Upload
riley-liscomb
View
240
Download
0
Tags:
Embed Size (px)
Citation preview
Data Protection Act 1998
8 Principles
1. Fairness and legality2. Permission3. Adequacy /Relevant, not
Excessive4. Accuracy5. Length of use6. Access rights7. Security8. Transfer outside EEA
Caldicott Report 1998
6 Principles for use and sharing
1. Justify the purpose2. Use only when necessary3. Use minimum necessary4. Access – strict need to know
basis5. Individual responsibility6. Comply with the law7. Duty to share and protect
Personal Information can be accessed from:
• The patient
• The health record
• Colleagues
• Personnel files/HR/Payroll
• Electronically processed data
• Stored images
• Knowledge held by employee
• Telephones
• Fax machines – ‘Safe Haven’
• Pieces of paper
• Verbally
Confidentiality and Information SecurityTo obtain information without consent….• Is unlawful• Is a breach of the DPA, HRA and if obtained via Hospital systems, a breach of the Computer Misuse Act.May/will result in….• Disciplinary action • Dismissal• Civil action for damages• Custodial sentence• Unlimited fineRCHT monitors access to all systems. All breaches will be dealt with
in accordance with the Trust’s disciplinary procedure
Do Not………
• Leave your PC logged on
• Access information on PAS inappropriately
• Leave your office unlocked
• Include patient identifiable information in the subject of an email
• Send personal data outside the Trust without permission
• Share Passwords
Top TipsDo………
• Respect confidentiality
• Direct Police – they do not have an automatic right to information
• Direct general enquiries
• Check identity – this includes staff
• Report incidents –don’t ignore them (Datix)
?Records ManagementWho is responsible? • Chief Executive• Senior Managers• You
What must I do?• Identify and Maintain Records• Read and implement the policies, especially …
Document naming (Version Control)Store appropriately
Retention Schedule Disposal (record destruction)
… to enable FoI, DPA and EIR compliance
Legalrequirements
Informationsharing
Protection - organisation - individual
Evidence(Audit)
More effectiveworking
Support for patientCare etc.
Records Management – the benefits