Beta This is the user management portal for the LFPSE service.

Patient Safety Incident Management System (PSIMS) Online Incident Recording (OIR)

Terms of Use – Beta Phase

PSIMS is operated by the NHS Trust Development Authority and Monitor (together referred to here as NHS Improvement). By using PSIMS, you confirm that you accept the terms of use and that you agree to comply with them. If you do not agree to these terms of use, you must not use PSIMS. Please read and make sure you understand these terms and if you agree, scroll down to accept them. We may amend these terms and conditions for use from time to time. If we do, you will be asked to review them and provide your acceptance again.

Use of PSIMS

Users must:

  • Keep account details safe - users must keep their access username and password confidential and must not allow any other individual to access the data using their access credentials.
  • Not use data in PSIMS for commercial purposes or to inform development of other commercial products.
  • Notify NHS Improvement of any breaches - users must promptly, and in any event within 48 hours, inform NHS Improvement on england.ig-corporate@nhs.net if they become aware of:
    • a breach of these terms and conditions of use; and / or
    • any unauthorised users accessing PSIMS and / or
    • the need to de-activate a user’s access to PSIMS.
  • Not disassemble, reverse engineer, de-compile, copy, adapt, edit or create any derivative works from, the source code of the whole or any part of PSIMS, nor attempt to do such things. If users are found to have breached any of these terms of use, access to PSIMS will be suspended. You can consult NHS Improvement on nhsi.ig@nhs.net if you have any questions on appropriate use of the data on PSIMS.

By completing the form that follows you are giving NHS Improvement your permission to process the information you provide to learn about patient safety. For further information on how we use your information please see Learning from patient safety incidents.

Please note: we do not investigate individual events, but we do record public and staff concerns and use this information to improve safety. NHS Improvement does not have powers to investigate individual cases or complaints recorded using PSIMS. To find out who can help you make a complaint about your specific case, or take legal action, see NHS complaints guidance.

Privacy

NHS Improvement will monitor use of PSIMS and will comply with Data Protection requirements when processing any data collected. Please see our Privacy Policy which sets out the terms on which we process any personal data we collect. By using PSIMS you agree that we can collect and process personal data about you and your use of PSIMS. This is for legitimate purposes of administration of a user account, audit and as part of our efforts to keep PSIMS safe and secure.

Where we would like to further analyse or process your personal data and how you are using PSIMS, we will seek your consent.

Data must not be submitted where this can render an individual identifiable. NHS Improvement does not process information identifying individuals including at the time of recording the incident online. Your data will be accessed by NHS Improvement staff whilst they support and maintain the PSIMS, manage data submissions and oversee data sharing activities on behalf of NHS Improvement.

Data that you submit via this form may be collated with data from other organisations and used by providers of NHS-funded care for management purposes only.

We may share your data direct with organisations such as the Care Quality Commission, NHS Digital, other arm’s length bodies (ALBs) of the Department of Health, private bodies and higher education institutions (HEIs) to facilitate the delivery of works that fall within those purposes aforementioned. Disclosure of data to third parties will always be accompanied by an appropriate data sharing arrangement.

Every six months we publish official statistics on patient safety incidents recorded on the National Reporting and Learning System (NRLS) – see Data on patient safety incidents reported to the NRLS.

We want to help all users of NRLS data to understand and use it appropriately. This is important not only for accurate interpretation, but to ensure we continue to encourage improvements in identifying and sharing information about patient safety incidents. If you use NRLS data, then you should follow our data principles (opens as PDF).

Data are not to be used to make public statements or pronouncements, or cause, or allow the data to appear in public either directly or indirectly, without the permission of NHS Improvement and appropriate attribution. Your data is protected from unauthorised access using several best practice security controls and access is limited to relevant individuals who will have completed NHS Improvement, or other Government agency information governance training.

Should NHS Improvement intend to make any change to any of the above uses, we will endeavour to contact all users, in particular where your rights as data owners are likely to be affected.

