Versions Compared

Version Old Version 4 New Version Current
Changes made by

Tony Hewison (Deactivated)

Michael France

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited table headings
Page Properties

ID

S26

Version

1

2.0.

0

3

Type

Overarching Standard

Status

Effective

Effective Date

Insert excerptDay One Effective DateDay One Effective Datenopaneltrue

Description

Excerpt
hiddentrue

Contracting Vehicle(s)

Table of Contents
minLevel1
maxLevel3
outlinefalse
styledisc
typelist
printabletrue

Introduction

Excerpt

Supports the secure migration of Practice data between Solutions.

Data Migration is a mandatory Overarching Standard which applies to all Suppliers.

This Standard should be read in conjunction with the Catalogue Solution Migration Process ancillary document which describes the principles, key features, roles and responsibilities and the process applicable to the migration between Catalogue Solutions. The Catalogue Solution Migration process also sets out a number of SLAs with which Suppliers will need to be compliant.

If a Supplier is offering a Solution which does not store any data which would need to be migrated during a Data Migration process, they will need to provide evidence to that effect as part of the Compliance phase of the onboarding process. However it is expected that all Suppliers will have in place and will submit a generic, high level Data Migration

Approach and

approach to cover the scenario where they are acting both as Source and Target Solution Supplier, and a Documented Data Extract (DDE) to

NHS Digital for

the Authority for assessment during the Standards Compliance phase of onboarding. This can then be used and tailored to the specific needs of a Data Migration event when required.

The Data Migration Standard supports the safe and effective migration of data between Catalogue Solutions when a Practice (or other buying organisation such as a CCG, hub, Federation etc.) opts to change from one Catalogue Solution to another. Data Migration refers to the actions performed on multiple records stored in a Catalogue Solution, as opposed to the transfer of individual

patient

Patient records e.g. via GP2GP, or the separate transfer of part of a

patient

Patient record. This Standard covers the requirements for when a health and care organisation is moving from one Catalogue Solution to another, whether that be a complete switch of Foundation Solution(s) or of one or more specific Capabilities. In the scenario where one or more of the Solutions involved in the migration activity is not a Solution registered on the

GP IT Futures

Catalogue or on the

Framework

Contracting Vehicle, then this Standard and process will not apply. This does not however relieve Suppliers who wish to onboard a Catalogue Solution from their obligations to achieve full compliance with this Standard.

  

Suppliers shall provide a Data Migration Service, to support the safe and effective transfer of all data required to replicate each Patient’s Record in the Target Solution as it was recorded in the Source Solution at the time of migration. This

includes the

includes the full set of

patient

Patient records and

Audit Trails

audit trails, including documents and attached images as well as other clinical and administrative information such as tasks and

Appointments

appointments where applicable to the individual migration event and will

be in

be in a human readable format without any undue degradation (i.e. flattening from structured data to plain text) or the need for access to the legacy Solution to be available. A successful and efficient Data Migration involves activities and responsibilities from several parties:

  • The Source Solution Supplier

  • The Target Solution Supplier

  • The Practice
  • CCGs, CSUs (as the organisations delivering IT support to Practices) and other buying organisations (STPs, Primary Care Networks, Federations etc.) who may be involved in or be overseeing a Data Migration event
  • NHS Digital

    • Service Recipient (i.e. the organisation initiating the switch of Catalogue Solutions and responsible for overseeing the process)

    • NHS England as the Catalogue Authority and Service Management Agent

    As the Catalogue Solution Migration Process and Data Migration activities inevitably involve several parties, it is essential that all parties work together and collaborate to ensure that the process of switching Catalogue Solutions is completed as efficiently and securely as possible to ensure alignment with the SLAs and in particular to ensure that any disruption to the provision of health and care services is minimised to the extent possible. This includes ensuring that the Cut-Over period from when the final data extract is taken to Business Go-Live, where manual and duplicate data entry is likely to be required, is completed within 72 hours and outside core working hours wherever possible. 

