RCGP Safeguarding toolkit

The general practice electronic patient medical record has undergone significant changes in recent years and is ever evolving. In some parts of the UK, patients are now able to access their entire medical record via their phone or computer. In addition, multiple professionals including other health and social care organisations may also access the patient record. There is also an increasing amount of information from other agencies, such as social care, now held within the record. GP IT systems are also increasingly sophisticated. These changes have brought into sharp focus the need for robust, safe management of safeguarding information within the electronic patient record. Safe management includes high quality records that are accurate, unambiguous, timely, accessible and complete, as well as security and confidentiality of records.

Key principles of documenting safeguarding concerns and information in the patient electronic medical record

• High quality documentation of safeguarding information is fundamental to safeguarding children and adults in order to:
  • ensure victims and survivors of abuse have the healthcare and support they need
  • allow a picture to be built over time of emerging concerns
  • manage and share information about risk appropriately
  • allow for effective information sharing when required
  • allow for discussions with patients about online access where there are safeguarding concerns.
• Experiencing abuse and/or neglect as a child or adult has significant implications on health and wellbeing so therefore needs to be documented.
• Concerns about safeguarding should be documented clearly on all relevant family health records, not just the individual child/adult. Using the appropriate codes (see table below).
• All safeguarding information should be stored within the medical record, not separate to it.
• Any documents containing third party information should be flagged as such with the appropriate code.
• It is not necessary to black out information within safeguarding documents before putting into the patient record.
• The use of coding to record key safeguarding information is important to be able to easily find the relevant information when needed in the future or for audit purposes.
• Safeguarding information should be managed safely to reduce the risk of perpetrators using any disclosures of abuse from victims (or any information in the medical record) to further abuse them.
• If any member of staff is unsure how to manage safeguarding information, they should always seek advice from the practice safeguarding lead/Caldicott guardian/information governance lead/Data Protection Officer.
• All safeguarding information should be redacted from patient online access and clearly marked ‘not for online access’.

Who is responsible for managing safeguarding information in the practice/organisation?

• Everyone has a role to play – clinical, secretarial and administrative staff.
• Each practice/organisation should have robust procedures in place for how safeguarding information is handled.
• Each practice should have a safeguarding administrator who manages or oversees, the recording and coding of safeguarding information coming in and out of the practice.

What is ‘safeguarding information’?

Information about abuse and neglect which can be:

• possible or confirmed
• recent or non-recent (also known as historical)
• about the risk of, or vulnerability to, abuse and neglect
• a wide continuum of safeguarding activity ranging from prevention and early intervention, to risk assessment and management, including investigation and protective intervention.

The information can be held within the record as coded information, free text in consultation records or attached to coded information, records of conversations with other professionals, letters and documents.

Sources of safeguarding information

• From patients themselves, their families or carers.
• From healthcare colleagues.
• From other professionals/agencies such as children and adult social care (Health and Social Care Trusts in Northern Ireland), police, education, and other bodies such as domestic abuse organisations.
• From child protection/adult safeguarding conferences.
• From multi-agency processes such as MARAC (Multi-Agency Risk Assessment Conferences) and MAPPA (Multi-Agency Public Protection Arrangements) or PPANI (Public Protection Arrangements Northern Ireland).

Safeguarding information coming into and out of the practice/organisation can include:

• Information held within letters between healthcare professionals, e.g. within an outpatient paediatric or mental health team letter.
• Invitations to strategy meetings, child Protection conferences, adult safeguarding conferences.
• Strategy meeting minutes.
• Child protection conference reports.
• Adult safeguarding conference reports.
• Child protection medical reports.
• Safeguarding child or adult referrals made by general practice staff.
• Safeguarding information held within records of patients who are new to the practice, which is identified by administrative staff when summarising these records.
• MARAC reports and minutes.
• MAPPA minutes.
• Channel Panel reports and minutes.
• Domestic abuse reports from the police.

It is important to note that these all may contain information about more than one person and should be flagged as containing third party information, as well as redacting from patient online access.

Recording family groups/relationships

Where possible family/household members should be linked on the records. This aids practitioners to ‘Think family’, be able to see ‘the child behind the adult’ and ‘the adult behind the child’ as well as understanding the wider context of an adult’s life when there are safeguarding issues.

Where possible, and if known, details of key individuals should be added to the record. This is particularly important with children – details of parents/carers, who has parental responsibility, and foster carers are all important. Where there are complex family situations, it is important to highlight who has legal parental responsibility.

For adults, details of those with Lasting Power of Attorney can be helpful or people mentioned in advance directives.

Documenting who attends with a patient is also really important.

Domestic abuse

Refer to 'RCGP guidance on recording domestic abuse in the electronic medical record' for information on coding of domestic abuse and MARAC information.

Recording adult drug and alcohol problems, mental health problems and learning disabilities

If you are aware that a parent/carer/household member has a drug/alcohol problem, a learning disability or significant mental health problem it needs to be considered whether that information should be recorded in their children’s records or in the records of any adult with care and support needs within the household to ensure a holistic approach to the needs of the whole family.

