Transcription of CONFIDENTIALITY CODE OF CONDUCT - qehkl : Welcome
1 CONFIDENTIALITY code OF CONDUCT Unique Reference / Version Primary Intranet Location Policy Name Version Number Next Review month Next review year Information Governance CONFIDENTIALITY code of CONDUCT June 2014 Secondary Intranet Location Current Author Phil Cottis Author s Job Title Information Governance & RA Manager Department IM&T Ratifying Committee Information Governance Committee Ratified Date 01 June 2012 Review Date 01 June 2014 Owner Barbara Cummings Owner s Job Title Director of Non-Clinical Services and Performance Management It is the responsibility of the staff member accessing this document to ensure that they are always reading the most up to date version.
2 This will always be the version on the intranet The Queen Elizabeth Hospital King s Lynn NHS Foundation Trust V2 June 2012 Page 2 of 18 Related Policies Information Governance Policy Management of Adverse Events Policy and Procedure Serious Untoward Incident Policy and Procedure Disciplinary Policy and Procedure Creation of Corporate Records Procedure Safe Haven Procedure Information Security Policy Access to Health Records Policy and Procedure Information Lifecycle & Records Management Policy Disposal of IT Equipment and Media Policy Stakeholders Information Governance Committee Trust Executive Committee Version Date Author Author s Job Title Changes V1 March 2010 Nic McCullagh Information Governance Manager V2 April 2012 Phil Cottis IG & RA Manager Review.
3 Contact details. Formatting Short Description The purpose of this document is to provide staff with a clear code of CONDUCT for CONFIDENTIALITY . Key words Caldicott, CONFIDENTIALITY , Consent, Staff, Sharing, Patient The Queen Elizabeth Hospital King s Lynn NHS Foundation Trust V2 June 2012 Page 3 of 18 CONFIDENTIALITY code OF CONDUCT CONTENTS PAGE 1 INTRODUCTION 4 2 PURPOSE 4 3 DEFINITIONS 5 4 RESPONSIBILITIES 6 5 CALDICOTT PRINCIPLES 7 6 DUTY OF CONFIDENCE 8 7 DISCLOSING AND USING CONFIDENTIAL INFORMATION 8 8 PATIENT CONSENT TO DISCLOSURE 9 9 DISCLOSING WITHOUT CONSENT 9
4 10 LEGAL RESTRICTIONS ON DISCLOSURE 10 11 THE CONFIDENTIALITY MODEL 11 12 REQUESTS FOR INFORMATION BY THE POLICE OR MEDIA 11 13 BREACHES OF CONFIDENTIALITY 11 14 STORAGE AND DESTRUCTION OF CONFIDENTIAL INFORMATION 12 15 TRANSFERING CONFIDENTIAL INFORMATION 12 16 CONFIDENTIALITY OF PASSWORDS AND SMARTCARDS 12 17 EQUALITY IMPACT ASSESSMENT 13 18 DISSEMINATION OF DOCUMENT 13 19 REFERENCES 13 APPENDICES 1 ARRANGEMENTS FOR MONITORING COMPLIANCE WITH THIS POLICY 14 2 EQUALITY IMPACT STATEMENT TEMPLATE 15 3 PLAN FOR DISSEMINATION OF PROCEDURAL DOCUMENTS 16 4 CHECKLIST FOR REVIEW AND APPROVAL OF DOCUMENTS 17 The Queen Elizabeth Hospital King s Lynn NHS Foundation Trust V2 April 2012 Page 4 of 18 CONFIDENTIALITY code OF CONDUCT 1 INTRODUCTION The purpose of this document is to provide staff with a clear code of CONDUCT for CONFIDENTIALITY .
5 It is the responsibility of all staff to adhere to this code of CONDUCT . All staff are bound by a legal duty of CONFIDENTIALITY . This means they are obliged to keep strictly confidential any person identifiable information (patient and / or staff), commercially sensitive or business in confidence details they become party to. The legal duty of CONFIDENTIALITY continues even after employment with the Trust has ceased. The principle behind this code of CONDUCT is that no member of staff shall breach their legal duty of CONFIDENTIALITY , allow others to do so, or attempt to defeat any of the Trust s security systems or controls in order to do so.
6 This code of CONDUCT forms part of the Information Governance Toolkit requirements as detailed under the CONFIDENTIALITY and Data Protection Assurance Initiative. It has been written to meet the requirements of the legal and regulatory framework, as outlined in Appendix 2 of the Information Governance (IG) Policy. It should be read in conjunction with the NHS CONFIDENTIALITY code of Practice and is based on the Caldicott principles. This Trust is committed to the delivery of a first class confidential service.
7 This means ensuring all personal patient information is obtained and processed fairly, lawfully and as transparently as possible so that patients can: Understand the reasons for providing complete and accurate information; Give their consent for the disclosure and use of their personal information where necessary; Gain trust in the way the Trust uses and handles information about them; and Understand their rights to access information held about them. 2 PURPOSE For the purpose of this code of CONDUCT , staff is used as a convenience to refer to all staff regardless of occupation, including but not restricted to permanent, fixed-term, contractors, bank, agency, temporary, honorary, visiting, voluntary and students.
8 The requirement for CONFIDENTIALITY is: A legal requirement based on case law; A requirement established in professional codes of CONDUCT ; and Included within the Trust s employment and other contracts ( honorary, voluntary) which is a specific requirement linked directly to the disciplinary process. Under the common law duty of CONFIDENTIALITY , any member of staff may be personally liable in a court of law for unauthorised disclosure of personal data. The Queen Elizabeth Hospital King s Lynn NHS Foundation Trust V2 June 2012 Page 5 of 18 This code of CONDUCT has been produced to protect staff, by making them aware of the correct procedures for making disclosures and dealing with confidential information.
9 3 DEFINITIONS Anonymised Information This is information which does not identify an individual directly, and which cannot reasonably be used to determine identity. Anonymisation requires the removal of name, address, full post code and any other detail or combination of details that might support identification. Confidential Information Confidential information can be anything that relates to patients, staff or any other information (such as contracts, tenders etc) held in any form (such as paper or other forms like electronic, microfilm, audio or video) howsoever stored (such as patient records, paper diaries, computer or on portable devices such as laptops, PDAs, Blackberrys, mobile telephones) or even passed by word of mouth.
10 Person identifiable information is anything that contains the means to identify an individual. Disclosure This is the divulging or provision of access to data. Explicit Consent This means articulated patient agreement. The terms are interchangeable and relate to a clear and voluntary indication of preference or choice, usually given orally or in writing and freely given in circumstances where the available options and the consequences have been made clear. Patient identifiable Information Key identifiable information includes: Patient s name, address, full post code , date of birth; Pictures, photographs, videos, audio-tapes or other images of patients; NHS number and local patient identifiable codes; and Anything else that may be used to identify a patient directly or indirectly.
