Manejo de la caja chica

4.2.1 Summary

This literature review will introduce the reader to the collection, linkage and governance issues for routinely collected data in the UK. As illustrated in previous literature reviews data on risk factors and markers of maltreatment as well as formally collected data on maltreatment events can be collected from routine records. This review was conducted systematically and will educate the researcher as well as the reader by reviewing current concerns and

considerations that affect the use of routine data. This is also to set this work in its broader methodological and governance context. This is in preparation for the next phase of this research study, i.e. the quantitative phase where data from routine records will be utilised. See appendix 1 for a detailed plan of how this literature review was conducted.

4.2.2 Using routinely collected medical electronic data for research

Over recent years there has been greater use of electronic systems that capture individual records in health and social care service delivery (270). Electronic data collected routinely are now being used for secondary purposes, including for research (271). This is a topic that is growing in interest in the UK (272; 273). This literature review will focus on clinical data routinely collected from medical records in the UK NHS as most of the literature is based around medical routinely collected data (as opposed to, for example, data collected from social care records). Routine data can also be collected from a variety of other sources

including from Department of Education datasets. Data from both the NHS and Department of Education datasets will be utilised in the analyses in the reminder of the chapter.

In a literature review focused on the use of routinely collected patient data for research, Foster and Young (2011) found that there was a general assumption amongst the public that the use of routine data collected from medical records for research was beneficial to society.

Large public bodies such as the NHS collect and store data electronically on a very wide range of the UK population (274), and this has opened up many possibilities for research. A report by the UKCRC (2007) indicated that the use of routinely collected electronic data can provide

183 benefits for all types of clinical, public health, and health services research. The data also allows for data linkage and data sharing on a national basis (273). Electronic records are particularly useful for research as they are searchable, can allow remote access, and can be interrogated (273).

This methodology can be a faster and less expensive way of obtaining data compared to more traditional data collection methods such as prospective experimental research (273; 275).

Datasets include records from patients with diverse demographic characteristics (276). Data may be far more abundant than data generated in traditional clinical trials (274; 275), which typically involve smaller patient numbers (277). Often this sort of data collection is the only method possible when controlled trials are not possible for ethical or other reasons (6). When these data are collected by the NHS, they are likely to reflect the entire population, or at least those with that particular clinical condition of interest. This will likely enhance the precision of any statistical analyses (54; 274). Data can be collected on patients over their entire lifetime (274; 276).

Although routinely collected data are very useful for research, the ability to link to this data at an individual level is imperative (278). This is probably more true however for some research questions than others. Aggregate unlinked data can still be of value. Data or record linkage has been defined as ‘a process of pairing records from two files and trying to select the pairs that belong to the same entity’ (279). Data linkage allows researchers to link within and between a variety of data sources, to assess the completeness of datasets, to validate research findings, and to enhance participant follow up rates (278; 280). Health data linkage research centres have been established worldwide, including in Australia (281), North America (282; 283) and the UK (284; 285). Current attempts in the UK to link routinely collected datasets include The SAIL databank (Secure Anonymised Information Linkage) which was established in Wales using a variety of datasets from health and social care service providers (Lyons et al, 2009). The SAIL databank has aimed to develop an accurate matching process between various datasets to create a unique Anonymous Linking Field (ALF) to person-based records to make the databank ready for record linkage research studies (278). The use of data linkage in research studies has increased vastly in recent years (286). Bohenski et al reported in 2010 that there had been an almost six fold increase in data linkage studies in the preceding two decades.

184 Researchers have identified a variety of research areas that could benefit from routinely collected data including the natural history and development of diseases (271; 275; 287) and the opportunity for disease surveillance (275; 276; 285). The causes of diseases can be studied;

as well as the value of health care interventions; the equity of health care; and trends in the use of health care (275; 276; 287), and even the study of child maltreatment (289) as is the case in this current research study. Putman-Hornstein et al (2013) state that in the context of studying child maltreatment, routine data have the potential to provide relatively low-cost, longitudinal information that show interactions between risk (and protective) factors. Using clinical data for research can optimise the reach, success and efficacy of disease prevention, disease management, and public health strategies and programmes (290). These data could also be used for Clinical Decision Support Systems (291) and can be used to study the role of patient education (271). Findings of research using routinely collected data can help make public health decisions, and these sorts of data are especially valuable during public health emergencies (276). Using routinely collected data for research contains real experience and therefore the research conducted using this data can answer questions to improve real experience (275). Research using routine data can also detect unexpected phenomena and patterns or uncover differences amongst subpopulations that may not be included in a prospective experimental study (275). The data collected can also be used to refine research questions, generate hypotheses, and identify potential participants for research (275). Another benefit of using routinely collected clinical data for research is that it is often possible to conduct the research without participants’ explicit consent or involvement (275). This can reduce participant burden and anxiety, and can reduce costs.