This information should always be redacted from patient online access and clearly indicated that it contains third party information.

‘Was not brought'

• Children and many adults with care and support needs need to be brought to health appointments by their caregivers (there are exceptions to this such as teenagers who have made the appointment themselves). Health appointments includes face-to-face, phone and virtual appointments.
• If not brought to an appointment, this should be recorded as ‘not brought’ rather than ‘did not attend/DNA’.
• Not being brought to an appointment can be a sign that the family/carers are struggling in some way or can be an indicator of abuse/neglect.
• Every practice should have a policy in place for how these missed appointments are acted on as well as missed reviews. For example when an adult with a learning disability has had repeated invitations for their annual review but no appointment has been made.

Management of Child Protection conference invitations, reports (including those provided by general practice and those received) and minutes

• These should be added onto ALL the records of the family/household members – there will be some exceptions to this which need to be judged on a case by case basis.
• These should be marked not for online access and that they contain third party information.
• Relevant codes should be added (see table below).

Management of Adult safeguarding conference invitations, reports(including those provided by general practice and those received) and minutes

• These should be added onto the patient record and consideration given as to whether they should be added onto any other patient’s records e.g. family members, children, partners or whether a short summary should be added.
• These should be marked not for online access and that they contain third party information.
• Relevant codes should be added (see tables below).

Contextual Safeguarding situations

Contextual safeguarding recognises that as young people grow and develop, they are influenced by a whole range of environments and people outside of their family. For example in school or college, in the local community, in their peer groups or online. Examples of this includes child sexual exploitation, child criminal exploitation and harmful sexual behaviour. There is often a different multi-agency safeguarding response to these young people when the risk is extra-familial (i.e. outside the family/household) which is not always through a child protection process. The information practices receive about these young people may be significantly less than what is contained within a child protection conference report.

This information should always be redacted from patient online access and marked as containing third party information.

Where there is extra-familial harm to a child, it will not always be appropriate to put all the safeguarding documents and information related to this in the entire family record (if there is no known risk within the family). In these circumstances, it is appropriate to use the code ‘child in family is cause for safeguarding concern’ in all relevant family records with brief free-text about situation.

Information about perpetrators of abuse

This is one of the most complex and challenging areas of recording safeguarding information: should information be recorded in an alleged perpetrator’s medical record?

The RCGP already has guidance on recording and managing information about perpetrators (alleged or confirmed) of domestic abuse.

When considering whether to record information in a perpetrator record (alleged or confirmed), there are a number of issues to balance:

• If perpetrators of abuse become aware that their victim has spoken about the abuse, this could put the victim at increased risk of significant harm.
• ‘Allegations’ are simply that and the alleged perpetrator has no ability to refute the allegations within their own medical record if they are not aware this information has been documented.
• Knowledge about possible perpetrators of abuse may prompt earlier identification of safeguarding issues.
• Knowledge that a patient is displaying abusive or harmful behaviour towards others can help with risk assessments in general practice to ensure everyone’s safety in the practice including staff and other patients’ safety.
• Patient online access brings additional challenges such as the perpetrator becoming aware of information if it had not been redacted from the online record.

When is it appropriate to record information about a perpetrator of abuse in their own medical record?

• If the individual themselves has provided the information about any abusive behaviour or allegations they have faced/are facing.
• When it is clear that the perpetrator is aware of the allegations. For example, information shared from child protection processes such as child protection conferences where the concerns are about abuse within the family by parents/carers who are fully aware of the allegations and concerns of professionals.
• When there are agreed local multi-agency information sharing arrangements in place which take into account:
  • the unique challenges general practice face in managing information such as data controllership and patient online access
  • the risks and benefits to sharing information about perpetrators when the perpetrator is not aware that information is being requested, or shared, about them.

What if an agency such as MAPPA/PPANI, wishes to share information with general practice about an individual who is a violent or sexual offender and who is a patient at the practice, but the individual is not going to be told that the information is being shared?

• There needs to be absolute clarity in this situation about why the agency wishes to share the information, and why it is without the individual’s knowledge. Questions and factors to consider are:
• Does the individual pose a significant risk to staff in general practice? If so, can the individual be safely managed in a routine general practice setting or does there need to be consideration of the special allocation scheme which is a service for managing violent and abusive patients in general practice ? This could not be done without the individual’s knowledge.
• Does the patient pose a significant risk to others such as the wider public, partners or children? If so, what are the expectations of general practice having this information, e.g. what are they going to do with this information and how are they to use it without the individual’s knowledge?
• Should this information be shared when, for example, a referral is being made to a mental health team or secondary healthcare provider?
• Information shared with general practice stays on a patient’s medical record for life.
• Patient online access.

The RCGP would like to thank the NNNGP (National Network of Named GPs), Dr Imran Khan, Dr Ralph Sullivan and Dr Tom Nichols in particular for their input into this section.