CONFIDENTIALITY POLICY POLICY ... - Pilgrims Hospices
CONFIDENTIALITY POLICY POLICY ... - Pilgrims Hospices
CONFIDENTIALITY POLICY POLICY ... - Pilgrims Hospices
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>CONFIDENTIALITY</strong> <strong>POLICY</strong><br />
<strong>POLICY</strong> STATEMENT<br />
This policy is designed to make all staff and volunteers who work for, or on behalf of,<br />
<strong>Pilgrims</strong> <strong>Hospices</strong> in East Kent aware of their responsibilities with regard to<br />
confidentiality. They shall keep confidential, unless exceptional circumstances apply,<br />
all information about the organisation including information about patients and their<br />
carers, friends and relatives.<br />
SCOPE OF THIS <strong>POLICY</strong><br />
This policy relates to the exchange of all information included in the policy by staff<br />
and volunteers to other staff and volunteers within <strong>Pilgrims</strong> <strong>Hospices</strong> and with<br />
individuals and members of other organisations outside <strong>Pilgrims</strong> <strong>Hospices</strong>.<br />
DEFINITION OF <strong>CONFIDENTIALITY</strong><br />
The principle of keeping secure and secret from others, information given by or about<br />
an individual in the course of a professional relationship.<br />
This definition is about the relationship between a professional carer and patient but<br />
can be extended to an employee and employer or employment organisation.<br />
WHAT IS INCLUDED IN THE <strong>CONFIDENTIALITY</strong> <strong>POLICY</strong><br />
This covers protecting any information as to the business, dealings, practice,<br />
accounts, finances, human resources, trading, software, know-how, affairs of<br />
<strong>Pilgrims</strong> <strong>Hospices</strong> or any of <strong>Pilgrims</strong> <strong>Hospices</strong>’ patients or prospective patients,<br />
distributors, suppliers or persons, firms or companies otherwise connected with<br />
<strong>Pilgrims</strong> <strong>Hospices</strong>.<br />
All information held about <strong>Pilgrims</strong> <strong>Hospices</strong> or in connection with <strong>Pilgrims</strong> <strong>Hospices</strong><br />
and any of the above is to be regarded as confidential. Information may be recorded<br />
on paper or computer or it may be exchanged by word of mouth. Much of the<br />
information the Hospice has about patients comes from the NHS (acute care) and<br />
General Practice (Primary Care) and District Nurses (Community Care). The Hospice<br />
has a responsibility to these sources of information (see Caldicott Report).<br />
Most of the more sensitive information will relate to patients. The types of confidential<br />
information at different levels are:<br />
1. IDENTITY – (Name, address, sex, age in sufficient combination to identify the<br />
Patient) available to a wide range of permanent and attached staff. (“Hotel”<br />
services)<br />
2. MEDICAL – Available to medical staff who give treatment and palliative care and<br />
administration staff who process the information. This information will be patient<br />
identifiable for direct clinical purposes.<br />
3. SOCIAL – Available to medical and nursing staff and social workers.<br />
4. PSYCHOLOGICAL – Available to Counsellors.<br />
In the Palliative Care environment, 2 - 4 are available to a wider range of<br />
professionals in the multi-disciplinary team.<br />
RELATED POLICIES AND DOCUMENTS<br />
Information Technology Policy<br />
Information Security Policy<br />
Reporting Information Security Incidents (Procedure)<br />
Information Governance Committee Terms of Reference<br />
Scanning Policy<br />
Clinical Records Management Policy<br />
Data Protection Policy<br />
Decisions Consent Policy<br />
1
Decisions Loss of Capacity Policy<br />
Whistleblowing Policy<br />
RESPONSIBILITIES OF STAFF AND VOLUNTEERS<br />
Multi-disciplinary team members<br />
The multi-disciplinary team is composed of doctors, nurses and allied health<br />
professionals (AHPs). All professionals are required to comply with their professional<br />
code(s) of conduct. Those who do not have a professional code of conduct should<br />
adopt one from a colleague that meets their needs. All members of the<br />
multidisciplinary<br />
team will familiarise themselves with the codes of conduct of their fellow<br />
professionals.<br />
Administrative Staff<br />
All members of staff handle confidential information and are accountable to the<br />
professional for whom they are acting within <strong>Pilgrims</strong> <strong>Hospices</strong> for keeping the<br />
information confidential. Professionals outside <strong>Pilgrims</strong> may ask them from time to<br />
time for information about patients. Staff should follow the six principles laid down by<br />
the Caldicott Report as follows:<br />
• Principle 1 - Justify the purpose(s) the purpose being to assist with the<br />
care of the patient.<br />
