NTW(O)62

Appendix 3

Caldicott Approval Form for Use or Release of Patient Identifiable Data

You must address the 7 Caldicott Principles when submitting this request for data

Project Title
Description of Data (principle 2 and 3)
Indicate which data items have been requested:
Forename / DOB: / Sex
M/F / Address
Surname / Age / Post Code
Name of Organisation receiving Data
Name Person Responsible for Releasing Data
Job Title
Address
Purpose for which data to be used (Principle 1)
I confirm that the data will be held and used according to the conditions described below and that I have addressed the 7 Caldicott Principles
Name
Title
Signature
Date
Other supporting information e.g. Ethics approval, correspondence etc
The release of data as described above / Approved / Not Approved
Signed by Caldicott Guardian / Deputy
Name (print)
Date

1

Northumberland Tyne and Wear NHS Foundation Trust

Appendix 3 - Caldicott Approval Form for Use or Release of Patient Identifiable Data – Iss 2 Oct 17

Part of NTW(O)62 - Information Sharing Policy – V04.1

NTW(O)62

The data will be treated as confidential.

1.The data will be used only for the purposes described.

2.In the case of anonymised or confidential aggregated data, no attempt will be made to identify or contact individuals or organisations identified through these data.

3.The data may be disclosed to staff of the above organisation but only for the purposes described.

4.The data may not be disclosed to any third party.

5.The data will be stored in secure condition at all times whether held on computer medium or as a printed copy.

6.The organisation to which the data are released will maintain and comply with a Data Protection Registration which encompasses the data and data usage described.

7.The data will be destroyed when the work is completed: any printed copies will be destroyed, and files deleted from computer systems (including any copies held on backup or archive media).

8.All staff given access to the data will be made aware of these conditions (Principle 5).

Caldicott Principles

Principle 1 - Justify the purpose(s)

  • Every proposed use or transfer of patient-identifiable information within or from an organisation should be clearly defined and scrutinised, with continuing uses regularly reviewed, by an appropriate guardian.

Principle 2 - Don't use patient-identifiable information unless it is absolutely necessary

  • Patient-identifiable information items should not be included unless it is essential for the specified purpose(s) of that flow. The need for patients to be identified should be considered at each stage of satisfying the purpose(s).

Principle 3 - Use the minimum necessary patient-identifiable information

  • Where use of patient-identifiable information is considered to be essential, the inclusion of each individual item of information should be considered and justified so that the minimum amount of identifiable information is transferred or accessible as is necessary for a given function to be carried out.

Principle 4 - Access to patient-identifiable information should be on a strict need-to-know basis

  • Only those individuals who need access to patient-identifiable information should have access to it, and they should only have access to the information items that they need to see. This may mean introducing access controls or splitting information flows where one information flow is used for several purposes.

Principle 5 - Everyone with access to patient-identifiable information should be aware of their responsibilities

  • Action should be taken to ensure that those handling patient-identifiable information - both clinical and non-clinical staff - are made fully aware of their responsibilities and obligations to respect patient confidentiality.

Principle 6 - Understand and comply with the law

  • Every use of patient-identifiable information must be lawful. Someone in each organisation handling patient information should be responsible for ensuring that the organisation complies with legal requirements.

Principle 7 – The duty to share information can be as important as the duty to protect patient confidentiality

  • Health and Social care professionals should have the confidence to share information in the best interests of their patients within the framework set out by the principles. They should be supported by the policies of their employers, regulators and professional bodies.

Caldicott Guardian for Northumberland, Tyne and Wear NHS Foundation Trust:

Dr Rajesh Nadkarni

Caldicott Guardian

St Nicholas Hospital

Gosforth, Newcastle upon Tyne, NE3 3XT

Tel No: 0191 2456687 Email:

1

Northumberland Tyne and Wear NHS Foundation Trust

Appendix 3 - Caldicott Approval Form for Use or Release of Patient Identifiable Data – Iss 2 Oct 17

Part of NTW(O)62 - Information Sharing Policy – V04.1