Warranties and liability

  • NHS Improvement excludes all liability arising from use of PSIMS, including any loss of profits, revenue, opportunity, contracts, turnover, anticipated savings, goodwill, reputation, business opportunity or loss to or corruption of data (regardless of whether any of these losses or damages are direct, indirect of consequential).
  • The user warrants that it will not use PSIMS or any information contained in it for any purpose that is in contravention of any applicable law or regulation or in a manner that will infringe the copyright, trademarks, service marks or other intellectual property rights of third parties or violate the privacy, publicity or other personal rights of others in any defamatory, obscene, threatening, abusive or hateful manner.
  • The user shall indemnify and hold harmless NHS Improvement, its employees and agents, against all claims, liability, losses, damages and expenses including, without limitation, legal fees and costs arising out of or incurred as a result of any claims made, or limitation brought, against NHS Improvement, its employees or agents, as a result of the user’s use of PSIMS or any information contained in it, for any purpose whatsoever.

Intellectual Property Rights (IPR)

Except where specified otherwise on PSIMS or agreed in writing with NHS Improvement, you acknowledge that all IPR in PSIMS and its contents throughout the world belong to NHS Improvement, and that you have no IPR in, or to, PSIMS and its contents other than the right to use PSIMS in accordance with these terms and conditions.

Viruses

Every attempt has been made to ensure PSIMS is of high quality and free from malicious code, but NHS Improvement does not guarantee that PSIMS will be free from viruses. You should use your own virus protection

Access to PSIMS

NHS Improvement does not guarantee that PSIMS, or any content on it, will always be available or be uninterrupted. NHS Improvement may suspend or withdraw or restrict the availability of all or any part of PSIMS without notice for any reason at any time.

Governing law and jurisdictions

The terms and conditions of use of PSIMS shall be governed by the law of England and Wales and shall be subject to the non-exclusive jurisdiction of the courts of England and Wales.

Privacy Policy

This policy (together with our terms of use above) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Controller

For the purposes of the General Data Protection Regulation (GDPR), the joint data controller is the NHS Trust Development Authority and Monitor, known collectively as NHS Improvement.

NHS Improvement is made up of the legal entities Monitor and the NHS Trust Development Authority, the contact details for which can be found here. This privacy policy is issued on behalf of both Monitor and the NHS Trust Development Authority so when we mention NHS Improvement, “we”, “us” or “our” in this privacy notice, we are referring to the relevant legal entity in NHS Improvement responsible for processing your data.

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, please contact the DPO on england.dpo@nhs.net.

We collect certain information or data about you when you agree to the terms of use of PSIMS.

This includes:

  • Identity and contact data you provide when you register to use PSIMS, including your name, role, organisation and email address.
  • Identifiable PSIMS usage data that is automatically collected by PSIMS database when you visit, such as pages visited and documents opened, how often you use PSIMS and when.
  • Identifiable feedback or queries data that you may voluntarily provide as part of UserVoice (which is the question mark functionality at the bottom right hand side of PSIMS).
  • Technical information, including your Internet Protocol (IP) address, session ID, timestamp and details of which version of web browser you are using.
  • Anonymous information on how you use PSIMS, using cookies (data where your identity has been removed). PSIMS uses cookies to distinguish you from other users of PSIMS.

For detailed information on the cookies we use and the purposes for which we use them, see our Cookies Policy at https://improvement.nhs.uk/cookies/

The legal bases for processing of your personal data

  • The processing of identity and contact categories of personal data noted above is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in either Monitor or the NHS Trust Development Authority.
  • The processing of identity and contact data and identifiable PSIMS usage data noted above is undertaken on the basis of NHS Improvement’s legitimate interests necessary for providing access to PSIMS (the service) and sharing usage data with nominated PSIMS trust super admin user(s).
  • The processing of identity and contact data is undertaken on the basis of NHS Improvement’s legitimate interests necessary for providing users with newsletters, notifications and invitations related to PSIMS.
  • The processing of identifiable feedback or queries data is undertaken on the basis of your voluntary consent to send us these.
  • The processing and further individual level analysis of how you use PSIMS is undertaken on the basis of your explicit consent captured separately as part of your PSIMS data use preferences.

Purposes of processing your personal data

  1. 1. Necessary requirements to provide PSIMS (service) to you. All data categories will be used:
    • for the administration of a user account, audit and as part of our efforts to keep PSIMS safe and secure;
    • to monitor and improve usage of PSIMS at an NHS Improvement and local trust level;
    • to administer PSIMS for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
    • to improve the performance, design and usefulness of PSIMS.
  2. 2. Sending newsletters, notifications and invitations to you. Identity and contact data will be used:
    • to make suggestions and recommendations to you and other users about the information available on PSIMS and how it may be beneficial to you or them (e.g. as part of a weekly OIR newsletter);
    • invite you to participate in completing surveys or other user research;
    • to measure or understand the effectiveness of our communications and support to you and other users of PSIMS about the information available that may be beneficial to you or them;
    • to notify you if your OIR account has not been accessed for an extended period of time and any intention of NHS Improvement to de-activate the account within a specified timeframe.

