Protecting your clients/clients information James Partridge CEO and

Protecting your clients/clients information James Partridge CEO and

Protecting your clients/clients information James Partridge CEO and Interim Head of the Skin Camouflage Service Changing Faces Based on guidance from the IG Policy Team, NHS Connecting for Health Key Learning Points What is Information Governance? What do YOU need to do to make this work? 1. Follow the Caldicott Guidelines to provide a confidential service 2. Comply with the Law Understand the Data Protection Act Principles Activity Recognise a Freedom of Information Act request 3. Keep good records 4. Keep information secure Assessment questions Activity What is IG? IG is to do with how NHS/Social Care organisations and

individuals handle information Information means: Personal Sensitive Corporate E.g. Name, Date of Birth, Home address E.g. ethnicity, disease, medical condition, sexual life E.g. Contracts for suppliers, minutes of meetings, finance details Handling information well means Holding it securely and confidentially Obtaining it fairly and efficiently Recording it accurately and reliably

Using it effectively and ethically Sharing it appropriately and lawfully What is IG? IG is to do with how NHS/Social Care organisations and individuals IG is a series of best handle practice guidelines information and principles of the Law to be followed by NHS/Social Care organisations and individuals Core elements of IG Data Protection Act 1998 Freedom of Information Act 2000 Information Security Standards ISO/IEC 17799: 2005 and IS Management NHS Code of Practice

The NHS Confidentiality Code of Practice The Records Management NHS Code of Practice Information Quality Assurance IG Toolkit Organisation Self Assessment against national set of standards. Annual submission. Adopted by NHS, Social Care, GP and Commercial Third Parties. Online Tool Process may be subject to internal and external audit Past reports available online For further information on the IG Toolkit go to: www.igt.hscic.gov.uk What is IG? IG is to do with how NHS/Social Care organisations and individuals IG is a series of best

handle practice guidelines information and principles of the Law to be followed by NHS/Social Care IG is the core foundation for high organisations and quality healthcare individuals using good quality information IG is the responsibility of everyone at Changing Faces! What do YOU need to do to make this work? 1. Confidentiality Do not share without

consent The Caldicott Guardian 1997 Caldicott Report Follow the Caldicott Principles to ensure Patient/Client Confidentiality 1. Justify the purpose of disclosing confidential information 2. Only disclose it when absolutely necessary 3. Use the minimum info required 4. Allow access to it on a strict needto-know basis 5. Understand your responsibility to client confidentiality 6. Understand and comply with the law Scenario

A famous celebrity is taken ill while performing at a local theatre. Appendicitis is diagnosed and the celebrity requires emergency surgery. The anaesthetic practitioner recognises the celebrity and following the surgery rings a friend to tell them about this surgery and other information of this celebritys past healthcare history. The following day the newspaper publishes details of the surgery and other health issues the celebrity has. If you are not sure, dont disclose and seek further advice from the Operational Delivery Team (if you are a volunteer) or the Caldicott Guardian (if you are a member of staff) Providing a Confidential Service in practice Improve o

Pr t c e t In f or m Protect an individuals information by recording relevant data accurately, consistently, keeping it secure and confidential. Inform a client how their information is used and when it may be disclosed Provide Choice Provide choice to clients to decide whether their information can be disclosed

Improve Always look to Improve the way you/the charity protects, informs and provides choice to its clients (volunteers, employees and supporters). Personal information shared in confidence should not be used or disclosed further without the consent of the individual (Common Law Duty of Confidence) 2. Comply with the Law Data Protection Act 1998 It is your responsibility to understand the principles in relation to your role in Changing Faces. Activity (takes 10-15 minutes to complete): Read the Quick reference to Caldicott & the Data Protection Act 1998 principles booklet specifically page 4 to 14 Match the breaches of the Data Protection Acts principles with scenarios A to H on the following slides. DP and Confidentiality Double

