Getting people on board
Getting people on board is a key element of successful standards adoption and the culture change required to make it happen. It is also arguably one of the hardest elements of any transformation initiative.
To engage people, you need to understand them and their motivations. You also need to understand who you need and why, and how important their positive involvement will be to your success. This section sets out a narrative that describes the case for standardising the recording of information about a person with diabetes so it can be shared with all those involved in their care, what difference it will make to professionals and people with diabetes and what each stakeholder group needs to do to make the changes happen.
It will help you map the various stakeholders and assess their readiness to adopt the Diabetes Record Information Standard as well as anticipate FAQs and other needs they may have before committing to undertake the changes we describe here.
The case for change
People with diabetes are in contact with many different health and care professionals over their lifetime – they expect health and care professionals to work together to support them to self-manage their diabetes so that they can have the best quality of life. The Diabetes Record Information Standard supports the standardised recording and sharing of an agreed set of information to enable professionals to provide the best support and advice to a person with diabetes.
The implementation of the standard across organisations that manage and care for the same individual will improve the experience of those with diabetes. It will also improve the information available to all health and care professionals to support decision making at the point of care.


Recording and sharing self-managed data
People with diabetes are increasingly using medtech (such as Continuous Glucose Monitors) and lifestyle apps to record and share information that they use in the self-management of their diabetes, other digital tools such as the NHS App or Person Held Records (PHR’s) will also increasingly be used by people to view and record information.
If this information is recorded in a standardised way it can then be shared between different care record systems meaning that, with the consent of the person, it can be shared with the professionals involved in their care to enable better advice and support to be provided.
The problem
Diabetes management requires information from many different sources across the health and care system and currently it is not all being effectively shared. This includes sharing of the latest HbA1c test results, real-time data sharing of blood glucose monitoring or insulin delivery, eye screening results and preventative footcare information.
This can lead to people being asked to return for unnecessary repeat blood tests, increased time spent by professionals collating information from multiple sources and an increased risk of providing advice based on inaccurate or incomplete information about a person leading to poorer decisions and on occasions to incorrect diagnoses especially for patients with complex multi-system disorders.
In this short film, we hear from a GP, diabetes consultant and a person living with type 2 diabetes about the current challenges of sharing information across multiple services.
Although digital and technological innovations are delivering tools and devices to help people better self-manage their diabetes and the number of people offered them is growing, it can be hard for people to understand and act on the data and they may need help with this.
For professionals to provide advice and support to them, they need to have access to the information, and currently it can be difficult to view the information in one place.
“Having information accessible in one place means we don't need to waste time trying to pull together all the sources. It also reduces the risk of not having access to important information that could modify the care pathway and can enable efficiencies in targeting healthcare and in preventing untoward admissions and attendances, improving patient QOL and reduced costs.”
Endocrinologist, survey response

Standardising the information that should be in a person’s care record so that there is a single source of truth would resolve these problems.
The solution
Standardising the information recorded in a person’s care record about their diabetes is the first step in resolving these problems. Standardised information means that it will be easier to share and interpret.
In the film below we hear how diabetes care will benefit from a standardised, digital system where all those involved in a person’s care, including the person themselves, can access and contribute up-to-date information.
Care record systems and medtech device suppliers should ensure their systems are ready for sharing this information by making sure that the information captured can be structured and coded in conformance with the standard for sharing with other systems. This is the first stage.
NHS England is now considering what technical messaging standards need to be available to support standardised sharing of the information. Once these standards are available, care record systems and medtech devices will be expected to share information in conformance with the standards.
Desired outcomes:
Access to information about the latest tests, carried out in any setting so the person is not asked to attend for unnecessary repeat tests.
Access to the latest diabetic eye screening results.
A call to action
Implementation of the standard needs to be delivered as part of a wider change programme. Implementing standards is often viewed as a technical fix but in reality, it is part of a wider service change programme to improve the experience of the individual receiving care and those professionals providing care.
If this change programme is going to be successful everyone involved must understand the purpose of the change and what a successful conclusion might lead to. This works best when the change is framed in the form of a compelling narrative, that connects with people emotionally as well as intellectually. Local health and care systems need to assess the best approach to delivering this change and identify what will motivate clinicians to deliver the change and the benefits to be realised.
