Transcript Slide 1

How to find your way around …
You can play the
PowerPoint and the
Test here.
START
FINISH
How to find your way around …
Always click the
‘home’ icon to save
your progress and
log off.
This is important!
START
FINISH
Record Keeping
For all Trust staff required to make entries in
patients’ records.
START
FINISH
Record Keeping
•
•
•
•
•
•
•
•
•
•
•
•
Policy
This course is supported by the Trust's
Record Management policy, which
outlines a range of procedural guidelines:
IT&T Security Policy;
Email Access;
Clinical Records Destruction;
Structure and Content of Health Care
Records;
Confidentiality;
Sharing of Information;
Access to Health Records;
Safe-haven Procedures;
Information Security Incident Management;
Storage, Retention and Destruction;
Data Quality.
START
FINISH
Course Objectives
The Trust’s policy;
Confidentiality;
Legislation;
Principles;
Disclosing information
Introduction
All employees of the Trust are responsible for maintaining confidentiality.
This duty of confidentiality is written into employment contracts.
Breach of confidentiality of information gained, either directly or indirectly in the course of
duty, is a disciplinary offence that could result in dismissal.
Staff are authorised to have access to patient information they need to know in order for
them to perform their duties.
Gaining access or attempting to gain access information that you do not need to see to
carry out your work is a breach of confidentiality, as is passing information on to someone
who is not authorised to receive it.
Any personal information, non-clinical or clinical, must be treated as confidential.
START
FINISH
Legislation
Data Protection Act 1998 (8 Principles)
There are 8 Data Protection principles, which regulate the use of
person identifiable data (personal data). Any use of personal data
should be:
 Fair and lawful
 Used only for specified and lawful purposes
 Adequate, relevant and not excessive to need
 Accurate and kept up to date
 Not kept for longer than necessary
 Processed in accordance with data subject rights, including rights of access
 Kept secure and protected against accidental disclosure, loss or damage
 Not transferred outside the EEA (European Economic Area)
START
FINISH
Human Rights Act 1998
Article 8
Everyone has the right to respect for
his / her private and family life, home
and correspondence.
It is unlawful for a public authority to
act in a way that is incompatible with a
Convention right.
Common Law Duty of
Confidence
Information obtained for one purpose
should not be used for another purpose
without the express, or implied,
authorisation (consent) of the provider
of that information.
START
FINISH
Caldicott Review 1997
The Caldicott Review of Patient Identifiable Information raised concerns about the
management of NHS records. The Review, published in December 1997, was the
report of a committee set up by the Chief Medical Officer to review all patientidentifiable information, which passes between NHS organisations.
In the main, the Committee was satisfied that the flows of information containing
patient-information were justified, but the Committee was concerned at the general
lack of awareness of confidentiality and information security requirements throughout
the NHS at all levels. The Committee was also concerned at the NHS's ability to limit
access to patient information to those who truly need to know.
In line with the Caldicott Report recommendations, the Trust has appointed
Executive Medical Director, Milind Karale as Caldicott Guardian.
START
FINISH
Caldicott Principles
The general principles underlying the use and sharing of personal information
follow the Caldicott Principles, which are:
 Justify the purpose for using patient confidential information;
 Only use patient identifiable information when absolutely necessary;
 Use the minimum identifiable information required for that purpose;
 Access should be on a strict need-to-know basis only;
 Everyone must understand their responsibilities to protect information;
 Everyone must understand and comply with the law.
START
FINISH
Question
Patient identifiable information is not to be
used unless it is absolutely necessary and
there is no alternative.
True
False
Continue
START
FINISH
Basic Principles
Any personal
information given for
one purpose must not
be used for another
purpose, without the
consent of the
individual concerned,
because that use may
breach confidentiality.
A patient's right to
confidentiality is
protected by ethics and
the law.
START
Patients have a legal
right to know what
information is being
collected and why, and
the purposes for
sharing that
information.
