Email and text messaging policy

 

1. Introduction
It is recognised that the use of email and text messaging are well-established methods of communication. Clevedon Medical Centre supports the use of email and text messaging as a means of communication with patients/service users and carers, subject to compliance with this policy.
2. Scope of policy
This policy sets out the circumstances in which patients, service users and carers can be contacted using email or text message and the procedures that must be followed when using this method of communication. 

3. Responsibilities, accountabilities and duties
This guidance applies and must be adhered to by anyone working within CMC including; but not exclusively, employees, seconded staff and contractors who use or who intend to use text messages and email in the course of their communication with patients and service users.

The Senior Information Risk Owner is accountable for information risks and security of information.

The Caldicott Guardian is responsible for the establishment of procedures governing access to, and the use of, person-identifiable information and, where appropriate, the transfer of that information to other bodies.

Managers are responsible for making sure this guidance is highlighted to relevant staff, that it has been understood, and that it is being followed.

4. Uses

Example uses of text messages:  

  • Appointment reminders and confirmations  

  • Communicating negative (clear) test results  

  • Asking the patient to call the service at a convenient time  

  • Communicating advice to patient (e.g. bad weather reassurance of a Community Nurse visit)  

  • Ad-hoc communication between key worker and patient.

  • Messages necessary for the task or function of CMC (e.g developing a new service)

 

Example uses of email:  

  • Asking the patient to call the service at a convenient time  

  • Communicating advice to patient (e.g. bad weather reassurance of a Community Nurse visit)  

  • Ad-hoc communication between key worker and patient  

  • Copies of letters sent to GP if requested  

  • Appointment letters.  

 

6. Implied consent

It is appropriate to rely on implied consent when contacting individual patients and service users about their individual care or requesting they complete a friends and family test survey. 

It is important that any preferences are recorded in their record and respected. Patients and service users should be able to change their preferences about how they are contacted at any time. 

Providing a mobile phone number to Clevedon Medical Centre will be assumed to mean that the patient consents to that phone being used for text messaging as outline above. If as a patient you do not wish to receive messages in this way then please let us know and we can remove your mobile phone number from your record so that you do not recieve messages.

7. Being open about how information is used


It is essential that the use of email addresses and mobile telephone numbers is in line with transparency guidance and best practice. This means that the use of personal information held by CMC must be understood by patients. 

  •  What information we need:

Upon registration we will usually collect a landline number, a mobile phone number and an address. We also ask for and document allergies and other information about smoking, height, weight, alcohol intake. This information is to be used to manage health. Mobile phone numbers and email addresses will be used as described above, if as a patient you would like us not to contact you this way then please let us know.

  •  For what purpose:

Contact details will not be used for marketing either by us or by external providers, this means we will not send messages to you urging you to buy anything/ donate to anything. Information will only be used for communication necessary for the task or function of CMC (healthcare delivery).

  •  Who the information may be shared with:

It will not be shared with organisations outside of the NHS

  •  What will we do with that information:

It will be stored on your medical record that is held with CMC, this record can be accessed by other healthcare providers (i.e the out of hours GP team or hospital doctors).

Services should be clear about the rationale for using email and/or text messaging to communicate with their patients/service users and should clearly define the purpose and scope of communication by these means. This includes making patients and service users aware that text messages and emails will not be read during non-working hours and therefore should not be used for urgent queries. 

Services should make this information readily available to their patients and service users

8. Children

The age at which a child becomes competent to make certain decisions about their health and care and information sharing will vary depending on the child and the particular decision. 

A child with competence is able to make choices about how health and care providers use their information. As such they should be given a choice about who receives emails and messages about their care. 

9. Risks


A Data Protection Impact Assessment (DPIA) will be completed prior to the implementation of a new service. In areas where it is felt that risks are unacceptable, the service will not be implemented.

The following risks will always be taken into account:

  • Confidentiality

Risks will be mitigated to a large extent by only sending non-sensitive messages and by never sending sensitive data such as - “your next ante-natal appointment is…”

  • Ensuring delivery to the correct recipient 

Risks will be mitigated by 

  • Explaining to the patient or service user that it is their responsibility to keep and provide an up to date email address and/or mobile phone number, and to be clear that the service are not responsible for onwards use or transmission of email or text message once it has been received by the patient/service user: 

  • Having processes in place to remind patients and service users to update their email address and mobile number when needed

    10. Monitoring Compliance

Audit procedures and audit cycles will be established by the Information Governance (IG) Team, in collaboration with Operational Services to ensure that:

  • The exchange of text messages with patients and service users has not created any problems or difficulties for the organisation or for the patient/service users.

  • Any risks are identified, regularly re-assessed and adequately addressed.

  • Confidentiality is not put at risk, and that appropriate records of contact are properly maintained.

  • Any incidents that are raised as a result of email or text message communication with patients and service users will be investigated, reviewed and reported as a significant event and is then discussed at a significant event meeting.

  • Any action required to increase the effectiveness of this policy will be undertaken.

This policy will be regularly reviewed to reflect any changes to national policy, technology or operational practice.