Principles Quick click here Reference March 06.pdf Produced by the Surrey Health Informatics Service IG Team on behalf of the Surrey Health Community Activity (takes 5 minutes to complete): Which Principle/s do these scenarios relate to/breach? Scenario A Mr Peters receives a call from Changing Faces asking to speak to the parent/guardian of six year old Grace Hill regarding her Skin Camouflage appointment. Mr Peters is shocked to receive this call as he and Mrs Hill have been divorced for 10 years. He was aware his wife remarried his best friend (John Hill) but was unaware they had had a child together. Mr Peters informed the charity that they

were no longer married nor living at the same address. Scenario B A Practitioner leaves a voicemail for a 17 year old client on the family landline. The mother picks up the message which contains details of a Skin Camouflage appointment for her daughters self harm scars. The daughter calls the Practitioner in tears because she had not told her Mum about the scars nor the appointment and wished it to stay that way. Activity Which Principle/s do these scenarios relate to/breach? Scenario C A Practitioner is holding a clinic in a side room of a busy hospital. She spreads her paperwork out on the desk ready for her clinic.

After seeing the first two clients she pops out for lunch, leaving the door open and the paperwork on the desk. After an hour she returns to continue with her clinic. Scenario D Mr Y moves from London to Leeds. He has previously had a Skin Camouflage appointment in London but wishes to have a re-match in Leeds. The Leeds Practitioner goes through the referral notes and finds abbreviations such as HT and NLM. When she calls the dermatologist who referred Mr Y to enquire what these mean, they laugh and say Oh that means Hot Totty and Nice Looking Man Activity

Which Principle/s do these scenarios relate to/breach? Scenario E A Practitioner is approached by the brother of a client enquiring how the appointment went for his brothers vitiligo cover creams. The Practitioner mentions that the colour match was successful but asks why his brother had stopped using his Topical Corticosteroids to help manage his vitiligo which the client mentioned to her during his appointment. The client is later surprised to discover his brother is aware he stopped using the steroid cream, which he had only told his wife and the Practitioner about. Scenario F Kathryn is approached by XYZ Derma who wanted to distribute new kit items to the Practitioners. The companys rep asks for the home addresses of all the Practitioners

currently volunteering for Changing Faces. Assuming the Practitioners would like this information, Kathryn provides the names and addresses without asking the Practitioners or giving them the option to opt out first. Later Kathryn receives calls from unhappy Practitioners complaining that their details were given to a third party. Activity Which Principle/s do these scenarios relate to/breach? Scenario G A Practitioner is approached by a fast-growing US charity which wants to offer a similar Skin Camouflage Service as Changing Faces in the USA. The US charity asks the Practitioner for a report about what a standard appointment involves and some real life case studies to show the

success of her methods. Wanting to help, the Practitioner sends the account and some case studies based on her recent clients to the charity via email. Scenario H A Practitioner holds a clinic and returns all the Client Service Record Cards to the Changing Faces office by post. But she decides to keep the referral information in a locked case at her home in case one of the clients wants to come back for a rematch at a later date. Freedom of Information Act Can you recognise a Freedom of Information (FOI) Act Request? ad e L am

F OI d r a a e /M tly r D w n i o e S c n r re o k st is e t Dea

v an e a k e i h u hip l r n I T o y d l g e m u er

I wo m uch t h t h e u n d t i o n on a n d pera r Trust ee all how ding on t of the o s n n ou o y t t spe bishme e to be e a lik y u r d m l u

d h f u , n c i e r rd ar wo a M tes w o n i E n rd o

e d c A& e h e t R let h p t l m his a t e co g f H o

in . t d 7 e. r s i r 0 a l a g c a 20 re nd of ke a i

l l d an a o d i c l r i e u e d p I wo ew me ve m h e n i g n l se

f w can a a o c e i l Which of A or B is an the n g d P tio ein on me

i a b t c n i a t o FOI n e. en hisrequest? ind nform t m m r p o i o

i ed t equ his ed f A B What you need to know about FOI Gives the public the right to access/view all non-personal public authority information upon request Requests must be in writing All staff must know who their FOI Lead is and be able to access/refer to their contact details. The requester may not and need not quote the FOI Act The organisation must respond within 20 working days Exemptions may apply for non disclosure FOI Lead will determine this. What you need to know about FOI

