How we look after information about your care
We know how sensitive care records are and that people want these to be kept safely and securely. We take this very seriously and have senior managers responsible for ensuring we meet our legal obligations. We have systems to manage this information and we check that we are following those systems.
How do we look after your information?
We know how sensitive care records are and that people want these to be kept safely and securely. In fact it’s the law - The Data Protection Act 2018 requires us to control how confidential personal information is used by businesses and the Government. We must ensure the personal information we hold about you is:
Used lawfully, fairly and in a transparent way
Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
Relevant to the purposes we have told you about and limited only to those purposes
Accurate and kept up to date
Kept only as long as necessary for the purposes we have told you about
All our staff are trained about the importance of confidentiality and the computers systems we use and the paper records we keep, are secure with access limited to only those people who need to know about you and your care.
Furthermore there is the common law duty of confidentiality which means that any information you give us for your care must be protected and not shared with anyone else, or used for other purposes, without your consent. And there are other protections such as the Caldicott guidelines which state that staff can only see and use the patient information they need to do their job.
As health and social care records are so important there are a further set of rules we must follow that describe how these records should be kept, managed and used. These were developed by Dame Fiona Caldicott and are, therefore, known as the “Caldicott Principles”. They are as follows:
Principle 1: Justify the purpose(s) for using confidential information
Principle 2: Do not use personally identifiable information unless it is absolutely necessary.
Principle 3: Use the minimum personally identifiable information.
Principle 4: Access to personally identifiable information should be on a strict need to know basis.
Principle 5: Everyone should be aware of their responsibilities.
Principle 6: Understand and comply with the law.
Principle 7: The duty to share information can be as important as the duty to protect patient confidentiality
Every health & social care service should have a “Caldicott Guardian” which is a senior person who is responsible for giving advice to colleagues about how to use the Caldicott Principles and for checking that we are following them. Interserve Healthcare has a Caldicott Guardian who has received training to do this role.
The Caldicott Principles underpin our policies for the management of care records.
Who do we share your information with?
We will share information about you with other organisations involved with the delivery of your care. This may include:
If you do not pay for your care yourself, then the organisation that does pay for your care such as a Local Authority, NHS Trust/CCG or insurance company responsible for a settlement agreement
The representatives of the organisations who pay for your care, for example Case Managers who work for insurance companies or continuing healthcare staff from NHS/CCGs
Other professionals who support your care, for example district nurses, specialist clinical teams or a medical consultant
Organisations we work in partnership with to provide your care, for example other care agencies that also care for you or organisations we provide care on behalf of
Safeguarding teams where we are legally required to report concerns about your safety or well-being
Regulators of care such as the Care Quality Commission where we are legally required to notify them of an incident or issue, or where they request information as part of the work they do
You have the right to stop us sharing your information on to other people if you think it will, or is causing you harm but we do not have to comply with this if we think it is in your best interest or could jeopardise your care.
Can you see your records?
Yes you can – under the Data Protection Act 2018 you can ask to see all the records we keep about you including paper care records and information we hold on computer systems including emails. This is called a “subject access request” and you can request this by contacting the branch who looks after your care who will send you a form to complete. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee for additional copies, or if your request for access is clearly unfounded or excessive.
Can I change my records?
You can ask us to change or destroy inaccurate information but again we may refuse to comply with this if we think it is detrimental to you, but we will record details of what you stated was inaccurate in your records.
For further details of how we look after your personal information during and after your relationship with us, please read our Client Information Privacy Notice by clicking here