Healthcare Health and Safety Level 2 (VTQ)

55 videos, 2 hours and 36 minutes

Course Content

Data Protection

Video 46 of 55
3 min 32 sec
Want to watch this video? Sign up for the course or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.

The Data Protection Act 1998 is built around enforceable principles of good practice for the use and disclosure of personal data, including good practice around record-keeping, records management and security and confidentiality. The Act also provides individuals with certain rights in relation to how their information is processed.

The Act stipulates that anyone processing the personal data of living individuals (staff/service users/3rd parties), where processing is defined to incorporate the concepts of 'obtaining', ‘recording’ ‘holding' ‘altering’ ‘retrieving’ ‘destroying’ and 'disclosing' information, must comply with 8 data protection principles.

The data protection principles specify that data should be:

1. Obtained and processed fairly and lawfully
2. Obtained and used only for limited purposes
3. Adequate, relevant and not excessive in relation to those purposes
4. Accurate and where necessary, kept up to date
5. Held no longer than is necessary
6. Processed in accordance with the data subjects rights (e.g. data should be available to the data subject with the ability to correct or erase if necessary)
7. Protected by proper security
8. Not transferred to countries without adequate provision for subject rights

The Act covers the fair and lawful processing of personal information. The concept of fairness is important because how information is obtained will determine how it can be used. Individuals about whom information is processed (data subjects) have a right to prevent processing likely to cause them damage or distress. It follows, therefore, that subjects should be fully aware (subject to legal, ethical and professional considerations) of your role, that you are recording information about them and why, how it will be used, and their consent sought.

Data subjects have a general right to access and are given a copy of the information that is held about them and to be informed of who is processing it, for what purpose and of any disclosures. Access can be denied on the grounds that disclosure would cause serious harm to them or anyone else. They can also request that inaccurate information is rectified or erased. Data subjects can ask the Information Commissioner to review any decisions they do not agree with, for example, where they are denied access to their information or where the Trust does not agree that information is inaccurate or should be erased.

Data subjects can seek compensation for damage or distress caused by any breach of the Act including the loss, destruction or unauthorised disclosure of either accurate or inaccurate data where the data controller cannot prove that reasonable care was taken to prevent such occurrences.