Penalties for non compliance with or breach of the Act applies to the: Organisation Chief Executive Possibly Individual staff 3. Keep good records Best Practice guidance states: All staff and volunteers have a legal and professional obligation to be responsible for any records which they create or use in the performance of their duties. Any record created by an individual, up to the end of its retention period, is a public record and subject to Information requests (FOI and Subject Access). Record Lifecycle Creation Create & log Quality information Using

Use/handle in accordance with Data Protection Act Close Record Record Lifecycle Retention Keep/maintain in line with Changing Faces Retention Schedule Appraisal Determine whether records are worthy of permanent archival preservation

Disposal Dispose appropriately according to policy 4. Keep Information Secure It is your responsibility to keep all personal and sensitive information secure Follow Organisation Policies Protect Information Physically Practice Password Management Transfer Information Securely Report Breaches of Security to Management

Information Governance is the responsibility of everyone at Changing Faces, so keep up the good work and aim to be 100% compliant. THANK YOU VERY MUCH! Further Guidance and useful links DH: Confidentiality NHS Code of Practice DH: Records Management NHS Code of Practice The Data Protection Act 1998 The Freedom of Information Act 2000 The IG Policy Team website The Department of Health website Information Commissioners Office website (more information and guidance on FOI and DPA ) WELL DONE! THANK YOU VERY MUCH!

Recently Viewed Presentations

  • Writing Formulas of Ionic Compound

    Writing Formulas of Ionic Compound

    We know from the formula there is only one Iron. What charge must iron have to balance the two negative charges of chlorine? Answer = 2+ Use Roman Numerals to indicate this + 2 Charge: Iron (II) Chloride
  • Silicon Optical Modulators - University of California, Berkeley

    Silicon Optical Modulators - University of California, Berkeley

    Silicon Optical Modulators Recent developments in fabrication of High Speed Modulators J ee290f Outline Motivation Png, Reed, et al. work from Surrey. Shows basic principle and gives one of the two major design types Intel device History making device, designed...
  • Water Allocation Committee Watauga River Basin Water Resources

    Water Allocation Committee Watauga River Basin Water Resources

    Basin plans shall provide that all point and nonpoint sources of pollutants jointly share responsibility in reducing pollutants in the State's waters [ยง143-215.8B(b)(1)] Basin plans should also include information about all transfers in and out of the basin as required...
  • Sec-03 Mission Overview - Earth Observing-1

    Sec-03 Mission Overview - Earth Observing-1

    EO-1 Mission Overview What is EO-1? EO-1 Technologies Advanced Land Imager (ALI) Hyperion Imaging Spectrometer Convex Grating spectrometers with CCD VNIR and HgCdTe SWIR detectors 30m spatial and 10nm spectral resolutions over 7.5km swath and 400-2500nm spectral range Multiple calibration...
  • Java Vs Dot Net Security - Old Dominion University

    Java Vs Dot Net Security - Old Dominion University

    Java Vs Dot Net Security ... MSIL (or CIL or IL) is the low-level language of the .NET Common Language Runtime (CLR). Superficially, the two languages look very similar. Code Access Security Policy Tool Java Authentication and Authorization service (JAAS)...
  • RELAX: Alternatives to Anger

    RELAX: Alternatives to Anger

    Georgina Perry, BSW - Michigan State University Extension. Charlye Meuser - Central Michigan University. Anger Management Education (AME) AME Purpose: Focus on frequency and intensity of individuals anger.
  • Winging It - Tamalpais Union High School District

    Winging It - Tamalpais Union High School District

    Winging It A Musculoskeletal System Lab How are the muscles and bones held together? How do the muscles and bones work together to provide motion? What are joints and how do they function? * * * * Safety Raw chicken...
  • Exercise 38 -The Digestive system 3/1/2011 lab 2

    Exercise 38 -The Digestive system 3/1/2011 lab 2

    Exercise 38 -The Digestive system 3/1/2011 lab 2 groups of organs compose the digestive system Gastrointenstinal (GI) tract or alimentary canal - mouth, most of pharynx, esophagus, stomach, small intestine, and large intestine Accessory digestive organs - teeth, tongue, salivary...