    The need to migrate data from one Solution to another is normally triggered by the decision of a

    Practice or other buying organisation

    Service Recipient (such as a Practice, CCG, CSU, STP etc

    .

    ) to use a different Catalogue Solution, whether from the same Supplier or a different one. However the need may also arise as a result of the merging or splitting of one or more Practices or the formation/closure of other health and care organisations providing primary care which involves the replacement or consolidation of existing IT systems.

    Data Migration exercises inevitably involve access to, and processing of, significant amounts of sensitive personal information. Therefore all parties taking part in such activities, or providing any

    amount

    degree of service or support to such activities, must be conscious of the risks involved, and of their responsibilities to safeguard the confidentiality of all the data

    involved

    being migrated. All parties involved are required to be compliant with all UK legislation and in particular the following laws, policies, standards and guidelines in respect of Information Governance:

    see NHS Digital guidance on See Information Governance Standard
  • Encryption guidance for health and care organisations

    • See Information Governance Standard for further information.

    It is the

    Practice,

    Service Recipient as Data Controller

    ,

    that has ultimate responsibility for validating and signing-off a Data Migration, however

    ,

    they cannot do this effectively without support from Suppliers.

      To

    To ensure a consistent understanding of responsibilities, this Standard, along with the associated Ancillary Document and the Processes set out within them,

    is aligned with

    Requirements

    Requirement

    Suppliers should also make reference to Chapter 8c of the General Practice GPG, which provides guidance to organisations undertaking a Data Migration. 

    Principles

    Please refer to the Catalogue Solution Migration Process Ancillary Document.

    Process

    Please refer to the Catalogue Solution Migration Process Ancillary Document.

    Requirements

    Applicable Contracting Vehicle(s)

    ID

    Requirement

    Text

    Applies to

    Level

    ALL Solution Suppliers

    Target and Source Solution Suppliers

    All

    DMI01

    Provide a Data Migration Approach document which details their approach to a Data

    Migration

    Migration when acting both as Source and Target Solution Supplier.

    Note: This is a high level, generic document to be provided to

    NHS Digital

    the Authority as part of Standards Compliance and then to be tailored according to the needs of each Data Migration undertaken.

    All

    Target and Source

    Status
    colourRed
    titleMUST

    All

    DMI02

    Provide a Documented Data

    Provide a Documented Data Extract (DDE) that allows a Target Solution Supplier to understand and interpret

    the form and structure of

    the form and structure of the extracted data. This will include, but is not limited to:

    1. A description of the physical data included in the extract

    2. A logical model explaining the relationships between the data in the extract, and any physical primary/compound/foreign key information required to be able to understand and process the extract

    3. A mapping between the physical and logical models

    4. Details of units of measure for numeric fields where these are not clearly identified in the extract itself

    Full descriptions

    1. Full descriptions of the meaning of any coded

    values included

    1. values included in the extract

    2. Details of any business rules/logic that the Target Solution Supplier would have to understand to successfully import the extract

    3. Details of any exceptional or specific handling required for the Target Solution Supplier to successfully import the extract, e.g. where handling of certain data has to be treated differently if it was created between certain dates

    4. Rules for any data which the Source Solution derives from the extracted data but which is not included

    5. Any excluded data

    6. Any checks or validations (e.g. integrity checks) which the Target Solution Supplier needs to undertake to ensure the accuracy of the imported data

    7. Any documentation which would be required to support Solution reconstitution

    8. The format of the data extract to be provided

    Note: This is an overarching DDE to be provided to

    NHS Digital

    the Authority as part of Standards Compliance and then tailored according to the specifics of each Data Migration undertaken.