4.2.3 The governance of collecting and linking routinely collected data in the UK for research

Data collection about individuals is a particularly sensitive issue. The collection, storage, use and sharing of data about individuals are governed by laws and regulations (292). The laws and regulations are there in order to protect information that can be linked to individuals from being seen and used in ways that could be perceived by the individual as intrusive or damaging (292). The governance regarding the secondary use of data is variable across and within countries (271). This section will therefore focus on governance related to the UK. The section will describe some current legislation as well as include some reflections from researchers about the challenges around legislation and interpretation, and the challenges of accessing data. The reader should keep in mind that the information contained here is time-sensitive as

185 legislation is being constantly updated. This section is not intended to provide a

comprehensive picture of all UK legislation regarding collecting and linking routinely collected data for research, but rather focuses on the most pertinent themes.

There has been some literature published regarding ethical and governance issues related to using routinely collected data for research purposes. Much of the literature however is not empirical but derives from policy and practice (293). Foster and Young (2011) note that the majority of the literature is written by clinicians, health researchers and government advisers, and the language used is often strong and forceful with regards to legislation complicating the research process and therefore putting the benefits to be gained from this research at risk. On the whole this pattern is repeated in the media e.g. Brown et al (2008) searched the content of UK national newspapers over an 18-month period and found that most articles mentioned using patient data for research did so without controversy. They reported new scientific research and when they did report ‘controversies’, these focused on the issue of legislation hampering research.

Some researchers have suggested that that governance models in the UK are preventing the optimal use of data for research. Some have suggested that the restrictive nature of

governance models employed by data controllers is a consequence of an ambiguous legislative framework in the UK (295). This is because each routinely collected dataset has its own set of governance regulations and these vary depending on the type of data in the dataset, who the data guardian is, and the parameters of the data collection (271; 295). There is a difference in governance regulation between patient identifiable data, where a variable exists that can be used to identify a participant, and sensitive data. In practice however the definition of the two types of data are variable, even with the same data controller (296).

Some routinely collected NHS data can be used without consent for audit purposes or process evaluation, but not for research (295). From a governance perspective however, Curcin et al (2012) suggest that most of the observational or prospective research that needs consent to be carried out is not very different from service evaluation which does not require consent.

They also suggest that governance does not distinguish between observational research and other kinds of experimental research (295). Clark and Findlay (2005) argue however that a distinction can be drawn between personal data that patients should reasonably expect to be accessed by other health professionals for a direct health-related purpose, and data accessed

186 for non-care related reasons. The actual difference therefore is the purpose to which the data are being put rather than the forms of data being used. While audit can therefore be

considered to be an element of usual care, health services research remains supplementary to usual care (298).

In the UK there is no consistent guidance on when during the process of analysis that data can be moved from a secure database to a researcher’s computer (295). Some only allow this when the data has been stripped of identifiable data, and some when it has been stripped of sensitive data, or both (295). These sorts of issues mean that researchers may find it difficult to navigate the various governance procedures associated with each routinely collected dataset and may end up inadvertently breeching data protection policies (295). This also means that data sharing between research institutions can become problematic as the governance varies for different datasets (299).

Until the mid-1990s, patient data in routinely collected datasets were freely available for research, this changed when the Data Protection Act was introduced in 1998 (295). The Data Protection Act strengthened previous legislation and gives provisions for the secure processing of identifiable data for medical research (295; 297). The Data Protection Act applies to all use of data in which the patients remain identifiable even by indirect means, and the Act also counts all data that are linkable to any identifying information as ‘personal data’ (300). Some blame the Act for increasing the bureaucratic barriers to research (301), others dispute this (302). Iversen et al (2006) concur that the impact on research of the Data Protection Act is less to do with the legislation per se than the way that data controllers have interpreted the Act. As an example of this, the Data Protection Act did not include definitions for ‘secure’ and ‘medical research’, and therefore data controllers adopted an interpretation of the rules that Curcin et al (2012) refer to as ‘consent or anonymise’. This is where a participant is either fully

consented to take part in a research study, or the data of that patient used in a research study is fully anonymised (295). To complicate matters further statutory regulations and professional guidance can sometimes contradict each other (303).

May 2018 saw the implementation of The General Data Protection Regulation (GDPR). This is a regulation in European Union (EU) law on data protection and privacy for all individuals within the EU and the European Economic Area. This also addresses the export of personal data outside the EU and EEA areas. These regulations need to be followed by UK based researchers