGR), the Department s guidelines for Managing records in Health and Social Care Organisations in Northern Ireland issued in December 2004, defines the recommended minimum retention periods for such records and provides advice on how records should be managed. Technology has progressed since 2004, and organisations are implementing Electronic Document Records Management Systems (EDRMS) and scanning paper records unto such systems. GMGR is currently being revised and the guidance will reflect the current records management climate. Electronic Records Retention Regardless of the medium on which the records are kept, they are required to be authentic, reliable, useable complete and unaltered. The shift to electronic records has raised questions amongst records managers. The question most often asked is Can I destroy the original documentation once it has been scanned? The answer is yes as long as the correct process in committing your records to digital image is followed. The factors to be taken into account include: the need to protect the evidential value of the record by copying and storing it in accordance with British Standard BIP 0008, the Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically, the need to consult PRONI in advance with regard to records which may have archival value, as the value may include the format in which it was created; and 12

13 the costs of the initial and then any later media conversion to the required standard, bearing in mind the length of the retention period for which the records are required to be kept. If a document is to be admissible in court, its authenticity must be beyond question. Whilst compliance with BIP 0008 does not guarantee legal admissibility it enables organisations to demonstrate that they are following best practice. BIP 0008 The five principles of information management encapsulated in BIP0008 are: 1. Representation of Information An information management policy document should describe the different types of information held within the organisation and, for each type, specify: the level of security appropriate storage media formats and version control information management standards, e.g. quality retention and destruction policy responsibilities and roles for information management functions responsibilities for compliance with the BIP Duty of Care Organisations need to have in place: an awareness of the legislative and regulatory bodies pertinent to its industry; a chain of accountability and defined responsibility for activities involving electronic document records management at all levels; a system to keep up to date with information management theory and practice; and 13

14 a documented information security policy. 3. Business Procedures and Processes Organisations should have a user manual for each of it s information management systems. The manual is the document that the organisation will produce, if it's electronic storage methods are ever challenged, to prove to auditors, lawyers or judges that the processes are precise, secure and approved for its normal business procedures. The user manual will typically define the following: Document types Preparation of documents prior to scanning Photocopies Batch control Scanning processes Scanning specific documents Image Processing Compression Techniques How information is indexed Quality control Procedures for producing authenticated output Procedures for authenticating copies of documents How information is transmitted within the system Procedures for document retention and destruction System maintenance schedules Security and protection, including encryption and the use of digital certificates; Backup and system recovery procedures Use of bureau services Workflow Date/time stamping Version control 14

15 BIP 0008 insists that the procedures and processes be audited annually, or more frequently for legally sensitive archives, to make sure that the approved procedures are being observed or that new ones meet the requirements and are formally and properly incorporated in the manual. 4. Enabling Technologies A typical system will be comprised of many different technologies, each of which need to comply with BIP0008. These technologies include: storage media access control mechanisms system and data integrity image processing compression techniques compound documents data migration document deletion 5. Audit Trails BIP0008 requires that a system must have full auditing functionality. Without detailed audit trails authenticating a document, and therefore satisfying a legal body, may not be possible. The audit trail, as a minimum, should log details of each significant event in the life of a document in the system. The audit trail should: be generated automatically by the system; contain date/time stamps for each event; be non-alterable; be stored in accordance with the organisation s information management policy; be subject to appropriate access control; and be securely stored and backed-up. 15

16 Transfer of Electronic Records to PRONI PRONI is currently undertaking a project that will result in the establishment of a trusted digital repository capable of ingesting digital records. The work is currently at the detailed planning stage with PRONI and consultants working to produce a Business Case setting out the requirements and resources needed. The aim of the Business Case is to have the appropriate resources and infrastructure in place and running by December Until the digital repository has been established at PRONI, records deemed suitable for transfer for permanent preservation should be managed by the originating organisation. As such the records should be maintained in live servers/environments until transfer can take place. Those records not found worthy of permanent preservation should be destroyed as soon as their business need comes to an end. PRONI have advised that the final actions described in the disposal schedule in Part 2 of GMGR should be applied to both electronic and paper records. The creation of disposal schedules within an Electronic Document Records Management System may need to be assessed to ensure their operational viability. The transfer of electronic records from organisations to PRONI will be governed by a set of policy documents, including a digital preservation strategy that will be made available on the PRONI website, 16

17 Organisations who have already implemented electronic record keeping systems should contact PRONI for the advice and guidance required to plan for the transfer of records. 17

18 Law Society Guidance Annex The Law Society carries guidance with regard to legal admissibility of electronically stored documents in its publication: Guidance ownership, storage and destruction of documents. Extracts of this taken from the cabinet office website are as follows: Can I store documents photographically or electronically, and destroy the originals? Original documents, such as deeds, guarantees or certificates, which are not your own property, should not be destroyed without the express written permission of the owner. Where the work has been completed and the bill paid, other documents, including your file, may be stored, for example, on a CD ROM, computer system or microfilm and then destroyed after a reasonable time. In cases of doubt the owner s written permission should always be sought. If it is not possible to obtain such permission you will have to form a view and evaluate the risk. When seeking owners permission to microfilm or store data electronically and destroy documents, you may wish to reserve the right to make a reasonable charge for preparing copies if they are later requested. What is the evidential value of a photographically or electronically stored document where the original has been destroyed? There is a dearth of judicial authority on this topic and, until the law and practice on the subject of microfilmed or electronically stored documents are clarified, it is only possible to provide general guidelines. The Society has been advised that: (a) A microfilm of any document in a solicitor s file will be admissible evidence to the same extent, no more and no less, as the document itself, provided that there is 18

19 admissible evidence of the destruction of the document and identification of the copy. (b) Written evidence of the destruction of the original and of identification of the copy will enable the microfilm to be adduced in subsequent civil proceedings (under the Civil Evidence Act 1968) and in criminal proceedings (under the Police and Criminal Evidence Act 1984). What procedures would the Society recommend where an original document is stored electronically or photographically and then the original is destroyed? (a) Written evidence of the destruction of the original and of identification of the copy must always be preserved in case oral evidence is no longer available when needed (b) There should be a proper system for: (i) identifying each file or document destroyed; (ii) recording that the complete file or document, as the case may be, has been photographed; (iii) recording identification by the camera operator of the negatives as copies of the documents photographed; and (iv) preserving and indexing the negatives. (c) If a microfilm, electronically or photographically stored data is required to be produced in evidence, a partner or senior member of staff should be able to certify that: (i) the document has been destroyed; (ii) the microfilm, electronically or photographically stored data is a true record of that document; and (iii) the enlargement is an enlargement of the microfilm, electronically or photographically stored data. (d) Microfilm copies of some documents (e.g. coloured plans) can be unsatisfactory, in which case the originals should be preserved. With regard to point 8 (d) above - the scanned images are colour where necessary so that the evidential weight of colour plans and photographs are maintained in electronic format. 19