Consent
To enhance our consent process and ensure compliance with national standards for obtaining patient consent, as well as to support patient decision-making regarding their treatment, several departments at Wirral University Teaching Hospital are implementing a new digital consent application developed by Concentric Health.
The expected benefits of this implementation include:
- Fewer errors on consent forms and better documentation of the consent process.
- The ability to provide consent remotely, allowing patients to give their consent even without an in-person appointment.
- Improved patient experience and understanding of their treatment decisions.
- More efficient use of doctors' time, allowing them to focus more on clinical duties.
- Reduced risk of performing incorrect operations.
- Decreased likelihood of surgery cancellations and delays on the day of the procedure.
- Reduced paper usage, contributing to the Trust’s goal of achieving Net Zero (carbon neutral) by 2030.
About Concentric Health
Concentric Health is a UK-based company headquartered in Cardiff, Wales.
Concentric Health Ltd.
- Registration number: 10733991
- Address: Tramshed Tech, Pendyris Street, Cardiff, CF11 6BH
For more information, visit the Concentric website.
How the Process Works
A doctor or another qualified healthcare professional enters data into the Concentric digital consent application to share information with patients about proposed treatments or procedures. The consent information is tailored to each patient’s needs and can be shared immediately or sent via email or SMS for later review.
After reviewing the provided information, patients can document their consent to the proposed treatment or request additional information from their healthcare professional.
Contact from Concentric
You may receive genuine communication from your clinician through Concentric, either via an email from notifications@concentric.health or as an SMS from a mobile contact named ‘Concentric’.
Data Storage
Concentric Health uses Google Cloud Platform (GCP) for hosting and data processing, within a UK data centre. GCP complies with all healthcare information governance requirements.
Upon completion of the consent episode, a PDF version of the consent form is automatically transferred into the Trust’s electronic patient record systems.
Data Protection
All data is protected with industry-standard access controls and encryption. The Trust manages clinician access, and password strength rules are enforced. Patients verify their identity through a unique link and their date of birth.
All data is stored using advanced encryption methods and transferred securely.
Data Collection and Processing
GDPR defines various types of data. Concentric processes ‘Personal data,’ which can directly identify someone, and ‘Special category data,’ which is sensitive and requires more protection.
Personal data processed includes:
- Title, given name, family name, date of birth, gender, patient identification number (e.g., NHS number), mobile phone number, and email address. This data is crucial for clinical safety and must be displayed during clinical interactions. Sharing consent information with patients is best practice, hence the storage of email addresses and mobile phone numbers.
Special category data processed includes:
- Treatment name, treatment indication and purpose, discussed alternatives and risks, and names and job titles of involved clinicians. This information is documented on the consent form.
Under GDPR, personal data can only be processed with a lawful basis. In this case, Wirral University Teaching Hospital is the data controller, and Concentric Health is the data processor. The legal basis for processing is ‘direct care,’ necessary for receiving and recording procedural consent.
Data Usage
The data will solely be used by Wirral University Teaching Hospital to manage the consent process as part of your treatment. It will not be used for other purposes, such as research or population health management, unless we obtain your explicit permission.