myGP – Verifying patient ID with remote vouching
This article describes how to provide NHS Online Credentials, for use in the myGP app, by verifying a patient’s identity with remote vouching.
Why use Remote Vouching?
It is important during the current climate to minimise the number of patients being treated physically in GP surgeries. It is also vital to optimise the workload of NHS front-line staff, permitting patients to self-serve where possible.
Providing access to online services permits patients to offload demand on NHS frontline staff through the placing of prescription requests, booking appointments, and viewing medical record information. It also provides the means for patients to be treated remotely through features like those included in myGP; like video consultations and remote patient monitoring.
Remote vouching will permit this without patients needing to visit the surgery to verify their identity.
What features can remote vouching be used for?
The following features can be made available with remote vouching:
- Appointment booking
- Prescription ordering
Please note: medical record access should not be provided when using remote vouching.
What does this process look like?
When verifying a patient’s identity using remote vouching the overall process will look something like this:
- Patient requests NHS online credentials
- Patient is asked a number of validation questions
- Patient identity verified following validation
- Patient asked for email address
- Patient email address is confirmed to patient
- NHS Online Credentials emailed to patient
It is important that your practice implements a process that works for you. You may also want to confirm this approach with your practice’s Data Protection Officer.
What you can do
When implementing remote vouching for online services, you can do the following:
- Agree in your surgery who can verify identities using remote vouching
- Complete questioning of patients discreetly
- Ask questions based on facts from the medical record
- Include a number of questions that are not based just on demographics
- Confirm the patient’s email address before sending online credentials
- Record the process and decisions taken in the record
What you must not do
When verifying a patient’s identity using remote vouching, it is important that you do not:
Accidently disclose confidential information to the patient before their identity has been verified.
You should never provide information, always ask for the patient to tell you any facts or details that should be present on their demographic and medical records.
This guidance has been developed in line with remote vouching guidance that has been released by NHSX.
Last updated: 11/05/2020