    You will receive the above newsletters, notifications and invitations but can object at any time by contacting us on NHSI.modelhospital@nhs.net

  3. 3. To respond to your feedback or queries.
    • Identity and contact data linked with your voluntary feedback or query data will be used to respond to you and inform PSIMS improvements and future developments.
  4. 4. To support targeted user engagement and/or inform PSIMS developments and future improvements.
    • Further analysis of identity and contact data linked with identifiable PSIMS usage data will be used for targeted engagement activities and/or to inform PSIMS developments and improvements, but only with your consent.
    • Following acceptance of this privacy policy you will be presented with consent options for any additional processing of your personal data by the NHS Improvement team that manage PSIMS. You do not have to consent to this additional processing of your personal data and can still use PSIMS in the usual way.
    • Anonymous user information will be used to inform PSIMS developments and future improvements.

Where we store your personal data

We store your data on secure servers within the European Economic Area (EEA) and/or other locations that meet the safeguards as set out under Data Protection requirements. We do not intend to transfer any personal data outside the EEA.

  • Data provided by you as part of registration using Okta (identify management service) is held securely under contract with Okta within the cloud. Okta is used to manage access to NHS Improvement’s business tools and products.
  • Personal data provided by you which is included within PSIMS usage reports is held securely within NHS Improvement’s secure network available to the internal PSIMS team and nominated trust super admin user(s).
  • Data automatically collected by PSIMS database is stored securely under contract within the Microsoft Azure Cloud.

The transmission of information via the internet is not completely secure. We cannot guarantee the security of your data transmitted to our site. Any transmission is at your own risk. We have procedures and security features in place to try and keep your data secure once we receive it.

Further disclosure of your information to other third parties

We may disclose your personal information to third parties:

  • if we have a legal obligation to do so; or
  • if we have to enforce or apply our terms of use.

This includes exchanging information with other organisations for legal reasons.

We won’t share your information with any other organisations for marketing, market research or commercial purposes, and we won’t pass on your personal identifiable data to other websites.

How long will we use your personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or PSIMS audit and monitoring requirements. For PSIMS we will retain data for 12 months at which point we will check logs of users and delete dormant accounts and user details.

Keeping accurate and up to date information

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes (for example your email address) during your relationship with us or if you leave or move to another organisation.

Your rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data.

  • the right to be informed- please note the information provided in this privacy policy sets out the collection, processing and purposes in which we use personal data;
  • the right of access to personal data held about you and check that we are lawfully processing it;
  • the right to rectification- in regards to any personal data you consider we hold but is factually inaccurate;
  • the right to request erasure or deletion of personal data we hold about you;
  • the right to restrict how we are processing and or using your personal data;
  • the right to object to how we are processing your personal data or making contact with you;
  • rights in relation to automated decision making and profiling- we do not make use of automated decision making in relation to personal data and therefore any right to data portability does not apply to the personal data we collect.

However we may profile our user database to send targeted emails or engagement and this processing is included as part of the consent options which follows this privacy policy.

  • the right to withdraw consent at any time- where we are processing your personal data under consent you can change your mind and withdraw your consent at any time by editing your consent preferences within PSIMS.
  • You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues https://ico.org.uk. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance by emailing nhsi.ig@nhs.net.

If you would like to exercise or find out more about your rights please contact nhsi.data@nhs.net.

Changes to our privacy policy

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email or as part of a request to re-accept the terms of use and privacy policy. Please check the policy frequently to see any updates or changes to our privacy policy.

©NHS Trust Development Authority operating as NHS Improvement, 2018. All Rights Reserved. Not to be reproduced in whole or in part without the permission of the copyright owner. For the avoidance of doubt, NHS Trusts, NHS Foundation Trusts, Clinical Commissioning Groups; the NHS Commissioning Board; and the following organisations that provide services to the NHS: independent providers of NHS-funded care, private hospitals, care homes and hospices in England; shall be entitled to use PSIMS free-of-charge, for the purpose of improving patient safety. All other parties must seek written permission from NHS Trust Development Authority operating as NHS Improvement before reproducing PSIMS”.

For further advice or information please email nhsi.dpsimspilotqueries@nhs.net