How we collect and use AMD patient data

Why we collect information about your Age-related Macular Degeneration (AMD) treatment and how your information is used

What information is collected for the Age-related Macular Degeneration (AMD) audit?

Information can be submitted to the audit by your clinic if you have had treatment for AMD in the UK. The information used by NOD will have been collected in electronic records as part of your routine care patient record and includes:

Visual acuity (your ability to discern the shapes and details of the things you see)
The change in visual acuity over time (adjusted for other variables which might affect this)
Treatment within 14 days of diagnosis, as recommended in the National Institute for Health and Care Excellence (NICE) AMD clinical guidelines https://www.nice.org.uk/guidance/ng82
The total amount of treatment and how often this was given
Any complications after treatment

NOD AMD Audit is moving to a model where Patient Identifiable Data (PID) is collected with permission under Regulation 5 of the Health Service (Control of Patient Information) Regulations 2002. This will include collection of NHS numbers and date of birth. Patients will not be identified in publications however collection of this data will allow NOD AMD Audit to evaluate the quality of care for patients transferred between providers within the NHS year.

Legal basis for processing your data

The audit is covered under GDPR by the following legal bases for processing your data: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller {Article 6 (1) (e)} processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy. {Article 9 (2) (i)}

How is the information used?

Your information is used to monitor the quality of treatment being provided around the UK, how long you wait for treatment and your outcomes. The information the NOD collects is treated as confidential and is always kept securely. None of the reports produced by the NOD contain information that could identify a patient.

Patient Identifiable Data (PID) will allow NOD AMD Audit to evaluate the quality of care for patients transferred between providers within the NHS year.

How will your information be kept safe?

There are strict rules about what happens to your NHS data. The NOD has legal permission to handle individual patient information for the National AMD Audit. Information on individuals is available to a very small number of specially restricted staff on the audit team. They use a secure dedicated computer to analyse the information.

Your personal information will only be used for the audit analysis and will not be shared with any third parties. The College and its subcontractors undertake analysis of the data for the purposes of the audit. However, anonymized and / or aggregated information may be requested by researchers and information will only be released following approval from the data controller. Your individual data will never be released for commercial purposes. The Royal College of Ophthalmologists is the data controller and has overall authority over the data and all aspects of its use.

What if I do not want my information used by the NOD?

Opting out will not affect the care you receive. Collection of your personal details is completely voluntary, and you may opt out at any time. Let your nurse or doctor know of your wishes. They will ensure none of your personal data is extracted for the audit. You can opt out at the time you give consent for your AMD treatment, or at any other time. If you change your mind, you can opt back in.

Alternatively, please email noa.project@rcophth.ac.uk and put "Patient request to opt-out" in the subject line and include your NHS number. We will then contact the hospital to request they do not enter your details into the audit. If you prefer you can also call the NOD team via 0300 030 2020 (Monday to Friday, 9am – 5pm).

Even though the NOD AMD audit has started collecting Patient Identifiable Data (PID), your rights to access, change or remove your information may be more limited, as we need to manage your information in specific ways for research and reports to be reliable and accurate. If your data has not yet been used for analysis, it will be removed from the NOD. If your data has already been used for analysis, we will not be able to remove information about you that we have already obtained and used. To safeguard your rights, we will use the minimum personally identifiable information possible.

Further information

If you have any questions about patient information relevant to the audit, please contact the RCOphth Data Protection Officer, Caroline Wilson at noa.project@rcophth.ac.uk. Telephone: 020 7935 0702 (Monday to Friday, 9am – 5pm) Website: https://www.rcophth.ac.uk/

If you have concerns about the way your information is being handled, you have the right to make a complaint with the ICO (Information Commissioner's Office), the independent authority in the UK responsible for upholding information rights in the public interest via telephone on 0303 123 1113 or their website, https://ico.org.uk/make-a-complaint/.

If you are concerned about your data being used in further clinical research, the NHS data opt-out service is available: https://digital.nhs.uk/services/national-data-opt-out