University of Oxford

Academic Institute

Simon de Lusignan

Health Data Research UKUK Research and InnovationOffice for National Statistics

9755210000000000

The RSC, one of the oldest sentinel systems, is used to coding influenza and other monitored conditions and is uniquely placed to differentiate asymptomatic disease. Currently it has 88,838 confirmed COVID-19 cases (25/11/2020, population denominator 5.6million, >500 practices), results from >30,000 serology and >5,000 virology COVID-19 samples. Data quality has been boosted by hosting RECAP. Large long COVID community studies are about to be funded but there is as yet no agreed case definition or pragmatic case finding approach. Sharable curated phenotypes, ontologies and code: RECAP’s high-quality data will enable the differentiation of long COVID from resolved disease. We will share our method and codes to develop these. Comparison of recovered and long COVID: We will publish the basic phenotypes, epidemiological characteristics and provide other researchers a trusted research environment, including advanced analytics from Imperial College London. Targeted clinical management: We will provide real-time guidance to clinicians advancing the development of precision medicine. Policies and healthcare inequalities: We will assess how factors such as education, employment, income and ethnicity may affect COVID-19 outcomes to inform policymaking. This will likely result in more accurate diagnosis of acute and long COVID, better differentiation from other diseases, and more systematic care and follow-up.

The RECAP (Remote COVID-19 Assessment in Primary Care) project aims to assist primary care providers to improve patient care and health outcomes. Most COVID-19 patients are diagnosed and managed remotely by GP’s. This helps reduce the burden on hospitals. However, due to the wide number of possible symptoms, it is hard to predict and diagnose COVID-19. Through this project, an early warning score for GPs based on data collected to a remote GP consultation will be developed and validated which will then be linked to outcomes such as hospital admissions as a measure of clinical deterioration.

Flows of data: - Data are extracted from practices that are members of the Royal College of General Practitioners (RCGP RSC) Research and Surveillance Network by Wellbeing. The University of Oxford subcontracts with Apollo to do this as part its contractual responsibilities. - The University of Oxford will provide NHS digital with a list of pseudonymised NHS numbers and pseudonymised date of birth for the cohort each quarter. - NHS Digital will link the cohort to the requested datasets and send pseudonymised linked datasets securely back to University of Oxford. - University of Oxford will store the data on the secure network. - University of Oxford will process and aggregate pseudonymised data to produce approved reports for surveillance (as part of the National surveillance process); and for the purpose of COVID-19 vaccine pharmacovigilance and quality improvement. No identifiable data items will be passed into or out of NHS Digital SALTING METHODLOGY: The University of Oxford will follow a salting method in a manner that all the data will be non-identifiable. The process is as follows: 1. An encryption salt is held by a designated staff member of the University of Oxford Medical Science Division who is not a member of the ORCHID staff. 2. When a data linkage is required, the encryption salt holder sends the encryption salt to the data provider (NHS Digital) 3. The data provider will hash personal identifiers (in the data requested by ORCHID) using a hashing algorithm 4. The hashing algorithm is SHA2-512. 5. To make this key unique, an encryption salt is added at the end of the NHS number (e.g. NHS number= 12345678 ; SALT (held by someone other than ORCHID staff) = bob. So, hashing would take place using the SHA2-512 alogrithm by 12345678bob = return pseudonymised data) The RCGP RSC data is controlled and processed by a group of staff who are all based at the University of Oxford; all are mandated to complete information governance training. The group is made up of analysts, academic fellows, Structure Language Query (SQL) developers, RCGP RSC practice liaison officers, a project manager and a head of department. The team work from secure workstations or secure laptops with encrypted drives within the group’s secure network. Data will only be accessed by individuals within the RSC who have authorisation that are substantive employees of University of Oxford. The authorisation process includes: (1) Contractual requirement to follow IG principles; (2) Using the email registered with Human Resources to complete IG training and to return the certificate; (3) Staff email is authorised by the IT department for one year to access the secure network and staff computers are configured to allow this; (4) At any point the project managers or Head can have access to the secure network turned off. There is special authorisation to have access to the main database. Only three SQL developers and one senior project manager can access the main database. Surveillance databases are created for approved analyses once they have been agreed by the RCGP RSC approval committee. This agreed protocol includes the list of variables required for the database. The SQL developers create separate databases for individual projects only including the required variables, for the required time interval. The additional linkages will be added to the data that the University of Oxford already receives from the RCGP RSC network practices and PHE reference laboratories. This process for previous projects linking different sets of data, and the linkage has been successful, provided both parties use the same pseudonymisation algorithm (SHA-512). There will be no requirement nor attempt to re-identify individuals from the data. The data will not be made available to any third parties other than those specified except in the form of aggregated outputs with small numbers suppressed in line with the HES Analysis Guide. The use of national data is needed as the University of Oxford are a national surveillance centre and the cohort are from across England and Wales. The use of pseudonymised NHS numbers are essential as the request to link to the data that the University of Oxford already received from the RCGP RSC network general practices and PHE reference laboratories. NHS Digital reminds all organisations party to this agreement of the need to comply with the Data Sharing Framework Contract requirements, including those regarding the use (and purposes of that use) by “Personnel” (as defined within the Data Sharing Framework Contract ie: employees, agents and contractors of the Data Recipient who may have access to that data).

Anonymous

Not applicable

Recurring

TRE