Code of conduct for employees in respect of confidentiality

6.4.1. be satisfied that patients know about disclosures necessary toprovide their care, or for local clinical audit of that care, that they can objectto these disclosures but have not done so (use the Care Record GuaranteeLeaflet on Information Sharing in discussions with the patient);6.4.2. seek patients’ express consent to disclosure of information, whereidentifiable data is needed for any purpose other than the provision of careor for clinical audit – save in the exceptional circumstances describedbelow;6.5. You must treat information about patients and clients as confidential and use itonly for the purposes for which it was given. As it is impractical to obtain consentevery time you need to share information with others, you should ensure that patientsand clients understand that some information may be made available to othermembers of the team involved in the delivery of care. You must guard againstbreaches of confidentiality by protecting information from improper disclosure at alltimes.6.6. You should seek patients’ and clients’ wishes regarding the sharing ofinformation with their family and others. When a patient or client is consideredincapable of giving permission, you should consult relevant colleagues. The duty ofconfidentiality owed to a person under 16 is as great as that owed to any otherperson. But if the young person or another person, is at risk of serious harm, whichdisclosure to an appropriate person would prevent, that the need for this will beexplained.6.7. If you are required to disclose information outside the team that will havepersonal consequences for patients or clients, you must obtain their consent. If thepatient or client withholds consent, or if consent cannot be obtained for whateverreason, disclosures may be made only where:6.7.1. they can be justified in the public interest (usually wheredisclosure is essential to protect the patient or client or someone else fromthe risk of significant harm)6.7.2. they are required by law or by order of a court6.7.3. Where there is an issue of child protection, you must act at alltimes in accordance with national and local policies.6.8. Observe the principle that information given for one purpose may not be usedfor a different purpose without the permission of the informant;6.9. Be aware that patients have a right to restrict disclosure of their personalinformation and as far as possible you must ensure that this right is adhered to andrespected. A failure to do so could lead to disciplinary action.6.10. If you have any concerns about disclosing/sharing patient information you mustdiscuss with your manager and if they are not available, someone with the same orsimilar responsibilities e.g. your Caldicott Guardian or Data Protection Officer/Head ofInformation Governance (see Appendix 3) If you cannot find anyone to discuss theCode of Conduct for Employees in Respect of ConfidentialityPage 6 of 18

issue with you should take down the callers details and contact them when you aresatisfied the disclosure of information can take place. The contact could be either viavoice or electronic media.6.11. Telephone Enquiries6.12. If a request for information is made by telephone,Always try to check the identity of the caller and check whether they are entitledto the information they request.Take a number, verify it independently and call back if necessary.6.13.Remember that even the fact that a patient is in hospital, a patient of the hospitalor a member of staff, is confidential. If in doubt consult your manager or the DataProtection Officer. It is safer not to disclose than to disclose inappropriately.6.14. Requests for Information by the Police and media6.15. With respect to the PoliceRequests for information from the Police should always be referred to the DataProtection Officer/Head of Information Governance or the RecordsServices/PAS Manager. Access to these people is available 24/7 viaswitchboard.6.16. With respect to the MediaDo not give out any information under any circumstances.6.17. Only the Director of Communication/Press Officer are authorised to do so and aresubject to national guidance on confidentiality in this respect. If you receive any requestfrom the media by personal visit or by phone refer the person to the Trusts Press Officer.RCHTPress Office Number 01872 25 2934Out of hours (24/7) Page via RCH switchboard6.18. Remember, the media may not always make their status apparent. If you have anyconcerns about the validity of a caller or visitor, please contact the Press Office.6.19. Disclosure of Information to Other Employees of the TrustInformation on patients should only be released on a need-to-know basis.Always check the member of staff is who they say they are.This can be achieved by checking the employee’s ID badge and/or their internalextension number or bleep number prior to giving them any information.If possible also check whether they are entitled to the information.Code of Conduct for Employees in Respect of ConfidentialityPage 7 of 18

