This document sets out the arrangements in the practice for the confidentiality of patient data.
All patient information is considered to be confidential and we comply fully with the Data Protection Act. All employees have access to this information in relation to their role and have signed a confidentiality agreement. Information may be shared, in confidence, with other NHS organisations in the interests of patient care.
CCTV is installed internally in public areas and externally for security. Recordings are used entirely at the discretion of the partners including provision of images to the police or other official bodies, and will otherwise comply with the Practice’s Data Protection registration.
Protection against Viruses
Data is vulnerable to loss or corruption caused by viruses. Viruses may be introduced from floppy discs, CDROM/DVDROM, other storage media and by direct links via e-mail and web browsing. The Practice will not accept any files send through patients personal email or DVD/CD.
The Organisation’s Responsibilities
The organisation will ensure that employees fully understand all their responsibilities with regard to confidential data. The employees will sign a written statement of the responsibilities they are undertaking towards the security of the data.
The organisation will also ensure that arrangements are in place for the confidential disposal of any paper waste generated at work or the employees’ home.
The organisation will monitor and record when it is passing ownership of data to an individual (e.g. for project work or, research and development) and this will be individually and specifically authorised by the Caldicott Guardian. The individual may then need to be separately registered under the Data Protection Act 1998. The practice will otherwise fully comply with all aspects of data security as required under the Act.
The organisation will strictly apply the rules of confidentiality and in general will not release patient information to a third party without proper valid and informed consent, unless this is within the statutory exempted categories such as in the public interest, in which case the release of the information and the reasons for it will be individually and specifically documented and authorised by the responsible clinician.
INDEX - Policies
By using this site, you agree that we may store and access cookies on your device. Find out about our cookies.
Functional Cookies are enabled by default at all times so that we can save your preferences for cookie settings and ensure site works and delivers best experience.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.