Some recent media coverage regarding TPP’s electronic health record software, SystmOne, contains inaccuracies in its reporting of how patient information is stored and shared with health and social care organisations.

TPP would like to reassure all our users and patients that SystmOne remains highly secure and there has been no known breach of medical data, nor any unauthorised access to our system. The system is supported by the latest technology and security is monitored by a specialist team, 24/7.

 The ICO

The Information Commissioner’s Office (ICO) is the authority set up to uphold information rights of the public and they are the regulator for those who work with NHS data.

The ICO has not launched a formal investigation into SystmOne, or TPP. In August 2016, the ICO contacted TPP regarding some concerns they had about aspects of the processes around use of the sharing model. These concerns centred around compliance with Schedules 1 and 7 of the Data Protection Act. These clauses focus on the ability of SystmOne’s users (GPs) to fully inform their patients about what may happen to their data, controls over who records should be shared to and the consent options that are available to patients.

The ICO issued a statement last week to reassure users of SystmOne that they do not advocate GPs turning off the sharing function within the system, given the negative impact this could have on patient care. Their full statement can be read here.

TPP has been working closely with NHS England, NHS Digital, the ICO and the BMA to mitigate any concerns raised.  In addition, new enhancements have been added to further support both users and patients about sharing medical information.

About SystmOne

SystmOne was designed to ensure that wherever in the country a patient needs to receive care, their medical records would also be available with patient consent. This is the way the NHS has worked for years, via paper, with NHS professionals being able to request patient information from the GP. TPP’s SystmOne software mirrors this process, but with additional electronic controls in place to ensure the records are secure.

The sharing model within the system was assured back in 2012 and TPP was commissioned by the NHS to roll out the functionality to all GPs in England.

All access is monitored and recorded.

TPP’s sharing model is designed to give patients optimum control of their health and care information.  Information can only be accessed by other health and care professionals if consent has been recorded.  Initially, patients should be advised by their GPs or medical practitioners about the way their information is to be shared and given the option to opt out of sharing

Once the GP sets the patient’s consent to ‘share’, only health and social care professionals with the appropriate access controls and relevant security clearance (via the use of NHS smartcards, passwords etc) are able to access that medical record, again with patient consent (where possible).

The system is transparent. Patients are able to view information held about them and who has accessed the system via on the patient facing service SystmOnline, and by asking their GP.

Patients can, at any time, change their preferences and ask for their record not to be shared.

In exceptional circumstances, a health professional may decide to use an ‘access override’. Only a limited number of identified NHS users are able to use the access.  Once activated, the override creates a privacy officer alert at all the affected organisations.

Users of SystmOne software can access resources on our sharing model here and through the system. Users can also view a statement recently posted to CCIO leaders from the SystmOne National User Group (SNUG) chair Dr John Lockley, here. We are also offering a series of webinars to GP surgeries who use SystmOne so that they can ask questions and learn more about the functionality within the system. Information about these are available on SystmOne notice messages.

For further information:

We have put together some FAQs for patients, here. If you have any further questions about how their specific information is shared or where it can be viewed, we would advise you to speak to your GP.

TPP is happy to answer any questions from users, patients or the general public, on this matter by calling 0113 20 500 80 or via email on