Don’t be bullied into giving out information.If in doubt, check with the consultant/doctor in charge of the patient’s care. Orplease contact either the Data Protection Officer or Records Services Manager.6.20. Abuse of Privilege6.21. It is strictly forbidden for employees to look at any information relating tothemselves, their own family, friends or acquaintances unless they are directlyinvolved in the patient’s clinical care or with the employees administration on behalfof the Trust. Action of this kind will be viewed as a breach of confidentiality and mayresult in disciplinary action.6.22. If you require to see your own Health Record, you should make a SubjectAccess Request to the Disclosure Office.6.23. If you have concerns about this issue please discuss with your line manager.6.24. CarelessnessDo not talk about patients in public places or where you can be overheard.Do not leave any Health Records or confidential information lying aroundunattended.Make sure that the general public cannot see any computer screens, or otherdisplays of information. When leaving your office, ensure you lock your PC, (Ctrl + Alt + Delete. Lock –Workstation or Windows Key + L) or VDUSecure all portable forms of data by locking them in a draw.Lock your office.You should not share your password with anyone, no matter how senior. (To doso would be a disciplinary offence)Do not transport confidential information in your car without adhering to thecorrect procedure.• In secure bag• In boot of car• Not left unattended at any time. (including overnight)• Most importantly, with your line mangers permission.6.25. Use of Internal and External Post6.26. Best practice with regard to confidentiality requires that all correspondencecontaining personal information should always be addressed to a named recipient.Code of Conduct for Employees in Respect of ConfidentialityPage 8 of 18

This means personal information/data should be addressed to a person, a postholder, a consultant or a legitimate Safe Haven, but not to a department, a unit or anorganisation. In cases where the mail is for a team it should be addressed to anagreed post holder or team leader.6.27. Internal mail containing confidential data should only be sent in a securelysealed envelope, and marked accordingly, e.g. ‘Confidential’ or ‘Addressee Only’, asappropriate. When received in the department only the Addressee may open theenvelope unless others are authorised to do so.6.28. External Mail must also observe these rules. Special care should be taken withpersonal information sent in quantity, such as case notes, or collections of patientrecords on paper, CD or other media. These should be sent by Special Delivery or byNHS courier, to safeguard that these are only seen by the authorised recipient(s). Insome circumstances it is also advisable to obtain a receipt as proof of delivery e.g.patient records to a solicitor.6.29. Electronic media should be protected. Advice on how to protect files is availablefrom CITS Support Centre on Ext 1717.6.30. Case notes and other bulky material should only be transported in the approvedboxes/bags and never in dustbin sacks, carrier bags or other containers. Thesecontainers should not be left unattended unless stored, waiting for collection, in asecure area. The containers should only be taken and transported by the approvedcarrier.6.31. If you are required to use your own vehicles to transport confidentialinformation, it should be in a orange bag (where appropriate), in the boot of your carand not left unattended (unless as a part of an agreed working practice, normallywhere it would not be reasonable to take large quantities of records in to a patient’shouse). Records should not be left in vehicles overnight, they should be safely storedwithin the staff members premises.6.32. Blood samples etc. and the accompanying request forms should be treated asconfidential patient information and handled accordingly.6.33. Faxing6.34. All faxing of information should be carried out in line with the Trust SafehavenPolicy and Procedure.6.35. Please see the Guidance for sharing personal information by Fax, which shouldbe displayed in close proximity to the Fax Machine.• Remove patient identifiable data from any faxes unless you are faxing to aknown secure and private area (known as Safe Havens).• Faxes should always be addressed to named recipients.• Use a fax header sheet with your contact details• Always check the number to avoid misdialling and ring the recipient to checkthat they have received the fax.• If your fax machine stores numbers in memory, always check that the numberheld is correct and current before sending sensitive information.Code of Conduct for Employees in Respect of ConfidentialityPage 9 of 18

