Information for the public

Medications can have benefits and risks. Some medications are more risky than others because they can be misused or cause harm. These include opioid medications used to treat pain and benzodiazepines used to treat sleep troubles and anxiety. These medications are called “controlled drugs” and have extra rules around them.

This project looks at how doctors prescribe these medications in Ireland. It will look at how much they are prescribed and how this has changed over time. It will also look at how different policies have affected prescribing and harm from these medications. Finally, it will look at how different regions and doctors prescribe these medicines to see if they are being prescribed too much or too little.

The goal is to find ways to make sure these medications are used safely and minimise the risk of harm. This is important because the World Health Organisation (WHO) have set “Medication Without Harm” as their Third Global Patient Safety Challenge.

Data

We are studying medications prescribed to people who are eligible for the General Medical Services (GMS) or “medical card” scheme in Ireland. This scheme covers around 1.58 million people in Ireland. We are looking at people who were prescribed analgesic or sedative medications between 2014 and 2021.

The Health Service Executive (HSE) Primary Care Reimbursement Service (PCRS) holds data on medications dispensed to people eligible for the GMS/medical card scheme. They have agreed to share this data with our team to do this research. Before sharing this data, the HSE PCRS removes any information that could identify individuals, like their GMS or medical card number. They assign a new number per individual specifically for the purposes of this research. Similarly, they remove the number assigned to GPs who prescribe, and assign a new number. The data contains information on what medications were dispensed, when they were dispensed, and the age group and sex of the patient they were dispensed to. The geographic area of the dispensing pharmacy is also included. No personal details are included, like the names of individuals.

This data will be analysed to produce summary information about the use of analgesic and sedative medications across Ireland. We will compare this information to summary information that is publicly available on prescribing in GP practices in England.

In order for our research team to use this data from the HSE PCRS, specific legal bases (i.e. reasons for using the data) under GDPR Article 6 and Article 9 must be met. For this project the legal bases are:

Under Article 6

(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party

 and

 Under Article 9

(i) processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy.

Although any information that could identify individuals from the data we are using has been removed, pseudonymised (i.e. personal data where identifies are hidden by assigning a new code or number to individuals) and taking all necessary steps to protect it. When using personal data for health research without explicit consent, a consent declaration must be obtained, on the basis that “the public interest of the research significantly outweighs the public interest in requiring the explicit consent of the individual whose data is being processed”. We have obtained this from the Health Research Consent Declaration Committee.

Once we receive the data from the HSE PCRS, it will not be possible for us to identify people whose data is included. However, because we are processing the data for scientific research purposes, some rights of people whose data is included are restricted. This is because exercising these rights would seriously impair the achievement of the scientific purposes of the research. Therefore it is not possible to withdraw data from this study.”

Once we receive data from the HSE PCRS, it should not be possible for us to identify people whose data is included by any direct or indirect means. However, because we are processing the data for scientific research purposes, some rights of people whose data is included are restricted. In particular, based on Section 61, subsection 2 of the Data Protection Act 2018, rights of data subject (i.e. people whose data is included) set out in Articles 15, 16, 18 and 21 of GDPR (which includes the rights to object and restrict processing) are restricted. This is because exercising these rights would seriously impair the achievement of the scientific purposes of the research. Therefore it is not possible to withdraw data from this study.

Data processing

In carrying out this research, we will process data from the HSE PCRS in a number of ways. We will analyse the data to summarise things like the number of times a medication is dispensed and how much, and how many people receive a medication. This will be summarised by local health office area (similar to county), by age group, and by sex, over time. Graphs will be generated based on this data. We will store the data in a restricted, encrypted area using RCSI’s online storage with Microsoft OneDrive. Only core members of the research team will have access to the data, all of whom have competed data protection training. All access to the data will be logged, and the data will be protected by a number of security measures, including two-factor authentication to access it. Once the project is completed in 2024, we will retain the data for five years, to ensure we can answer any questions about the results of the project. At this point, we will destroy the data or fully anonymise it, so there will be no personal data retained.

Find out more