|
|
|
|
|
|
| Caldicott Principles | |||||
| Our objectives are to meet the principles laid out in the Caldicott Report.� | |||||
| Doctor Murray is the Caldecott gaurdian for Small Heath Medical Practice | |||||
| The Guardian agrees the protocols within the practice that governs the disclosure of patient-identifiable information to other organisations, the Guardian is also responsible for ensuring that all routine flows of patient-identifiable information to and from organisations have been identified and proven necessary. | |||||
| He is responsible for ensuring that the local use of patient identifiable information is effectively governed by appropriate national and locally agreed protocols on patient confidentiality. | |||||
| Every GP Practice in UK now has an obligation to conform to The Caldicott Principles:- | |||||
| Principle 1 - Justify purposes(s) ? Individuals, departments and organisations must justify the purpose(s) for which information is required.� This includes justifying the purposes to the public for specific patients as well as to the Caldicott Guardians within each organisation.� Every proposed use or transfer of patient-identifiable information within or from an organisation should be clearly defined and scrutinised, with continuing uses regularly reviewed by an appropriate guardian within the practice. | |||||
| Principle 2 - Don?t use patient-Identifiable information unless it is absolutely necessary This means assessing information flows and uses and ensuring that patient identifiable information is removed unless a genuine case can be made for its inclusion and there is no alternative. | |||||
| Principle 3 ? Use the minimum necessary patient-identifiable information Where use of patient-identifiable information is considered to be essential, each individual item of information should be justified with the aim of reducing identifiability.� This includes the use of the NHS number rather than any other identifier where possible. | |||||
| Principle 4 - Access to patient-identifiable information should be on a strict need to know basis Only those individuals who need access to patient-identifiable information should have access to it, and they should only have access to the information items that they need to see. | |||||
| Principle 5 ? Everyone should be aware of their responsibilities Action should be taken to ensure that those handling patient-identifiable information ? both clinical and non-clinical staff are aware of their responsibilities and obligations to respect patient confidentiality. | |||||
| Principle 6 - Understand and comply with the law The most relevant and important of which are the Data Protection Act 1998, The Access to Medical Reports Act 1988 and the Police and Criminal Evidence Act 1984.� There are also other sets of statutory guidance that must be considered such as the NHS IM&T Security Manual (pdf file) and ?For the Record? (which I could find no internet link for) detailing retention periods for records. | |||||
| Every use of patient-identifiable information must be lawful.� Someone in each organisation should be responsible for ensuring that the practice complies with legal requirements ? Caldicott Guardian. | |||||