Using e-system to develop and manage PGDs
Systems and processes for developing, reviewing and authorising PGDs have been subject to change over recent years in response to changes in the available technology and in commissioning arrangements for services.
The development of e-systems for clinical records and also for developing and authorising governance documents within organisations has resulted in queries about the use of electronic documents for the development, review and authorisation of PGDs and about the use of electronic records and documents for the authorisation of individual practitioners.
PGD signatories may not necessarily work in the same location or for the same organisation and this has led to queries about use of electronic records to record authorisation of PGDs received remotely.
For the purposes of this advice:
- the term ‘document’ refers to the PGD itself which is generally developed and saved as a word processed or pdf file. The term document is interchangeable with ‘PGD’ throughout.
- the term ‘record’ may refer to the system used to obtain and record a signature to authorise the document or authorise a practitioner to use the PGD or to other organisational records.
NICE PGD guidance states:
‘Ensure that appropriate organisational records are maintained, stored securely and archived, in line with relevant legislation and the Department of Health’s code of practice on records management.
These records should include:
- patient safety incidents, such as medication errors, near misses and suspected adverse events
- terms of reference and minutes or notes of the PGD approval group
- a list of all PGDs in use within the organisation, including their review date and expiry date
- master authorised copies of PGDs
- expired versions of PGDs
- members of the PGD working group
- signatures of people signing a PGD
- a list of named, registered health professionals authorised to practise under each PGD used within the service
- training records
- results of monitoring and evaluation.
There is nothing in PGD legislation or guidelines which states that hard copies of documents must be signed by hand or that individuals must sign a hard copy of the PGD as part of the individual authorisation process.
The MHRA have confirmed that electronic systems can be used to authorise a PGD.
The following guidance has been agreed with the MHRA and Department of Health and Social Care (DHSC):
- An electronic signature must be linked uniquely to an individual and under their sole control.
- The standards laid down for electronic prescribing should be observed:
- uniquely linked to the signatory
- capable of identifying the signatory
- created using means that the signatory can maintain under his sole control.
- linked to the data to which it relates in such a manner that any subsequent change of data is detectable.
- The final document must be securely protected and the signature cannot be lifted out e.g. must be in a protected pdf format rather than a word processed document.
- The use of a JPEG or similar picture of a signature inserted into a file is unacceptable unless the document is securely protected to prevent the signature being removed or changed as described previously.
- The authorising organisation takes responsibility for the system in place and to ensure that lines of accountability and governance within the organisation or any partner organisation are documented.
- The authorising organisation will need to risk assess the process of how signatures are collected. If local circumstances dictate that these standards cannot be achieved then steps should be taken to ensure that the process is as secure as possible and adheres to organisational policy.
Authorisation of a PGD by email or using local document management systems
The following practice is permitted providing that the organisation(s) involved in any part of the process of authorisation (clinical or organisational) concerned are compliant with points above.
Following a formally agreed local process, a signatory can authorise a PGD by signing into their organisational email address and sending an email to a nominated individual. It would not be considered good practice to use a personal email address.
There are a number of electronic systems which enable individuals to log in, submit, review and approve documents. In such cases, the documents themselves do not need a visible, handwritten signature where there is a secure, electronic audit trail of approval. For example, a JPEG picture of the signature does not have to appear in the PGD although some organisations do insert these securely as part of their locally agreed procedure.
It is suffice to state in documents developed using electronic systems which adhere to the guidance above that ‘signatories have approved this PGD using approved electronic authorisation systems’ or similar alongside the names and job titles of all involved and the date of authorisation under this statement.
The email authorisation or the information on the electronic system must be filed and saved according to NHS Records Management Code of Practice
Organisations are advised to seek confirmation from their local Information Governance (IG) Lead to ensure that any systems and processes that are developed are robust and are in line with IG and organisational policy requirements.
Electronic systems for the authorisation of individual practitioners
There is nothing in PGD legislation or guidance which states that hard copies of individual practitioner agreements or practitioner lists must be used.
Organisations may have electronic systems in place to receive, accept and record evidence and a declaration of competency from an individual practitioner and to record their authorisation.
The practitioner is responsible for ensuring that they have a copy of the authorised PGD and a record of their individual authorisation, whatever format that takes, before practicing under the PGD.
The MHRA have confirmed that electronic systems and processes can be used to record individual authorisation of those using PGDs.
These systems must comply with NICE PGD guidance which states:
For each PGD, the provider organisation should:
- identify a senior, responsible person from within the service to authorise named, registered health professionals to practise under the PGD
- ensure that authorised health professionals have signed the appropriate documentation
Before practising under a PGD, health professionals should ensure that they:
- have undertaken the necessary initial training and continuing professional development
- have been assessed as competent and authorised to practise by the provider organisation
- have signed the appropriate documentation
- are using a copy of the most recent and in date final signed version of the PGD
- have read and understand the context and content of the PGD
Archiving PGDs using electronic systems
Where hard copy PGDs have been superseded, organisations have asked if they need to keep the paper copy or can convert it to an electronic file.
The decision to scan master copies/retain files electronically as specified in legislation/in line with the NHS Records Management Code of Practice and NICE PGD guidance is for local determination considering the advice and governance arrangements.
Similarly the archiving of electronic records should be undertaken as specified in legislation/in line with the NHS Records Management Code of Practice
Retaining legal mechanism documentation provides further guidance on the retention of PGD records.
- Formatting updated