The section below ‘Creating a stakeholder map’ outlines in more detail who needs to be involved and how to get them onboard with the change programme.
Resources to support the narrative
The approach PRSB has taken is in line with the national policies of the UK devolved nations, see below for the national strategies.
Briefing your staff
It is critical that your stakeholders are actively involved from the start and have the chance to influence and contribute to the task of implementing the standard.
These slides provide an outline to help you brief staff on the project, the rationale for doing it and how they will be involved. You can adapt them to reflect the specifics of your local situation.
Creating a stakeholder map
When starting your implementation project, you will need to identify all the stakeholders that need to be involved in your project. The most useful thing we know from developing the standard is who your key stakeholders are most likely to be and what they are most likely to be concerned about.
The list below identifies the main stakeholders that should be involved when delivering diabetes change projects.
- The health and care system clinical leads, including the organisation’s Chief Clinical information Officer (CCIO), Chief Digital and Information Officer (CDIO)
- The governance teams that support the implementation of new systems, Clinical Safety, and sharing of personal data (Information Governance (IG)
- Those that support programme and project delivery and deliver the required change management programme, the Programme Management Office (PMO)
- Most regions will have a diabetes clinical network. This group is used to support the diabetes standard implementation to reduce the burden of additional meetings on very busy clinical staff.
Here is an example list of key stakeholders you may want to include based on our research:
We would also suggest using the RACI model – which identifies who needs to be responsible, accountable, consulted and informed.

Creating a commitment chart
Once your stakeholder list is complete, filling out a commitment chart can be a useful way to compare current levels of commitment to minimum levels needed from key players for effective implementation. Here is an example of a commitment chart that you might use.
You can follow the steps below to determine areas of support and resistance to the project:
- Identify the essential individuals or groups for the project’s success and list them as “key players” on the chart.
- Review the commitment rating system.
- Rate the minimum commitment needed from each key player by placing an “O” in the corresponding box.
- Evaluate the current commitment level by placing an “X” in the box that represents their current level.
- Discuss strategies like personal contact, emails, or recommended readings to achieve the minimum commitment level needed for the exercise.
You can then develop a strategy to move everyone to the desired state of commitment. Below is an example of barriers for specific groups and what could be done to engage these stakeholders and get them on board.
Write your business case
To assist with your implementation, you can download and personalise this example proforma business case which includes hints and tips on the benefits and gains which you can expect.
Each organisation will need to tailor to their own unique circumstances.
FAQs
Where an NHS care provider gives a medical device to an individual as part of their treatment and care then that NHS care provider should be the sole data controller of any data that is collected by the device – ensuring that the data is managed in accordance with NHS IG and records management advice.
The NHS care provider must also be the data controller of, and therefore be able to view or extract, data from any secure data store provided by the device manufacturer, and can rely on implied patient consent to access the data for individual care purposes. If the NHS routine care provider wishes to use data from the device for purposes other than direct care (e.g. research) they must ensure there is a legal basis for doing so (e.g. explicit patient consent, approval under s251 of the NHS Act 2006, a statutory requirement, etc).
The device manufacturer can only process personal data collected by the device under instructions from the NHS care provider.
Either the clinician will download the data from the device or secure data store and record it in the patient record, for the purposes of direct care and, where appropriate and lawful, to inform a range of secondary purposes including planning of services and audit (including the National Diabetes Audit); or the data will be extracted into in a third-party IT system commissioned by the NHS (Integrated Care Board or care provider) which is under the controllership of the NHS, and will be used for the purposes set out above. The third-party will only be able to process data under the instruction of the commissioning NHS body.
If the NHS care provider cannot access or extract the data from the device manufacturer’s secure data store, and relies on the patient to provide the readings, then the patient can choose whether or not to provide the data. It is then up to the NHS care provider whether or not it wants to provide equipment on that basis.
