Data Migration is a mandatory Overarching Standard which applies to all Suppliers. This Standard should be read in conjunction with the Catalogue Solution Migration Process ancillary document which describes the principles, key features, roles and responsibilities and the process applicable to the migration between Catalogue Solutions. The Catalogue Solution Migration process also sets out a number of SLAs with which Suppliers will need to be compliant.
If a Supplier is offering a Solution which does not store any data which would need to be migrated during a Data Migration process, they will need to provide evidence to that effect as part of the Compliance phase of the onboarding process. However it is expected that all Suppliers will have in place and will submit a generic, high level Data Migration Approach to cover the scenario where they are acting both as Source and Target Solution Supplier, and a Documented Data Extract (DDE) to NHS Digital for assessment during the Standards Compliance phase of onboarding. This can then be used and tailored to the specific needs of a Data Migration event when required.
The Data Migration Standard supports the safe and effective migration of data between Catalogue Solutions when a Practice (or other buying organisation such as a CCG, hub, Federation etc.) opts to change from one Catalogue Solution to another. Data Migration refers to the actions performed on multiple records stored in a Catalogue Solution, as opposed to the transfer of individual patient records e.g. via GP2GP, or the separate transfer of part of a patient record. This Standard covers the requirements for when a health and care organisation is moving from one Catalogue Solution to another, whether that be a complete switch of Foundation Solution(s) or of one or more specific Capabilities. In the scenario where one or more of the Solutions involved in the migration activity is not a Solution registered on the Catalogue or on the Framework, then this Standard and process will not apply. This does not however relieve Suppliers who wish to onboard a Catalogue Solution from their obligations to achieve full compliance with this Standard.
Suppliers shall provide a Data Migration Service, to support the safe and effective transfer of all data required to replicate each Patient’s Record in the Target Solution as it was recorded in the Source Solution at the time of migration. This includes the full set of patient records and audit trails, including documents and attached images as well as other clinical and administrative information such as tasks and appointments where applicable to the individual migration event and will be in a human readable format without any undue degradation (i.e. flattening from structured data to plain text) or the need for access to the legacy Solution to be available. A successful and efficient Data Migration involves activities and responsibilities from several parties:
- The Source Solution Supplier
- The Target Solution Supplier
- Service Recipient (i.e. the organisation initiating the switch of Catalogue Solutions and responsible for overseeing the process)
- NHS Digital as the Catalogue Authority and Service Management Agent
As the Catalogue Solution Migration Process and Data Migration activities inevitably involve several parties, it is essential that all parties work together and collaborate to ensure that the process of switching Catalogue Solutions is completed as efficiently and securely as possible to ensure alignment with the SLAs and in particular to ensure that any disruption to the provision of health and care services is minimised to the extent possible. This includes ensuring that the Cut-Over period from when the final data extract is taken to Business Go-Live, where manual and duplicate data entry is likely to be required, is completed within 72 hours and outside core working hours wherever possible.
The need to migrate data from one Solution to another is normally triggered by the decision of a Service Recipient (such as a Practice, CCG, CSU, STP etc.) to use a different Catalogue Solution, whether from the same Supplier or a different one. However the need may also arise as a result of the merging or splitting of one or more Practices or the formation/closure of other health and care organisations providing primary care which involves the replacement or consolidation of existing IT systems.
Data Migration exercises inevitably involve access to, and processing of, significant amounts of sensitive personal information. Therefore all parties taking part in such activities, or providing any degree of service or support to such activities, must be conscious of the risks involved, and of their responsibilities to safeguard the confidentiality of all the data being migrated. All parties involved are required to be compliant with all UK legislation and in particular the following laws, policies, standards and guidelines in respect of Information Governance:
See Information Governance Standard for further information
It is the Service Recipient as Data Controller that has ultimate responsibility for validating and signing-off a Data Migration, however they cannot do this effectively without support from Suppliers. To ensure a consistent understanding of responsibilities, this Standard, along with the associated Ancillary Document and the Processes set out within them, Suppliers should also make reference to Chapter 8c of the General Practice GPG, which provides guidance to organisations undertaking a Data Migration.