07 Mar 2017
We take our role and responsibilities to protect both staff and clients private and sensitive information seriously. All our staff are trained on confidentiality in their induction, our management team discuss good practice in our bi-monthly team meetings, staff appraisals and we continually raise the profile in our general office with our internal team. We think it would be a timely reminder to show the good practice principles relating to Confidentiality.
The sharing of information in health and social care is guided by the Caldicott principles. These principles are reflected in the Data Protection Act and are useful to other sectors:
Every proposed use or transfer of personal confidential data within or from an organisation should be clearly defined, scrutinised and documented, with continuing uses regularly reviewed, by an appropriate guardian.
- Justify the purpose (s)
Personal confidential data items should not be included unless it is essential for the specified purpose(s). The need for Clients to be identified should be considered at each stage of information sharing.
- Don’t use personal confidential data unless it is absolutely necessary
Where use of personal confidential data is considered to be essential, the inclusion of each individual item of data should be considered and justified so that the minimum amount of personal confidential data is transferred or accessible for a given function to be carried out.
- Use the minimum necessary personal confidential data
Only those individuals who need access to personal confidential data should have access to it, and they should only have access to the data items that they need to see. This may mean introducing access controls or splitting information where one data format or record is used for several purposes.
- Access to personal confidential data should be on a strict need-to-know basis
Action should be taken to ensure that those handling personal confidential data-both carer and office staff- are made fully aware of their responsibilities and obligations to respect Clients confidentiality.
- Everyone with access to personal confidential data should be aware of their responsibilities
Every use of personal confidential data must be lawful. Someone in each organisation handling personal confidential data should be responsible for ensuring that the organisation complies with legal requirements.
- Comply with the law
Health and social care professional should have the confidence to share information in the best interests of their Clients within the framework set out by these principals. These should be supported by the policies of their employers, regulators and professional bodies.
- The duty to share information can be as important as the duty to protect confidentiality