6.36. Storage of Confidential Information6.37. Paper-based confidential information should always be kept locked away andpreferably in a room that is locked, and in some cases alarmed (e.g. GUM records)when unattended, particularly at nights and weekends or when the building/office willbe un-occupied for a long period of time.6.38. PC-based information should not be saved onto local hard drives or ontoremovable media, but onto the Trust network, CDs, and other media should be keptin locked storage.6.39. Encrypted memory sticks can be provided in some exceptional circumstanceswith the authorisation of line managers.6.40. Disposal of Confidential Information6.41. When disposing of paper-based person-identifiable information or confidentialinformation always use ‘Confidential Waste’ sacks/shredders. (Please check with theNHS Records Management Code of Practice for retention and disposal details first)Keep the waste in a secure place until it can be collected for secure disposal.6.42. Computer printouts should either be shredded or disposed of as paper-basedconfidential waste.6.43. CDs containing confidential information must be destroyed. Computer files withconfidential information no longer required must be deleted from the server ifnecessary (no data is to be stored on the hard drives of PC’s). Destroy CDs bycutting through the disc.6.44. Computer hard disks are only to be destroyed/disposed of by the IT expertswithin the Trust.6.45. This is to ensure all information is deleted from the disk, as even by reformattingit is possible to gain access to the original data.6.46. Patient Identifiable Information must be kept for a set period of time. This isoutlined within Records Management Code of Practice. This indicates the minimumtime for which both medical and business NHS records should be retained and setsout the legal obligations for all NHS bodies to keep proper records and the rules onarchiving or destruction. The Trust has a Records Management Strategy which hasbeen endorsed by the Trust Board.6.47. Further information is available from the Document Library.6.48. Confidentiality of Passwords, PIN numbers, etc6.49.Personal passwords, PIN numbers, etc issued to or created by employeesshould be regarded as confidential and they must not be communicated to anyone.Passwords, PIN numbers, etc should not be written down.Code of Conduct for Employees in Respect of ConfidentialityPage 10 of 18

Passwords, PIN numbers, etc should not relate to the employee or the systembeing accessed.6.50. You will be given more information about their control and format etc. when youreceive your training and/or password, PIN, etc.6.51. No employee should attempt to bypass or defeat the security systems orattempt to obtain or use passwords, PINs, etc or privileges issued to otheremployees. Any attempts to breach security should be immediately reported to the ITSecurity Manager and may result in disciplinary action and also to a breach of theComputer Misuse Act 1990 and/or the Data Protection Act and may result in adisciplinary action and/or legal proceedings.6.52. Emailing Confidential Information6.53. Please see the “Email Policy” available on the Document Library.6.54. Patient identifiers should be removed wherever possible, and only the minimumnecessary information sent, this may be considered to be the NHS number but noname or address. This in itself can pose problems as the wrong number may betyped.6.55. Special care should be taken to ensure the information is sent only to recipientswho have a “need to know “; always double check you are sending the mail to thecorrect person/s.6.56. External transfers should only take place to persons with access to NHSnet/N3or approved recipients. Under no circumstances whatsoever should any type ofpatient identifiable information or sensitive or confidential information about any otherperson be e-mailed to persons who only have a Hotmail account, without thepermission of your line manger or the Data Protection Officer. Due to its insecurenature any information transmitted over the Internet should be considered to be in thepublic domain.6.57.See the Trust E-mail policy for more detailed information.6.58. Working at home6.59. The Organisation does not advocate the taking of person identifiableInformation or Records home for any reason. If you feel you have reason to do so,you MUST contact the Records Services Manager if they are clinical records or theCorporate Records Manager if they are corporate or business records to discuss priorto taking any records off site.6.60. If you do have a justifiable reason to take patient or corporate records home,you must ensure they are securely stored to prevent accidental or malicious accessby non authorised people. It will be your responsibility to ensure they are recorded asbeing in your possession and that they are safely returned.6.61. Copying of softwareCode of Conduct for Employees in Respect of ConfidentialityPage 11 of 18

