CU2479 Promote Good Practices in Handling Information in Health and Social Care Settings
1. Understand requirements for handling information in health and social care settings.
2.1 Identify legislation and codes of practice that relate to handling information in health and social care.
Legislation and codes of practice that relate to handling information in health and social care are as follows:
* Data Protection Act 1998
* Freedom of Information Act 2000
* Carers Code of Practice
* Caldecott Principles
* Human Rights Act1998
* Caldecott Principles
* Care Standards Act
The Data Protection Act 1998 is a key piece of legislation to ensure people's ...view middle of the document...
Carers Code of Practice
One of the central codes of practice in health and social care has been provided by the GSCC and it sets standards of practice and behaviour for staff working in that field, including standards for handling information and maintaining confidentiality. Other legal sources of information regarding handling information are stipulated through common law and the rulings of individual cases.
1.2 Summarise the main points of legal requirements and codes of practice for handling information in a health and social care.
The main points of legal requirements and codes of practice for handling information in health and social care are as follows: The data must be
* fairly and lawfully processed
* processed for limited purposes
* adequate, relevant and not excessive
* not kept for longer than necessary
* processed in accordance with the data subject’s rights
* kept secure
* not transferred to countries without adequate protection
Data Protection Act 1998 - 8 principles:
* personal data needs to be processed fairly and lawfully
* personal data needs to only be processed for one or more specified and lawful purposes
* personal data needs to be adequate, relevant and not excessive
* personal data needs to be accurate and (where appropriate) kept up to date
* personal data shall not be kept for longer than necessary
* personal data needs to be processed in accordance with the Data Protection Act 1998 and the many rights of individuals
* appropriate measures need to be taken to ensure that personal data does not get lost, damaged or destructed and that it cannot be unlawfully processed or access without authorisation
* Personal data shall not be transferred to countries outside the European Economic Area - the EU plus Norway, Iceland and Liechtenstein - that do not have adequate protection for individuals' personal information; unless a condition from Schedule four of the Act can be met.
Human Rights Act 1998:
* Article 8 highlights the right to private and family life, which consequently put a duty on health and social care providers to protect clients' privacy and maintain confidentiality of their personal information.
* Providing that organisations work in accordance with the Data Protection Act and rulings from the common law, they should be in line with the requirements of the Human Rights Act.
Codes of practice from GSCC:
* care employees need to respect confidential information and clearly explain agency policies about confidentiality to service users and carers
* they must not abuse the trust of service users and carers or the access they have to personal information about them or to their property, home or workplace
* care employees need to maintain clear and accurate records as required by procedures established for their work
* justify the purpose for processing the client information