Caldicott and Confidentiality
Caldicott Following on from the initial Caldicott Report commissioned in 1997 which identified weaknesses in the way parts of the NHS handled confidential patient data. A subsequent review was published in 2013, this showed that there had been improvements but there was work still to do.
The report also highlighted added a seventh key principles to the 6 which has been created in 1997. These principles are the cornerstone in which the NHS protect the data we hold and are often seen as an interpretation of the Data Protection Legislation for NHS staff. These are:
Principle 1 - Justify the purpose(s)
Every proposed use of transfer of patient-identifiable information within or from an organisation should be clearly defined and scrutinised, with continuing uses regularly reviewed by an appropriate guardian
Principle 2 - Don't use patient-identifiable information unless it is absolutely necessary
Patient-identifiable information should not be used unless there is no alternative.
Principle 3 - Use the minimum necessary patient-identifiable information
Where use of patient-identifiable information is considered to be essential, each individual item of information should be justified with the aim of reducing identifiability.
Principle 4 - Access to patient-identifiable information should be on a strict need to know basis only
Only those individuals who need access to patient-identifiable information should have access to it, and they should only have access to the information items that they need to see.
Principle 5 - Everyone should be aware of their responsibilities
Action should be taken to ensure that those handling patient-identifiable information - both clinical and non-clinical staff - are aware of their responsibilities and obligations to respect patient confidentiality
Principle 6 - Understand and comply with the law, namely the Data Protection Act 2018 and GDPR 2016
Every use of patient-identifiable information must be lawful. Someone in each organisation should be responsible for ensuring that the organisation complies with legal requirements.
Principle 7 - The duty to share information can be as important as the duty to protection patient confidentiality
Health and social care professionals should have the confidence to share information in the best interests of their patients within the framework set by these principles.
A Guide to Confidentiality in Health and Social Care
A five rule guide designed and produced by NHS Digital (Health and Social Care Information Centre). The guide starts from the historic cornerstone of medical practice that promises confidentiality between doctor and patient. Yet it also recognises that patients, users of social care and the wider public can all reap the benefits from the sharing of information about their care.
To view the guide please click here
Confidentiality: NHS Code of Practice
The Confidentiality: NHS Code of Practice provides guidance on patient confidentiality.
The Code proposes a model for providing a confidential service:
Protect - look after patients' information
Inform - ensure that patients are aware of how their information is used
Provide Choice - allow patients to decide whether their information can be disclosed or used in particular ways
Improve - always look for better ways to protect, inform and provide choice.
To view the Confidentiality: NHS Code of Practice, click here.