A patient / client
requesting access to
his / her records, due
to pressure from a third
party, such as
employers, should be
denied access.
The rules are there to
protect both the patient
and staff from
breaches of
confidentiality, but they
should not be applied
so rigidly that they are
impractical to follow or
detrimental to the care
of the individual
concerned.
In some circumstances
they have a right to
choose how their
personal data may be
used or who is allowed
to see it. To express
permission, an
'Information Sharing'
form must be
completed.
Every member of staff
has an obligation to
protect confidentiality
and a duty to verify the
authorisation of
another person to
ensure information is
only passed on to
those who have a right
to see it.
All staff should
understand their
responsibility to protect
the confidential
information they collect
and use, by following
the rules and guidance
that are available to
them.
FINISH
Duty of care
All reasonable care should be taken to protect the physical security of
confidential information from accidental loss, damage, destruction,
unauthorised access or accidental disclosure. For example:
Do not use someone else's password to gain access to information held
on the computers;
Confidential data held on computers, laptops or disk should be kept
physically secure and password protected;
Confidential patient information should not be sent via the Internet without
being adequate protection against unauthorised or accidental disclosure;
CONTINUE
START
FINISH
Patient information should be kept secure and not left unattended and
available for the patient or public to see;
Faxing is not secure. Confidential information should be faxed only when
there is no alternative and immediate receipt is absolutely necessary for
clinical purposes. Safe Haven procedures should be followed;
Envelopes containing patient / client confidential information must be
securely sealed, labelled 'confidential' and clearly addressed to a known
contact;
Telephone validation procedures must be followed to confirm the identity of
telephone callers before information is given to them;
Follow the Trust's Information Security and Data Protection policies and
procedures and seek advice when in doubt.
START
FINISH
Question
You must always seek a patients consent
each time information needs to be passed on
for a particular purpose.
True
False
It is neither practicable nor necessary to
do this every time, staff must consider
things on a ‘need to know basis’.
Continue
START
FINISH
Safe Haven Procedures
A Safe Haven is a location that is used to
send and receive confidential information
in a NHS organisation securely and
confidentially. Any computer-ised or
manual document that personally
identifies a patient (name, address,
postcode, age and sex) is classed as
confidential.
The Trust and its employees must ensure
that wherever and whenever information
flows to and from the Trust, those
persons responsible for transmitting and
receiving it are fully aware of Safe Haven
principles and procedures.
The Trust ensures that key members of
staff 'including switchboard operators and
post room staff' are made aware of the
existence of Safe Haven access.
START
FINISH
Disclosing Information
If you are unsure about
whether or not to disclose
information, consult your Line
Manager and / or, if
necessary, obtain advice from
your organisation's Caldicott
Guardian, Information
Governance Manager (Data
Protection Officer) or Head of
Records Management.
Guidance for faxing
This guidance relates to Data Protection Principle 7 and Caldicott Principle 4. If
you are faxing to a known Safe Haven / secure fax, you do not need to follow
any special instructions. If not, follow steps 1 - 6:
1
Personal details should be faxed separately from clinical details, which must be
accompanied by the NHS number. Do not fax personal or confidential information
unless it is absolutely necessary.
2
Telephone the recipient of the fax (or their representative) to let them know you are
going to send confidential information.
3
Ask the recipient to acknowledge receipt of the fax.
4
Double check the fax number and use pre-programmed numbers, wherever
possible.
5
Make sure your fax cover sheet states who the information is for, and mark it
'Private and Confidential.
6
If appropriate, request a report sheet to confirm that transmission was ok.
START
FINISH
Guidance for health records
Record keeping is an integral part of practice, as it is a tool of professional practice and one
which should help the care process.