• Principle 2 - Don’t use patient-identifiable information unless it is<br />
absolutely necessary<br />
• Principle 3 - Use the minimum necessary patient identifiable information<br />
• Principle 4 - Access to patient-identifiable information should be on a<br />
strict need-to-know basis<br />
• Principle 5 - Everyone with access to patient-identifiable information<br />
should be aware of their responsibilities<br />
• Principle 6 - Understand and comply with the law<br />
Information should only be provided if the enquirer can be identified. If in doubt,<br />
members of staff will refer to the professional within <strong>Pilgrims</strong> <strong>Hospices</strong> for whom they<br />
are acting in each case who will liaise with the Caldicott Guardian.<br />
VOLUNTEERS<br />
Volunteers should follow the same guidance as administrative staff above except<br />
they should not be asked to give information about patients to professionals from<br />
organisations outside <strong>Pilgrims</strong> <strong>Hospices</strong>.<br />
DISCLOSURE<br />
The Courts can order disclosure of information. Disclosure may be required to<br />
comply with the law. Full details of the organisations requirements regarding<br />
disclosure is incorporated in the Records Management Policy. In the context of<br />
disclosure it should be noted that the Freedom of Information Act does not apply to<br />
the hospice. This aspect of access to patient records is covered in the Records<br />
Management Policy.<br />
PROTECTION OF RECORDS AND REPORTING INCIDENTS<br />
Confidential records of any kind must never be left unsupervised so that a person<br />
who has no right to see them has access to them or could remove them from<br />
<strong>Pilgrims</strong> <strong>Hospices</strong> premises.<br />
If any member of staff is aware of a breach of confidentiality that person will report<br />
the incident to their line manager. If the breach is serious and needs action<br />
immediately, the line manager or a senior member of staff should be contacted<br />
without delay. The line manager will decide if further action, including disciplinary<br />
proceedings, may be necessary.<br />
Full details of the organisations requirements with regard to protecting records and<br />
2
eporting a breach of confidentiality or other breach in the protection of the security of<br />
information is in the Information Security Policy and Reporting Information Security<br />
Incidents procedure.<br />
CONSENT TO SHARE INFORMATION<br />
Knowing when to share information to assist the care of patients and when to<br />
withhold information is a matter of professional judgement and experience. It is also<br />
important to determine whether or not the information needs to be patient-identifiable.<br />
All matters relating to the obtaining of consent and validity and capacity are covered<br />
in the <strong>Pilgrims</strong> <strong>Hospices</strong> Consent Policy.<br />
<strong>CONFIDENTIALITY</strong> STATEMENT<br />
The Patient’s Handbook spells out quite clearly to patients what they can expect from<br />
us: “We believe that staff working together as a team improves the care we can offer.<br />
No one of us can do all the nursing, the medicating, the counselling and the family<br />
support. If we work together that means that all the different aspects of care can be<br />
more effectively done. But that means we all need to know about our patients and<br />
their families and so we need to share information. If you tell us that a particular<br />
matter is for the hearer’s ears only, it will remain confidential; if you do not so specify<br />
we will share matters with other members of the team if they need to know for your<br />
better care.” A Confidentiality Statement is also on Infoflex for staff to explain to<br />
patients on admission and first encounter.<br />
DISCLOSING WITHOUT CONSENT<br />
Staff must only disclose confidential information without the patient’s consent in the<br />
following circumstances<br />
IN THE PUBLIC INTEREST<br />
1. Where a serious crime could be prevented, detected or is being investigated.<br />
2. To prevent abuse or serious harm to themselves and others.<br />
LEGALLY REQUIRED<br />
1. Some disclosures are mandatory such as the reporting to Health Authorities of<br />
infectious diseases.<br />
2. The courts may require disclosure; in this case, only what is required to comply<br />
with the court order may be disclosed.<br />
In all cases where disclosure is required without consent, where possible and/or<br />
desirable consent should be sought before the disclosure or the patient informed of<br />
the disclosure after the event.<br />
The professionals’ codes of conduct give guidance on disclosure without the consent<br />
of the patient<br />
Where disclosure is made without the consent of the patient, a written record must be<br />
made.<br />
THE MULTI-DISCIPLINARY TEAM<br />
Discussions of confidential information about patients by the Multi-Disciplinary Team<br />
