Organisations that handle confidential health and social care information have to ensure that it is held securely and shared appropriately. A number of laws, principles and obligations govern how organisations should handle this information. The Health and Social Care Act 2012 gave us powers to advise organisations on how to handle confidential information securely. The Data Protection Act 1998 is a piece of legislation which defines the law on processing data of people living within the United Kingdom.
One of the central codes of practice in health and social care has been provided by the GSCC and it sets standards of practice and behavior for staff working in that field, including standards for handling information and maintaining confidentiality This covers eight principles under which personal data must be protected and collected. DPA says that service user information must be confidential and can only be accessed with their consent. Service users must know what records are being kept and why the data is kept. Freedom of Information Act 2000: The Freedom of Information Act gives individuals the right to ask organisations all the information they have about them.
The 8 Principles of the Data Protection Act 1998 states the personal data must be: used fairly and lawfully used for limited, specifically stated purposes used in a way that is adequate, relevant and not excessive accurate kept for no longer than is absolutely necessary handled according to people’s data protection rights kept safe and secure not transferred outside the UK without adequate protection the six main points set out by GSCC (general social care council) are:
1. Protect the rights and promote the interests of service users and carers.
2. Strive to establish and maintain the trust and confidence of service users and carers.
3. Promote the independence of service users while protecting them as far as possible from danger or harm.
4. Respect the rights of service users while seeking to ensure that their behaviour does not harm themselves or other people.
5. Uphold public trust and confidence in social care services.
6. Be accountable for the quality of your work and take responsibility for maintaining and improving your knowledge and skills. .
Manual systems relate to paper records, such as Paper or card health records, case notes, care plans, staff files, assessment records, reports, computer print-outs and administrative records. Also Imaging records such as X-rays, CCTV film and photographs. These are required to be out of general view when in use and locked away when not in use or attended in lockable filing cabinets, draws, or locked rooms. We need to ensure only the appropriate individuals have access to these records and that confidentiality is kept at all times.
Electronic systems relate to databases, emails and other stored information such as external hard drive, USB memory stick, CD or DVD. These should be protected by adequate virus software and passwords. Files that are confidential should be password protected and not accessible to unauthorised individuals. Information pertaining to individuals should only be shared on a ‘need to know’ basis.
When supporting others to understand the need for keeping information secure, I would explain the importance of confidentiality and give a summary of the Data Protection Act 1998. I would then explain which information that individual would be able to have access to, and give any guidance needed to enable them to complete records as necessary.
To support others to understand and contribute to records, I would assist them in completing all necessary records and ensure they understand what is expected of them. I would ensure that I set a good example when completing records, in the production and maintenance of records. Also by raising awareness of the consequences of records that are out of date, incomplete or inaccurate.