When completing health records, you should ensure the following information is included:
Use black ink, so the record can be photocopied
Describes the patients journey
Basic Information
What has happened
Chronological (in order)
When it happened
Legible (readable - e.g. clear writing and no
abbreviations)
Why is it happening
How it has happened
Precise and accurate
Who did it / who was involved
Date and timed
The impact/outcome and action
plan
Objective (unbiased - e.g. no personal opinions,
just facts)
Contemporaneous (up-to-date)
Signed and printed
Factual Information
Remember, if you get interrupted when
completing a health record, return to it again
to ensure you have completed it in full.
START
FINISH
By ensuring this information is
included
It:
Will tell the patient's story to anyone
accessing the record
Will ensure anyone accessing the
Record has all the details,
without delays for
questioning
Question
Records should be written in…
Different colours
Blue pen
Pencil
Black pen
Continue
START
FINISH
Guidance for post
This guidance relates to Data Protection Principles 6 & 7
and Caldicott Principle 4.
1
Confirm the name, department and address of the recipient.
2
Seal the information in a robust envelope. Note the envelope can
have the SEPT brand, but not make reference to our service.
3
Mark the envelope 'Private & Confidential - To be opened by Addressee
Only'. Note, without marking it with the 'Addressee Only' text, it will allow
e.g. secretaries to open the post.
4
When appropriate, send the information by Recorded Delivery.
5
When necessary, ask the recipient to confirm receipt.
START
FINISH
Guidance for Telephone Calls
This guidance relates to Data Protection Principle 7 and Caldicott Principle 4.
1
Confirm the name, job title, department and organisation of the person requesting
the information.
2
Confirm the reason for the information request, if appropriate.
3
Take a contact telephone number (e.g. main switchboard), never a direct line or
mobile number.
4
Check whether the information can be provided. If in doubt, tell the enquirer you will
call them back.
5
Provide the information only to the person who has requested it (do not leave
messages).
6
Ensure that you record your name, date and the time of disclosure, the reason for it
and who authorised it. Also record the recipient's name, job title, organisation and
telephone number.
7
Remember, a text and an answer phone message constitute a record.
Therefore if you receive a message via either communication tool, this
must be recorded and acted on.
Patient Information Requests
Contact Details
Caldicott Guardian – Dr
Milind Karale, Executive Medical
Director
Information Governance
Manager (Data Protection
Officer) – Tracey Van Wyk
Head of Records
Management - Kay Blencoe
(freedom of information and
information security)
When asked for patient information:
• Use the re-dial / speed-dial procedure;
• Check on the source that requires the
information;
• Ensure the information is justified.
Remember, before divulging any information,
make sure you are speaking to the right
person. For example if you use re-dial or
speed dial on your phone, you must ensure
this quick step has actually worked and don't
just assume you meant to call x and you've
got through to x.
Warning!
• Remember the Trust has the technology to monitor all emails,
Internet usage and telephone calls and has the authority to do so!!
Therefore you should refrain from using these tools for personal
gain or improper use (e.g. porn sites).
• It is essential that you don't share confidential and patient
information via social networking sites (e.g. Facebook / Twitter).
START
FINISH
Question
Disclosures of confidential information to anyone
unknown is…
Allowed if it is a
detective/police
officer
Allowed if it is a
solicitor
Strictly forbidden
Continue
START
FINISH
Remember, if you want to find more information / evidence
about this subject or anything else which is relevant to your
work or study, join your local healthcare library.
For staff in Essex contact Basildon Healthcare Library.
www.btuheks.nhs.uk
[email protected]
01268 524900 EX3594
It may be that you work in a different
area,
for example Luton.
Details of all the Health Libraries in
the East of England can be found at
this site…
www.eel.nhs.uk
You are welcome to join any of these.
START
FINISH
Review of Objective(s)
Before completing the test, please ensure you have acquired the
relevant knowledge against the modules objective(s) below:
“To understand:
• The Trust’s policy;
• Confidentiality;
• Legislation;
• Principles;
• Disclosing information.”
If not, please take this opportunity to revisit the presentation content.
CONTINUE
START
FINISH
You now need to take the test!
Remember to
click the ‘home’
icon when you
have finished
the test to save
your results!
START
FINISH