6.62. All computer software used with the Trust is regulated by license agreements.A breach of the agreement could lead to legal action against the organisation and/orthe offender (member of staff).6.63. It is important that software on the PCs/systems used for work purposes mustnot be copied and used for personal use. This would be a breach of the licenseagreement.6.64. General provisions6.65. Interpretation6.66. If any person requires an explanation concerning the interpretation or therelevance of this code of conduct, they should discuss the matter with their linemanager, the Trust Data Protection Officer, Head of Information Governance, theCaldicott Guardian or the Records Services and PAS Manager.6.67. Non-Compliance6.68.Non-compliance with this code of conduct by any person working for the Trustmay result in disciplinary action or criminal charges being taken in accordance withthe Trust disciplinary procedure, and may lead to dismissal for gross misconduct.6.69.Breaches of the Data Protection Act 1998 could result in a fine for the Trust fromthe Information Commissioners Office which could amount to £500,0006.70.Anyone found breaching confidentiality could be sued by the data subject up to£5000.6.71. A record is kept of everyone who accesses information held on the Trustspatient based systems which is audited and can be made available to the patient.6.72. To obtain a copy of the disciplinary procedures please discuss with yourmanager or the Personnel/Human Resources department or the Practice Manager.7. Dissemination and Implementation7.1. This document will be submitted to the Risk Management Committee forapproval and following approval will be disseminated to staff via the managementstructure. New and existing staff will be notified via the ‘Daily Bulletin when the policyis made available on the Document Library: They will be made aware of its contentsduring relevant risk management training in line with the Training Needs Analysis asoutlined in the RCHT Core Training Policy.8. Monitoring compliance and effectivenessElement to bemonitoredLeadThis Policy will be monitored entirety.Although the Head of Information Governance will lead this, it theresponsibility of all line managers to monitor their own areas ofinfluence.Code of Conduct for Employees in Respect of ConfidentialityPage 12 of 18

ToolFrequencyReportingarrangementsActing onrecommendationsand Lead(s)Change inpractice andlessons to besharedDatix will be used to monitor the incidents and risks that arerelevant to the content of the Code of Conduct.The management of risks and incidents is an ongoing processresulting in real time continuous monitoring.The Information Governance Committee will receive reports ateach meeting; these will be tabled by the Head of InformationGovernance.The IGC meets bi-monthly.Any recommendations or actions will be delegated to the relevantdepartmental lead as required.A report on progress will be required as directed by the agreedtimescale for completion.Significant changes to working practices will be disseminated viathe All Users BulletinsA lead member of the team will be identified to take each changeforward where appropriate. Lessons will be shared with all therelevant stakeholders9. Updating and Review9.1. The Code of Conduct for Employees in Respect of Confidentiality is updatedand reviewed annually.10. Equality and Diversity10.1. This document complies with the Royal Cornwall Hospitals NHS Trust serviceEquality and Diversity statement.10.2. Equality Impact Assessment10.3.Please see appendix 2.Code of Conduct for Employees in Respect of ConfidentialityPage 13 of 18

Appendix 1. Governance InformationDocument TitleDate Issued/Approved: 17 Dec 12Date Valid From: 17 Dec 12The Code of Conduct for Employees inRespect of ConfidentialityDate Valid To: 17 Dec 15Directorate / Department responsible(author/owner):Mark ScallanContact details: 01872 258580Brief summary of contentsSuggested Keywords:Target AudienceExecutive Director responsible forPolicy:A code of conduct to inform staff how tohandle person identifiable informationsecurely.Code of Conduct, Confidentiality, DataProtection, Information sharingRCHT PCT CFTDirector of FinanceDate revised: November 2012This document replaces (exact title ofprevious version):Approval route (names ofcommittees)/consultation:Code of Conduct for Employees in Respectof ConfidentialityInformation Governance CommitteeDivisional Manager confirmingapproval processesName and Post Title of additionalsignatoriesSignature of Executive Director givingapprovalPublication Location (refer to Policyon Policies – Approvals andRatification):Document Library Folder/Sub FolderLinks to key external standardsRelated Documents:Training Need Identified?Head of Quality, Safety and ComplianceNot Required{Original Copy Signed}Internet & Intranet Intranet OnlyHealth Informatics /Information GovernanceInformation Governance ToolkitData Protection PolicySafe Haven PolicyData protection and Caldicott GuidanceNoCode of Conduct for Employees in Respect of ConfidentialityPage 14 of 18