    All

    Target and Source

    Status
    colourRed
    titleMUST

    All

    DMI03

    Provide the Documented Data Extract (DDE) to

    NHS Digital

    the Authority:

    • at the request of

    NHS Digital

    • the Authority (e.g. for Standards Compliance)

  • at least annually
  • at the point of a significant Solution upgrade
    • All

    •  or in the case of significant changes to the DDE

    Target and Source

    Status
    colourRed
    titleMUST

    All

    DMI04

    Support, and/or provide mechanisms to support, the migration and/or re-integration of data which is stored solely in a Solution which is not the Source Solution where such a Solution is in use.

    Target and Source

    Status
    colourRed
    titleMUST

    All

    DMI27

    Perform a migration of data from a source Supplier to target Supplier over the internet.

    • Internet-based transfers must conform to the Cross Function Requirements outlined within the DMS Data Transfer - Cross Functional Requirements Document 

    • If, under the circumstance that a bandwidth of >= 70 Mbps and a latency of <200ms cannot be achieved, then a fall back to physical media transfer can be used

    • If, under the circumstance that physical media is deemed necessary, and the target Supplier is primarily cloud-based, then a Solution supported by the target Supplier’s cloud provider must be used, for example AWS Snow Cone or Azure Data Box

    • If, under the circumstance that both Suppliers are primarily cloud-based, then an internet-based transfer must be used. This is due to the potential number of additional transfers steps when using physical media between two alternative cloud providers

    Target and Source

    Status
    colourRed
    titleMUST

    Source Solution Suppliers only

    All

    DMI05

    Support the

    Practice or organisation for which data is bring migrated

    Service Recipient with improving the data quality in the Source Solution up to the minimum standard agreed by all parties in preparation for the data

    extracts  

    extracts.

    See documents available here for guidance regarding data cleansing and preparation of data for a migration.

    Source

    Status
    colourRed
    titleMUST

    All

    DMI06

    Provide a minimum of two separate data extracts to the

    organisation for which data is being migrated

    Target Solution Supplier and/or the

    Target Solution Supplier, including

    Service Recipient to include:

    • an initial sample

    set

    • data extract

    • a final data extract for data loading

    NB. The provision of additional extracts may be required to facilitate the data transformation and data migration activities as detailed in the Data Migration Process set out in the

    relevant

    Catalogue Solution Migration Process Ancillary Document.

    Source

    Status
    colourRed
    titleMUST

    All

    DMI07

    All data extracts will:

    • be in an encrypted electronic format

    • be in conformance with the DDE provided

    • be

    annotated with clear field descriptionsbe

    • provided to the Target Solution Supplier and/or

    organisation for which data is being migrated

    • the Service Recipient as instructed by the

    Practice

    • Service Recipient (as Data Controller)

    • employ cryptographic techniques which

    conform to Encryption guidance for health and care organisationscontain the full set of patient records and audit trails

    • conform to NIST Cryptogrophy Standards

    • contain the full set of Patient Records, including documents and attached images as well as other clinical and administrative information such as tasks and appointments where applicable to the individual migration event

    be in

    • be in a human readable format without any undue degradation (i.e. flattening from structured data to plain text) or the need for access to the legacy Solution to be available

    Source

    Status
    colourRed
    titleMUST

    All

    DMI26

    All data extracts to contain the full set of audit trails where applicable to the individual migration event.

    Source

    Status
    colourYellow
    titleSHOULD

    All

    DMI08

    Provide a document and reports detailing any irregularities regarding the way in which data has been entered into the Source Solution (i.e. variances on the DDE), including reference to any dependencies on other Solutions and Suppliers.

    Source

    Status
    colourRed
    titleMUST

    All

    DMI09

    Provide access to the Source Solution, including data and audit trails in human readable format, and support services for the duration of the agreed Run-Off period as a minimum, according to the terms of the applicable contracts and agreements for that Data Migration and/or at the request of the

    responsible organisation

    Service Recipient.

    Note: Reference access to the Source Solution may be required for some time after completion of the Data Migration activities

     

    .

