Healthcare Health and Safety Level 2 (VTQ)

55 videos, 2 hours and 36 minutes

Course Content

Principles, Law and Confidentiality

Video 53 of 55
3 min 52 sec

During the course of your time employed, you will receive and come into contact with information that is of a confidential nature. This may be information about named individuals or information belonging to an organisation. This may be through direct or indirect access and may be in a variety of forms, for example, information held in computer or paper records, information that is passed to you in connection with your work, and information that you become aware of in the course of your work including as a result of breaches of confidentiality.

You have a duty to maintain the confidentiality of all such information and this duty continues after you have finished working for the organisation.

Confidential information may only be disclosed with the proper authority, for example, your line manager/designated professional, information governance manager or Caldicott Guardian as appropriate, and should be in line with organisational policies and procedures. You should also refer to your organisation's whistleblowing policy where appropriate.

Confidential personal or organisation information must be protected against improper disclosure at all times. Any unauthorised disclosure or attempts to access confidential information for which you do not have the proper authority can be treated as a serious breach of confidentiality, which may result in your employment being terminated and could lead to legal action being taken against you.

Common law requires that confidential personal information should only be used for the purpose it was given and only with the consent of the individual concerned. If consent is withheld, or cannot be obtained for whatever reason, disclosures can be made where it is in the public interest or where the information is required by law.

You have a duty to maintain the confidentiality of information about deceased people under a confidentiality Code of Practice, contractual obligations and professional codes of conduct. Access to the health records of deceased people is governed by the Access to Health Records Act 1990.

Personal information about living individuals is also subject to the provisions of the Data Protection Act 1998, which governs the processing of information including obtaining, recording, holding, altering, retrieving, disclosing and destroying.

Unauthorised disclosures or misuse of information may result in prosecution or an action for civil damages under the same Act. You can protect yourself by ensuring information security, for example, not sharing passwords, logging out of terminals when not at your desk, etc is one aspect of keeping the information confidential.

Many breaches of confidentiality arise out of very simple errors of judgement such as people talking in public places, personal information being left unattended, people ‘blagging’ information over the telephone, mislaying notes and letters, sending information in unsealed envelopes or not addressed as confidential mail.

Your employing organisation has a duty to ensure that you are aware of your responsibilities and you have a responsibility to inform your employer, either via your line manager or information manager, where you have concerns that information is potentially not secure.