How OPCRD links data from GP practices to other datasets such as hospital data

When we link primary care data from GP practices who contribute to OPCRD with hospital care data, the linked data is held in a secure platform called OPCRD-NEXUS. The platform is hosted by Harvey Walsh Limited.
The process of how we link GP data and hospital data using England as an example, is described below:

● As part of agreeing to contribute patient data to OPCRD, practices also consent to their patients’ data being linked for research purposes.
● OPCRD must get Section 251 approval from the Confidentiality Advisory Group for Harvey Walsh and NHS Digital to process patient identifiers from GP practices for the sole purpose of linking OPCRD primary care (GP) data to hospital data.
● GP practices send a secure file containing only patient identifiers (NHS number, date of birth and sex) to Harvey Walsh, who collect the files from many practices and send it to NHS Digital.
● NHS Digital conduct a match for the patient identifiers in hospital datasets and then provide only de-identified hospital data for the requested patient identifiers.
● NHS Digital then send the de-identified hospital data to Harvey Walsh.
● Harvey Walsh also receive de-identified GP data from OPCRD.
● Harvey Walsh join link the GP data and hospital data to form the GP-Hospital linked dataset, which is then stored securely in OPCRD-NEXUS.
● Researchers request to access to the linked data for a specific study. All requests from researchers to gain access to linked data must be approved by an independent body called ADEPT – the Anonymised Data Ethics and Protocol Transparency committee.
● The linked data is completely anonymised following ADEPT approval before it is provided to the researcher for a limited a period of time. You cannot identify a patient from anonymised data or from any results or reports from anonymised data.
● OPCRD-NEXUS never receives patient-identifiable information from GP practices or from NHS Digital at any stage during this process.