Where individuals have purchased their own device, they will be subject to the terms and conditions of the device manufacturer (including any apps that accompany the device). In these circumstances, if an NHS care provider needs access to data collected on the individual’s device, they will require the explicit consent of the individual and their access will be constrained by the capability of the device and/or any accompanying app.
While the individual can determine who will have access to confidential patient information collected on their device, the device manufacturer will be the data controller of any data processed through an accompanying app and is not required to design the app to support the needs of NHS care providers.
If the NHS care provider, with the patient’s consent, can extract data from the device manufacturer’s secure data store or record data from the device with the consent of the patient, the NHS care provider would become the data controller of any data extracted and recorded in the patient’s record.
If data is not extracted from a device manufacturer’s secure data store and automatically recorded in a patient record, where the clinician has viewed data collected by the device and makes a treatment decision based on that data, it is their responsibility to record the data and the decision in the patient record.
Failure to record patient information that the clinician has relied upon to make treatment and care decisions from the device in the patient’s NHS record will leave the clinician vulnerable should their care decisions be the subject of challenge or complaint and access to the device manufacturer’s secure data store is no longer available (e.g. the manufacturer goes out of business).
If a clinician asks an individual to use an IT system (App or web portal) to input confidential patient information that is necessary to provide or monitor ongoing treatment and care, then the NHS care provider organisation should ensure that the NHS has control of the personal data held on the IT system, and that the system provider processes data only under the direction of the NHS commissioner.
In other circumstances, where a clinician signposts an individual towards a third-party app and suggests it might give the individual the ability to track their own progress (and at the same time allow the NHS care provider to view any information that is captured) – the clinician should be clear that: (i) the third-party will have access to personal information; and (ii) the third-party app supplier might be able to use that data for its own purposes – including sharing/selling it to other third-parties. So, the individual should read the Terms and Conditions of the app very carefully before using it.
The NHS care provider can rely upon implied consent to share data with members of the person’s healthcare team for the purposes of providing care and treatment to them.
The person with diabetes should be made aware, when they sign up to share data from their device with the NHS care provider, that it may form part of their electronic health record and may be seen by the members of the healthcare team that have a legitimate reason to access it.
The individual has the right to object to their data being shared into their local shared electronic record for access by their healthcare team but should be made aware that not sharing their data may make communication between their healthcare team more difficult and may impact the level of care they receive.
The individual can opt out of the use of their data for research or planning purposes through the national data opt-out scheme.
If the patient objects to a particular member of their healthcare team having access to the information, the NHS care provider will need to decide whether it can continue to provide care to the patient (e.g. can the practitioner who is being denied access to data safely provide care and treatment without the data, is the person with diabetes willing to accept the risks that may arise should the practitioner be denied access to the data, or are the risks such that the practitioner is unwilling to provide treatment and care?).
These are issues that the NHS care provider will need to discuss with the person with diabetes before a decision is taken.
Where the person with diabetes moves out of area and have registered with a new GP, they would generally be referred to the local specialist centre by the new GP.
Device data is shared by the person with diabetes. So, once they have been referred to the new specialist centre, they are able to remove access for the previous specialist centre and give the new specialist centre access at any time.
If the confidential patient information, which identifies the individual, is also to be used for a secondary purpose (e.g. research, service-planning, etc.) then generally the individual’s explicit consent will be required or there will need to be an alternative legal basis (e.g. s251 approval, overriding public interest).
Aggregated or anonymised data can generally be used for secondary purposes without explicit consent.
A clinician will generally only review the data during a consultation, so if a patient has any concerns about unusual readings or what they consider significant changes in their health status, they should contact their clinician and ask them to look at the data. The NHS care provider should put this in writing when they provide the device to the person with diabetes.
Example wording used by a diabetes specialist centre: We will only look at the data in advance of a clinic or if you contact us to do so because you are concerned.
PRSB Standards Explained
Why we need standards to record our health and care information in a consistent way so that it can be made available whenever it is needed.
Making change happen
Transformation programmes need clear goals, the right leadership and engaged staff and stakeholders. Get started by reading our information on transformational change.
PRSB Support Available
If you have a question for PRSB, please contact our support team. We have an expert team who can help you find the answer, or direct you to the right place.