Confidentiality Policy
Children & Young People’s Department
2007
Page 1 of 13
Preface
Staff working within Children & Young People’s Department, of necessity, become aware of a great deal of sensitive confidential information about adults and children. This policy outlines the standards expected of staff in respecting the trust placed within them by managers and the community.
There is a risk that particularly social work and their support staff, may become somewhat de- sensitised to the trust placed within them to safeguard privacy & confidentiality wherever possible. Having a need to know so much private information does in no way reduce the responsibility on each one of us to use each item of such information in accordance with professional standards and only in the exercise of your job. Wilful breaches of confidence betray one of the core principles on which our service is based. Such occurrences can lead to formal disciplinary proceedings.
I trust this policy will serve to reinforce and support the best practice within our service.
David Lund
Director of Children’s Services
Children and Young People’s Directorate
What Is This Document About?
This document is the Children & Young People’s Department (CYPD) Confidentiality Policy containing the required practice for those who work within or under contract to Blackpool Council, CYPD.
Who Does This Document Apply To?
All staff within the Children and Young People’s Department must be aware of their responsibilities as outlined in the document. It has been signed-off by Senior Management and the Caldicott Guardian.
The document is issued with the authority of the Director of Children’s Services and all amendments will be authorised by him.
What Do I Do With This Document?
Line Managers must make all staff aware of their responsibilities in respect to all matters contained within this confidentiality policy.
All new employees working in the Department must adhere to this confidentiality policy as part of their contract agreement
Line Managers should ensure they have access to a copy of the document and that its content is embedded into working practices where relevant.
What Documents Are Related to this One?
- Code of Practice for Social Workers & Code of Practice for Employers of Social Workers, General Social Care Council (GSCC)
- Information Sharing: Practitioners’ guide – Every Child Matters, HM Government
- Blackpool Council’s Corporate ICT Security Policy
- Blackpool Council’s Corporate Freedom of Information Act Policy.
What Regulations Are Relevant To This Document?
- Common Law of Confidentiality
- Data Protection Act 1998 (DPA98)
- Human Rights Act 1998 (HRA98)
- Administrative Law
- Caldicott Principles And Recommendations
- Freedom Of Information Act 2000
Where Can I Go For Help And Advice?
Operational staff should direct queries to their line manager. Managers can direct their questions and queries to thealdicott Guardian
1.Introduction
This document is the CYPD Confidentiality Policy containing the required practice for those who work within or under contract to CYPD, Blackpool Council.
Guidance for social care staff can be obtained from the General Social Care Council (GSCC) codes of practice. This policy will evolve in line with any future developments undertaken by the GSCC.
For the purposes of this document, the term ‘staff ’ is used as a convenience to refer to all those to whom this code of practice should apply.This includes private and voluntary sector staff.
This document
a. Introduces the concept of confidentiality
b. Describes what a confidential service should look like
c. Provides a high level description of the main legal requirements
A summary of the key confidentiality issues can be gained by reading the main body of the document.
This is an evolving document because the standards and practice covered continue to change.
All parts of CYPD need to establish working practices that effectively deliver the service user/children & young people confidentiality that is required by law, ethics and policy. The objective must be continuous improvement across all areas around information governance, management, security and confidentiality.
Managers need to be able to demonstrate active progress in enabling staff to conform to these standards, identifying resource requirements and related areas of organisation or system change. Performance assessment and management arrangements in support of information governance will drive forward the required change. Those responsible for monitoring performance play a key role in ensuring effective systems are in place.
CYPD is committed to the delivery of an effective confidential service. This means ensuring that all service user/children & young people information is processed fairly, lawfully and as transparently as possible so that the public:
• Understand the reasons for processing personal information
• Give their consent for the disclosure and use of their personal information
• Gain trust in the way the Children and Young People’s Department handles information and;
• Understand their rights to access information held about them.
2What Is Confidential Information?
A duty of confidence arises when one person discloses information to another in circumstances where it is reasonable to expect that the information will be held in confidence. It –
a. Is a legal obligation that is derived from case law
b. Is a requirement established within professional codes of conduct such as the General Social Care Council; and
c. Must be included within employment contracts as a specific requirement linked to disciplinary procedures.
Service users/children & young people entrust us with, or allow us to gather, sensitive information relating to their health, education, social care and all matters specifically relating to the safeguarding of children and young people.
They do so in confidence and they have the legitimate expectation that staff will respect their privacy and act appropriately. In some circumstances some service users/ children & young people may lack the competence to extend this trust, but this does not diminish the duty of confidence. It is essential, if the legal requirements are to be met and the trust of service users/ children & young people is to be retained, that CYPD provides, and is seen to provide, a confidential service.
What this entails is described in more detail in subsequent sections of this document, but a key guiding principle is that service user’s/ children & young people’s records are made by the Children and Young People’sDepartment to support the provision of services, to secure positive outcomes and to safeguard children and young people.
One consequence of this is that information that can identify individual service users/ children & young peoples, must not be used or disclosed for purposes other than service provision without the individual’s explicit consent, some other legal basis, or where there is a robust public interest or legal justification to do so. Where possible, consent should be obtained in writing.
Service user/ children & young people information is generally held under legal and ethical obligations of confidentiality. Information provided in confidence should be cared for, and not be used or disclosed in a form that might identify a service user/ children & young people without his or her consent. Except in certain circumstances where you may need to act in the interests of protecting children and young people.
