Introduction‎ > ‎

Legal framework

Patients Know Best (PKB) is a B-corporation social enterprise registered as a company in England. Our registration number with the UK Information Commissioner's Office (ICO) is Z2704931 as part of our compliance as a data processor and data controller. Data arrives in PKB from multiple sources, including customers (whose staff manually enter data and whose IT systems manually transfer data); as well as patients and carers (who manually enter data or authorise data transfer from third-party apps).

PKB customers sign a Data Processor Agreement (DPA) and an Information Sharing Agreement (ISA) with PKB to transfer data into PKB. The DPA states that the customer is the data controller for data transferred into PKB and PKB is the data processor. However each customer's ISA's data processor instructions to PKB are for PKB to act as a medical record (with no deletions).

This is because data from each customer (including lab systems) and user (including patients and carers) are stored together in a single record for each patient. All customers rely on the data to make clinical decisions. Some of the data are not held in any customer's internal records system (e.g. symptoms from a patient or measurements from a home monitoring device). This is also the patient's only copy of their health data.

So the record cannot be deleted even after a data controller ends a contract with PKB. Individual data controller customers can send deletion requests to correct individual data items but as the data processor PKB will not physically delete the data. Instead the data are hidden from users for clinical safety but maintained in storage for legal audit trail.

Sending data to PKB

At scale, customers start data transfer into PKB with a core data set. This typically includes identifiers (e.g. NHS number for England, CHI number for Scotland and BSK number for Netherlands); demographics (e.g. date of birth and address); and diagnoses, medications and allergies, ideally coded (e.g. Snomed CT and ICD 9). Over time clinical governance committees approve release of further details including lab results, clinic letters and pathology reports. (See for documentation for IT departments integration instructions and documentation for pathology departments for clinical governance advice).

No explicit consent is required to transfer these data into PKB. PKB is the data processor for information the customer holds about the patient and the customer is allowed to store the data on PKB as part of the customer's record keeping and clinical safety duties. PKB then tracks explicit consent for sharing the data with other parties including the patient and other health care providers.

Over time, each customer institution can give its patients access to and control over their PKB record. The process happens according to the institution's pace and clinical governance. Not every patient can do this. For instance, children below the age of 16 do not have that capacity (see below). Furthermore control over access does not give the patient rights to delete the record and professionals retain break-the-glass rights for access for the safety of the patient.

Children's accounts

Records about children are treated differently for the safety of each child. The child is not the owner of the records until at least age 16, and there are special features for pediatric teams to handle these records.

Receiving data from PKB

PKB is the data controller for data that patients and carers enter in PKB. Any customer or third party that wants to receive these data must sign PKB's legal documents. This includes clinicians at PKB customer sites who want to log in to see data the patient entered into PKB.