    Source

    Status
    colourRed
    titleMUST

    All

    DMI10

    Where a third party Supplier is used during

    data migration

    the Data Migration process, provide an automated mechanism for the third party Supplier to access and extract the data from the Source Solution.

    Source

    Status
    colourYellow
    titleSHOULD

    Target Solution Suppliers only

    All

    DMI11

    Undertake the data transformation and mapping of data from the extracts provided by the Source Solution Supplier to a format which can be loaded into the Target Solution.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI12

    Undertake the data transformation and mapping of data using the latest version of the approved mapping tables published by UK Terminology Centre (UKTC).

    Target

    Status
    colourRed
    titleMUST

    All

    DMI13

    Where mapping cannot be completed using the UKTC mapping tables, provide and describe the mapping tables used during the data transformation activities.

    Target

    Status
    colourYellow
    titleSHOULD

    All

    DMI14

    Provide tables detailing any specific mappings between the Source Solution data and the Target Solution.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI15

    Facilitate as many iterations of the data transformation and mapping as

    is

    required to address all errors, omissions, and irregularities to the satisfaction of the

    organisation responsible for the Data Migration

    Service Recipient.

    Note: If greater than five iterations of the data extract and transformation process are required, this will need to be reported to

    NHS Digital

    the Authority.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI16

    Provide tools to enable the

    responsible organisation

    Service Recipient to undertake the mapping of non-standard, local codes where necessary.

    Target

    Status
    colourYellow
    titleSHOULD

    All

    DMI17

    Provide the

    organisation for which data is being migrated

    Service Recipient with the transformed data and a

    Trial Environment

    trial environment to enable the validation of the integrity, accuracy and completeness of the data.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI18

    Maintain an Issues Log of all issues encountered during the data transformation, including how and when each was resolved.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI19

    Undertake any corrective action necessary to address issues raised regarding the data transformation and document this in the Issues Log.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI20

    Provide comprehensive aggregated reports to enable the

    organisation for which data is being migrated

    Service Recipient to verify the integrity, accuracy and completeness of the transformed data. As a minimum these will include:

    • counts of all coded data items from both Source and Target Solutions

    • comparisons of data in the Source Solution with data in the Target Solution (e.g. number of current Active Patients, active medications, results of routine QOF searches)

    • any variances

    Target

    Status
    colourRed
    titleMUST

    All

    DMI21

    Reports will be available at all times from

    both

    the live and

    Trial Environments

    /or trial Environments (as applicable) from the moment the

    Trial Environment

    corresponding environment is made available.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI22

    Reports to be refreshed every time data is re-loaded.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI23

    Load the transformed data into the Target Solution once approved by the

    organisation responsible for the Data Migration

    Service Recipient.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI24

    Provide

    Ensure staff, facilities, tools, training and support services, including floor-walking staff, are in place to support the

    organisation

    Service Recipient in use of the Target Solution and to ensure that any obligations and responsibilities can continue to be met effectively.

    Target

    Status
    colourRed
    titleMUST

    All

    DMI25

    Support additional training needs and requests post Business Go-Live as requested by the

    responsible organisation

    Service Recipient.

    Target

    Status
    colourYellow
    titleSHOULD

    CapabilitiestitleBGColor#ABC8E2borderStylesolidtitle

    Panel

    Applicable Capabilities

    All

    suppliers Solutions

    Supplier Solutions delivering any Capabilities will need to meet this Standard.

    Roadmap

    PaneltitleBGColor#E1E6FAborderStylesolidtitle

    Items on the Roadmap which impact or relate to this Standard

    Suppliers will not be assessed or assured on these Roadmap Items as part of Onboarding

    Page Properties Report
    firstcolumnRoadmap Item
    headings
    Capability/Standard
    Standards and Capabilities, Status,
    Implementation
    Effective Date, Description, Change Type, Change Route
    pageSize300
    sortByEffective Date
    cqllabel = "S26" and space
    = currentSpace (
    in ( "GPITF" , "DCSDR" , "DCSDCS" )