- Slides: 16
DC 2 Handle information in care settings DHS 2 Promote good practice in handling information in care settings
Aim for today’s session: Understand the need for secure handling of information in social care settings
Key legislation relating to handling information in health and social care • • The Data Protection Act 1998 Freedom of Information Act 2000 The Health and Social Care Act 2008 Access to Medical Reports Act 1988 The Caldicott Principles The General Social Care Council Codes of Practice Crime and Disorder Act 1998 • Criminal Procedures and Investigations Act • Human Right Act 1998
Data Protection Act 1998 Relevant aspects of the Act: • • • The information should only be used for the purposes explained when it was collected The information should not be disclosed to anyone who has no right to know it The information collected should relevant and contain no more than is necessary for its purpose The information should be accurate when collected and where necessary kept up to date Individuals should have access to the data held about them Appropriate security measures should be taken to prevent unauthorised access to data
• The Data Protection Act 1998 does NOT require health and social care workers to keep secrets. It is possible to share relevant and important details with others. • Some workers can get confused about sharing information and the ‘need to know’ principle • If you are in doubt then you should check with the individual and/or senior colleague before details are shared with anyone who is not part of your organisation
• A Definition of GDPR (General Data Protection Regulation) The General Data Protection Regulation (GDPR), agreed upon by the European Parliament and Council in April 2016, will replace the Data Protection Directive 95/46/ec in Spring 2018 as the primary law regulating how companies protect EU citizens' personal data. 26 Apr 2019
Data Protection Act video https: //www. youtube. com/watch? v=v. Hvd 6 Ha. Pq_s The Lights Are On Video https: //www. youtube. com/watch? v=w. Ae 4358 am. Jc
Freedom of Information Act 2000 Relevant aspects of the Act: • This relates to any information held by public bodies which is NOT about individuals. An example might be how many older people are receiving direct payments • Public organisations will have a procedure for sharing such information, so those who work for these organisations (examples include health care or local government employees) should refer any requests to a senior colleague.
Caldicott Principles Relevant aspects: • Published in 1997, but now works with the Data Protection Act 1998 • There are six principles which guide the maintenance and sharing of information in health and social care settings
Caldicott Principles Six Principles: • Justify the purpose for which the information is needed • Only use personally identifiable information when absolutely necessary • Use the minimum personal identifiable information possible – if possible use an identifier number rather than a name • Access to the information should be on a strict need to know basis • Everyone should be aware of their responsibilities to respect clients’ confidentiality • Understand comply with the law
The Health and Social Care Act 2008 The details from this law is incorporated into the Compliance Guidance for Social Care Settings issued by the Care Commission, but relates to: • Keeping accurate and confidential records • Storing records safely • Destroying records safely
General Social Care Council Code of Practice Standard 6. 2 requires social care workers to: • “Maintain clear and accurate records as required by procedures established by your work” Standard 2. 3 states: “Respect confidential information and clearly explain agency polices about confidentiality to service users and carers”
Safe Information Handling Your responsibilities as an employee are: • You are personally responsible at all times for the personal and business sensitive information in your care • You must safeguard its security whatever format it is in (paper or electronic) and wherever you are working (working at your desk, on site, from home, remotely or travelling) • This includes diaries, briefcases, notebooks and mobile phones etc.
• You can be disciplined for not complying with the Data Protection Act and HCC policies • The Information Commissioner Office (ICO) has the power to issue fines of up to £ 500, 000 and individuals can be prosecuted, if they knowingly misuse personal information • More information is in the Safe Information Handling Policy