In order to start using the CMC service, you need to follow the steps outlined below:
Your organisation (e.g. practice, acute Trust) must have an Information Sharing Agreement (ISA) in place to cover its relationships with CMC and with CMC’s other participating organisations. The ISA is accompanied by a signature sheet which should be signed/confirmed and returned by the Caldicott Guardian for your organisation.
If a user is to be enrolled in CMC, his/her line manager will need to complete, sign/confirm and return the User Access Form. This can be used to enrol multiple users. All users included on this form will be required to confirm agreement to CMC’s Acceptable Use Policy. This will be presented on-screen when the user first logs in and yearly thereafter. By agreeing to this Acceptable Use Policy the user is indicating that they have the knowledge necessary to use CMC safely and appropriately to their role.
For information, prior to encountering the Acceptable Use Policy on-screen, it is available to read here. Some wishing to use CMC may determine that they do not require training to use CMC because of their clinical experience and general abilities to navigate intuitive systems. Waiving of training is an option in this case and can be achieved by completing and returning the Waiver of Training form.
We would also emphasise our advice that when people fax clinical/patient information for others to create a CMC care plan there is a significant risk of inaccurate data entry, for example because of poor handwriting legibility or human error. Our CMC Acceptable Use Policy requires us to adhere to local and national information governance standards and Caldicott principles. These specify how and when faxes can be used, but as a service that’s digitally enabled, we strongly discourage faxing as a means of transferring information between teams or organisations. Remember that responsibility for not following appropriate standards and for any resulting outcomes lies with you and your organisation. With any queries feel free to contact our Clinical Quality Manager Gerard Bowden on firstname.lastname@example.org.
All completed forms should be returned to email@example.com or sent through via fax on 0207 811 8132.
Other CMC Information Governance Documents
CMC’s IG Pathway Overview document summarises CMC IG requirements for organisations and users, and describes their implications for patients:
- IG Pathway document Download
An up to date CMC Participating Organisation List may be obtained on request to firstname.lastname@example.org.
The current CMC Patient Information Leaflet, which serves as CMC’s Fair Use Notice, can be found here:
- CMC Patient Information Leaflet Download
Information Security aspects of CMC are covered in the CMC System Level Security Policy:
- System Level Security Policy Download
CMC’s latest Privacy Impact Assessment and Data Protection Act checklist can be found here:
- Privacy Impact Assessment Download
Any organisation wishing to use CMC on mobile devices must formally agree to the CMC Mobile Device Operational and Support Policy:
If your organisation does not have suitable current HSCIC IG Toolkit coverage, you may be interested in our self-assessed CMC-specific IG Toolkit. More details are available via email@example.com.