OpenSAFELY follows on from data sharing work which took place during the pandemic, where practices were mandated to share some patient information under the COPI notice. When the pandemic came to an end this requirement was ceased. However, it was recognised that this data could be very beneficial to population health. Work started through the OpenSAFELY programme to put into place the necessary safeguards, alongside public and professional engagement. The project is working to ensure transparency, compliance with required confidentiality and data protection legislation, while ensuring the public are on board. The initiative includes only coded data and must respect all Type 1 opt outs. The National data opt out is considered on a study by study basis, so this will be applied as appropriate.
A four minute video https://www.youtube.com/watch?v=GRjRqOAIVy8 explains the programme and is available on YouTube to be shared widely.
The RCGP has provided a guide to how practices should comply with the directive https://r1.dotdigital-pages.com/p/49LX-12T5/all-gp-practices-using-emis-web-optum-or-systmon-e-tpp-are-legally-required-to-activate-access-to-pseudonymised-gp-rec-ords-using-the-open-safely-research-platform-by-september-2025.
There are 4 actions listed on this page which practices must do:
- Activate the data sharing through EMIS (Optum)/SystmOne
- Update your practice privacy notice (suggested text below)
- Sign off a DPIA (template provided, or you can prepare your own)
- Update your existing practice record of processing activities (RoPA)