Guest Blog

How Smartbox.ai frees up frontline NHS staff by taking the headache away from DSARs

Smartbox.ai is joining HIC at NHS ConfedExpo 2024 as part of its community of innovation stand. Ahead of the event in June, Darren Spence, CRO at Smartbox.ai, explains how their award-winning smart solution for the processing and disclosure of Data Subject Access Requests can reduce NHS wait times, staff burnout, and improve patient care.

 

By Darren Spence, CRO, Smartbox.ai

The NHS is getting complex Data Subject Access Request (DSARs) in their thousands every year, which in turn, tie up frontline medical staff in hours of paperwork, taking them away from their core job of treating patients.

As a result, NHS waiting lists continue to get longer, and frustration levels boil over on all sides. Sifting through thousands of pages of medical notes just to approve one small paragraph causes staff a headache. Smartbox.ai aims to take this away.

The Challenge

On a daily basis, the NHS is getting complex DSARs from two key areas – ex-employees and patients – who are effectively requesting their medical records, perhaps for insurance purposes, further treatment investigations, or for a host of other reasons.

The biggest challenge with these requests is the sheer volume of data it involves – we are talking tens of thousands of documents – predominantly emails, but with reams of attachments. The issue with that is someone has to manually go through all these documents, page by page, to find and identify all of the personal data that needs to be redacted. We have calculated that it takes around 52.5 hours per request.

Not only is this time consuming, but it is mind numbingly dull for the person having to undertake the task.

Also, there is the cost to factor in, each DSAR costs around £1,258. If an organisation is getting 120 of these per year, that equates to 5985 hours at a cost of £143,432. But the NHS is dealing with thousands, is not tens of thousands, of these a year.

Then there is the duplication problem. Anywhere between 40% and 60% of this type of dataset is duplication. It is massively time consuming and also high risk. In reality, we are all human beings and the risk of somebody missing something, and disclosing something they shouldn’t is quite high.

High Stakes

There are three additional challenges when dealing with patient DSARs. Firstly, you have to differentiate between third-party names and those of doctors and clinicians. Why? Because all third-party names need to be redacted. So how does someone do that quickly and efficiently? Answer: they can’t.

Secondly, how do you identify if there is medical record contamination? There is a very real chance that some medical records have been mixed up. Perhaps a couple of pages of a child’s medical record have accidentally been included in a different person’s records. As all records were paper before digitisation, it was easy for something to be put in a folder that shouldn’t have been there, perhaps if someone was in a rush, or had a lot of paperwork to finish. And when these files were digitised, nobody was analysing them to check everything was in the right folder, but just scanning the pages. How easy is it to identify that contamination? Answer: it isn’t.

This is a significant issue for the NHS because they could receive an £85,000 fine if third-party medical records are disclosed. I would say that every NHS Trust, certainly every board that we speak to, has a problem with medical record contamination.

Thirdly, and this is a serious issue, particularly when dealing with mental health and childcare services, how can someone identify if there is something within this dataset that can potentially cause harm? For example, people who have been in an abusive relationship, people who have had drug problems, sexual abuse, plus much more. How can you quickly and accurately identify those risk indicators within that dataset? Answer: you can’t.

How Smartbox.ai can help

  1. The first thing Smartbox.ai will do is automatically convert all of the files into a PDF, eliminating the need for it to be done manually. We process around 10,000 pages per hour, far quicker than any human being could ever manage. Our technology will then automatically find and highlight all of the personal data, as well as duplicates, held within a particular dataset. But to address the three specific NHS challenges highlighted above, we have developed additional tools.For example, we use what we call regular expressions – a sequence of letters, numbers and hyphens – and when used in relation to medical record numbers for example, we can identify how many of these numbers are in a particular dataset. If it highlights more than one, then you know instantly there is a problem. Smartbox.ai can navigate to exactly where that record is and delete the unwanted data. Of course, this is not fixing the problem at source – there needs to be a process in the background to do that – but we are making sure that the NHS is not disclosing somebody else’s medical records.
  2. We also use dictionaries – both to address the issue of third-party/doctor identification and also for risk indicators. When addressing third-party identification, we work with an NHS board and ask for a list of all doctors and clinicians. Smartbox.ai can then list all names mentioned in a dataset, redact them all, but untick any relevant doctor/clinician names. Using our Bulk Redaction technology, we can remove all third-party data and leave the doctors/clinicians’ names in place.
  3. Thirdly, we have risk indicators. We have a dictionary of words relating to abuse, sexual assault, and other really sensitive information. We can then specify that Smartbox.ai shows all the risk indicators held within a specific dataset, allowing the user to navigate through to the page that the risk indicator is on and make a judgement call on whether a sentence or paragraph needs to be redacted.Using these indicators, Smartbox.ai can quickly highlight any information that can harm people, where it is, what page it is on, eliminating the need for somebody to have to trawl through page by page looking for all the above: duplication, third-party names, personal data, risk indicators; we have it all covered.We cannot eliminate totally the need for human interaction and nor do we need to, but we can make life a lot easier for people in high-pressured medical roles.  Clinicians will still need to check documents of course, but whereas in the past they would have had to read an entire, lengthy document, Smartbox.ai uses its complex tagging system to highlight the areas they need to check, simplifying the process, and allowing them to go back to the job they trained to do.

The savings are real

Remember the costs outlined at the beginning? With Smartbox.ai we are looking at just over £17 per case, and the thousands of hours of time this can free up. How much more will an NHS Trust be able to achieve with those people freed up? Most importantly, this will give doctors more time to actually treat patients.

We are seeing real results with the NHS. For example, one customer came to us with 36,000 files. This was reduced to 18,000 files by culling unnecessary information and then we further reduced that manually to just 374 relevant files using tagging, sorting and Smartview technology.

We also recently worked with a high-security psychiatric hospital. It gets a relatively low volume of DSARs, 20-30 per month, but each one is between 1,000 and 5,000 pages. By working with Smartbox.ai, the hospital has reduced the effort and time it takes to respond to DSAR requests by 70%, increased the accuracy of responses, and reduced risk.

We have helped free up valuable NHS resources and solved a headache for staff in an already stretched-to-capacity and vital public service.

Find out more about Smartbox.ai technology: https://smartbox.ai/healthcare and find them at the Healthcare Innovation Consortium stand at NHS Confed Expo on 12-13 June 2024