Principle 4 - Access to patient-identifiable information should be on a strict need-to-know basis. Principle 3 - Use the minimum necessary patient-identifiable information.Įvery measure should be taken to ensure the use of patient identifiable information is justified by reducing how easily it can be identified. Patient-identifiable information should only be used if there is no other alternative. Principle 2 - Don't use patient-identifiable information unless it is absolutely necessary. Principle 1 - Justify the purpose(s) for using confidential information.Įvery time patient-identifiable information is transferred in an organisation it should be clearly defined and scrutinised, and the transfer process should be regularly reviewed by an appropriate guardian. These are known as the Caldicott Principles: Guidelines are in place to ensure all staff deal with patient information in the strictest confidence. Whenever information is shared, Oxford University Hospitals staff adhere to strict codes of confidentiality. Giving patients the best care possible often means sharing personal information with others, for example, other Trust departments or GP practices directly concerned with your treatment. Staff dealing with information are under an obligation by law to make sure it is protected at all times. Information concerning you or your condition can often be of a sensitive nature, which you may not wish to be known by others. Patient confidentialityĮveryone working for the NHS has a legal duty to keep information held about you confidential and secure. A list of Data Protection Impact Assessments can be found at the link below.ĭata Protection Impact Register (pdf, 87 KB)Ĭopies of Impact Assessments can be disclosed on request by contacting the Information Governance Team. The Trust is required by the General Data Protection Regulation (GDPR) 2016 Article 35 to carry out a Data Protection Impact Assessment (DPIA) in situations where the Trust is contemplating the processing of data which could impact the rights and freedoms of individuals.
Data guardian processing january code#
Records Management NHS Code of Practice.International standard for Information Security: ISO/IEC 27002:2005.Information Security Management NHS code of Practice.Email: are the standards and requirements that make up information governance?.Information Governance Team: 01865 226912.It provides training to all staff to ensure that they comply with the law and best practice. Oxford University Hospitals has its own Information Governance Team which ensures this framework is followed throughout the organisation. interactions with other relevant organisations.Information Governance Policy (pdf, 768 KB).Information Protection Policy (pdf, 987 KB).Our Trust Policies, setting out our approach to information governance, can be found at the links below. Good information governance practice helps to ensure that personal information about all individuals is dealt with legally, securely, effectively and ethically.
0 kommentar(er)