Version Control TableDateVersionNo19 Nov 12 V2.0V1.5 Initial IssueSummary of ChangesUpdated to reflect compliance needs with thePolicy on Policies.Previous version history not knownChanges Made by(Name and Job Title)Mark Scallan Head ofInformationGovernanceMark Scallan Head ofInformationGovernanceAll or part of this document can be released under the Freedom of InformationAct 2000This document is to be retained for 10 years from the date of expiry.This document is only valid on the day of printingControlled DocumentThis document has been created following the Royal Cornwall Hospitals NHS TrustPolicy on Document Production. It should not be altered in any way without theexpress permission of the author or their Line Manager.Code of Conduct for Employees in Respect of ConfidentialityPage 15 of 18

Appendix 2.Initial Equality Impact Assessment Screening FormName of service, strategy, policy or project (hereafter referred to as policy) to beassessed: Code of Conduct for Employees in Respect of ConfidentialityDirectorate and service area:Is this a new or existing Procedure? ExistingInformation GovernanceName of individual completingTelephone: 01872 258580assessment: Mark Scallan1. Policy Aim* To inform staff of their responsibilities with regards toconfidentiality.2. Policy Objectives* To ensure person identifiable data is handled securelythrough staff awareness.3. Policy – intendedOutcomes*4. How will you measurethe outcome?5. Who is intended tobenefit from the Policy?6a. Is consultationrequired with theworkforce, equalitygroups, local interestgroups etc. around thispolicy?To minimise incidents and risks associated with the handlingof confidential information.Through Datix reports and spot checks.All staff who handle person identifiable information.Nob. If yes, have thesegroups been consulted?c. Please list any groupswho have been consultedabout this procedure.*Please see Glossary7. The ImpactPlease complete the following table using ticks. You should refer to the EA guidance notesfor areas of possible impact and also the Glossary if needed.• Where you think that the policy could have a positive impact on any of the equalitygroup(s) like promoting equality and equal opportunities or improving relationswithin equality groups, tick the ‘Positive impact’ box.• Where you think that the policy could have a negative impact on any of the equalitygroup(s) i.e. it could disadvantage them, tick the ‘Negative impact’ box.• Where you think that the policy has no impact on any of the equality group(s) listedbelow i.e. it has no effect currently on equality groups, tick the ‘No impact’ box.Code of Conduct for Employees in Respect of ConfidentialityPage 16 of 18

Equality Positive Negative No Reasons for decisionGroupImpact Impact ImpactAge No equality issues.Disability No equality issues.ReligionbelieforNo equality issues.Gender No equality issues.Transgender No equality issues.Pregnancy/ No equality issues.MaternityRace No equality issues.SexualOrientationMarriage / CivilPartnershipNo equality issues.No equality issues.You will need to continue to a full Equality Impact Assessment if the following havebeen highlighted:• A negative impact and• No consultation (this excludes any policies which have been identified as notrequiring consultation).8. If there is no evidence that the policypromotes equality, equal opportunitiesor improved relations - could it beadapted so that it does? How?Full statement of commitment to policy ofequal opportunities is included in the policyPlease sign and date this form.Keep one copy and send a copy to Matron, Equality, Diversity and Human Rights,c/o Royal Cornwall Hospitals NHS Trust, Human Resources Department, ChyveanHouse, Penventinnie Lane, Truro, Cornwall, TR1 3LJA summary of the results will be published on the Trust’s web site.Signed ________________________________________Date _________________________________________Code of Conduct for Employees in Respect of ConfidentialityPage 17 of 18

PLEASE RETAIN FOR YOUR INFORMATIONAppendix 3. Contact InformationCaldicott GuardianRoyal Cornwall Hospital NHS TrustDr Paul UptonCaldicott GuardianHead OfficeBedruthan HousePenventinnie LaneTruroTR1 3LJTel: 01872 25 2223Fax: 01872 25 2944Data Protection OfficerRoyal Cornwall Hospital NHS TrustMr Mark ScallanHead Information GovernancePendowerRoyal Cornwall HospitalTruro TR1 3LJTel: 01872 25 8580Code of Conduct for Employees in Respect of ConfidentialityPage 18 of 18