must conform to the consent obtained from the patient specifically or in accordance<br />
with the information provided to the patient in the Patient’s Handbook.<br />
3
RESEARCH AND AUDIT<br />
Information requested from patients for the purposes of research and/or audit will<br />
normally be obtained with their consent. Information from their records will be<br />
anonymous or pseudonymous.<br />
REFERENCES AND BIBLIOGRAPHY<br />
Care Quality Commission, 2010, Guidance About Compliance Essential Standards of<br />
Safety and Quality , Care Quality Commission, London,<br />
http://www.cqc.org.uk/_db/_documents/Essential_standards_of_quality_and_safety_<br />
March_2010_FINAL.pdf last accessed 27-7-2010<br />
Department of Health, 2003, Confidentiality. NHS Code of Practice, DH Publications.<br />
London,<br />
http://www.dh.gov.uk/prod_consum_dh/groups/dh_digitalassets/@dh/@en/document<br />
s/digitalasset/dh_4069254.pdf , last accessed 27-7-2010<br />
Department of Health, 2010, Guidance for Access to Health Records Requests, DH<br />
Informatics Policy & Planning Directorate, Leeds,<br />
http://www.dh.gov.uk/prod_consum_dh/groups/dh_digitalassets/@dh/@en/@ps/docu<br />
ments/digitalasset/dh_113206.pdf last accessed 27-7-2010<br />
Department of Health 1997. The Caldicott Committee Report on the Review of<br />
Patient-Identifiable Information. Dept of Health.<br />
http://www.dh.gov.uk/prod_consum_dh/groups/dh_digitalassets/@dh/@en/document<br />
s/digitalasset/dh_4068404.pdf last accessed 27-7-2010<br />
General Medical Council 2009, Guidance for doctors: Confidentiality. GMC London<br />
http://www.gmc-uk.org/static/documents/content/Confidentiality_core_2009.pdf last<br />
accessed 27-7-2010<br />
Nursing and Midwifery Council, 2009, redesign 2010. Record keeping Guidance for<br />
nurses and midwives. NMC London. http://www.nmcuk.<br />
org/Documents/Guidance/nmcGuidanceRecordKeepingGuidanceforNursesandMi<br />
dwives.pdf last accessed 27-7-2010<br />
Nursing and Midwifery Council, 2008, redesign 2010. The code: Standards of<br />
conduct, performance and ethics for nurses and midwives. NMC London<br />
http://www.nmcuk.<br />
org/Documents/Standards/nmcTheCodeStandardsofConductPerformanceAndEthi<br />
csForNursesAndMidwives_LargePrintVersion.PDF last accessed 27-7-2010<br />
Author<br />
Simon Fisher Audit Facilitator<br />
Date 27 th September 2010<br />
Policy Version No 2 nd review<br />
Policy application Clinical<br />
Approving body Clinical Practice Development Forum<br />
Review September 2012<br />
4
<strong>CONFIDENTIALITY</strong> <strong>POLICY</strong><br />
PROTECTING AND USING PATIENT INFORMATION<br />
The Legal Responsibility of staff and volunteers<br />
All members of staff including volunteers must be aware of the legislation in place to<br />
protect personal information (confidentiality). These include computer held records,<br />
printouts and any written information used (personal files, payroll records etc.).<br />
Misuse of information may lead to prosecution of an individual under the Data<br />
Protection Act.<br />
1. Data Protection Act 1998 This applies to personal information, such as employee<br />
and Patient manual records, records held on computer, microfiche and CCTV.<br />
The Act dictates that information should only be disclosed on a need to know<br />
basis<br />
2. The Copyright Designs And Patents Act 1988. This Act makes the use of<br />
unlicensed (pirated) software a criminal offence, which could lead to fines or<br />
imprisonment.<br />
3. The Computer Misuse Act 1990 This Act makes it a criminal offence to access<br />
any part of a computer system programs and/or data that you are not set up to<br />
access, e.g. access a record of someone you may know, share someone’s<br />
password or access a system which is not for the <strong>Pilgrims</strong> <strong>Hospices</strong> purposes.<br />
Each system/network has an individual user id and password. This should remain<br />
confidential to those authorised to access those records.<br />
Confidentiality<br />
All information you come in contact with during the course of your work must be<br />
deemed to be confidential. This will apply to records relating to patients and their<br />
friends and relatives, applicants, staff, volunteers, contractors, community members,<br />
and other medical personnel and may also include business information. Under no<br />
circumstances should any of this information be divulged or passed on to any<br />
unauthorised persons by you whilst you are employed or after you leave the<br />
employment of <strong>Pilgrims</strong> <strong>Hospices</strong>. A breach of confidentiality may lead to disciplinary<br />
or legal action.<br />
I understand my responsibilities and agree to abide by this Policy.<br />
Name _______________________________ Job Title ______________________<br />
Signature ____________________________<br />
Date __________________<br />
5