- Information Sharing – Every Child Matters
There are six key points outlined in Every Child Matters which provide very clear guidance that is to be used in all our work. These are:
- One must explain to children, young people and families at the outset, openly and honestly, what and how information will, or could be shared and why, and seek their agreement. The exception to this is where to do so would put that child, young person or others at increased risk of significant harm or an adult at risk of serious harm, or if it would undermine the prevention, protection or prosecution of a serious crime including where seeking consent might lead to interference with any potential investigation.
- One must always consider the safety and welfare of a child or young person when making decisions on whether to share information about them. Where there is concern that the child maybe suffering or is at risk of suffering significant harm, the child’s safety and welfare must be the overriding consideration.
- One should, where possible, respect the wishes of children, young people or families who do not consent to share information. You may still share information, if in your judgement on the facts of the case, there is sufficient need to override that lack of consent.
- One should seek advice where you are in doubt, especially where your doubt relates to a concern about possible significant harm to a child or serious harm to others.
- One should ensure that the information you share is accurate and up-to-date, necessary for the purpose for which you are sharing it, shared only with those people who need to see it, and shared securely.
- One should always record the reasons for your decision – whether it is to share information or not.
4Disclosing & Using Service User/Children & Young PeopleInformation
It is extremely important that families and where appropriate, children & young people are made aware of information disclosures that must take place in order to safeguard them and, provide them with high quality services. Whilst families and where appropriate, children & young people may understand that information needs to be shared between members of teams and between different organisations involved in service provision, this may not be the case and the efforts made to inform them should reflect the breadth of the required disclosure. This is particularly important where disclosure extends to other outside agencies.
Families and children & young people generally have the right to object to the use and disclosure of confidential information that identifies them, and need to be made aware of this right. Sometimes, if families and where appropriate, children & young people choose to prohibit information being disclosed to professionals involved in the provision of services, this needs to be respected unless one needs to act in the interests of protecting children.
Where the purpose is not directly concerned with the provision of a specific service, it would be wrong to assume consent. Additional efforts to gain consent are required or alternative approaches that do not rely on identifiable information will need to be developed.
5Obligations on Individuals working in the Children and Young People’s Department
All staff should meet the standards outlined in this document, as well as their terms of employment (or other engagement agreements). Much of what is required builds on existing best practice. What is needed is to make this explicit and to ensure that everyone strives to meet these standards and improve practice.
Sometimes staff are constrained from meeting these standards where appropriate organisational systems and processes are not yet in place. In these circumstances the test must be whether they are working within the spirit of this policy and are making every reasonable effort to comply
The need for change may apply to many existing systems and processes and it is important that staff know who our Caldicott Guardian is, should any specific problems or barriers arise and need to be noted.
6Providing a Confidential Service
The confidentiality model outlines the requirements that must be met in order to provide service users/ children & young people with a confidential service. Record holders must inform service users/ children & young people of the intended use of their information, give them the choice to give or withhold their consent as well as protecting their identifiable information from unwarranted disclosures. These processes are inter-linked and should be ongoing to aid the improvement of a confidential service. The four main requirements are:
a. PROTECT – look after the service user’s/ children & young people’s information and protect the confidentiality of all information in the course of a professional service, except for compelling professional reasons;
b. INFORM – ensure that service users/ children & young people are aware of how their information is used;
c. PROVIDE CHOICE – allow service users/ children & young people to decide whether their information can be disclosed or used in particular ways.
To support these three requirements, there is a fourth:
d. IMPROVE – always look for better ways to protect, inform, and provide choice.
These are expanded in the following sections.
7Protecting Service User/Children & Young People Information
Service users/ children & young peoples’ personal information and their interests must be protected through a number of measures:
a. Procedures to ensure that all staff, contractors and volunteers are at all times fully aware of their responsibilities regarding confidentiality;
b. Recording service user information accurately and consistently;
c. Keeping service user information private;
d. Keeping service user information physically secure;
e. Disclosing and using information with appropriate care.
8Inform Service Users/Children & Young PeopleEffectively
Service users/ children & young people must be made aware that the information they give may be recorded, may be shared in order to provide them with services, may be used to safeguard children & young people and may be used to support research, audit, inspection and other work to monitor the quality of services provided. Consider whether service users/ children & young people would be surprised to learn that their information was being used in a particular way – if so, then they are not being effectively informed.
In order to inform service users/ children & young people properly, staff must:
a. Check where practicable that information leaflets on service user confidentiality and information disclosure have been read and understood. These should be available within each service area;
b. Make clear to service users/ children & young people when information is recorded and when records are accessed;
c. Make clear to service users/ children & young people when they are or will be disclosing information with others;
d. Check that service users/ children & young people are aware of the choices available to them in respect of how their information may be disclosed and used;
e. Check that service users/ children & young people have no concerns or queries about how their information is disclosed and used;
f. Answer any queries personally or direct the service user to others who can answer their questions or other sources of information;
g. Respect the rights of service users/ children & young people and facilitate them in exercising their right to have access to their personal records.
9Provide Choice to Service Users/ Children & Young People
Service users/ children & young people have different needs and values – this must be reflected in the way they are treated, both in terms of their needs and the handling of their personal information. What is very sensitive to one person may be casually discussed in public by another – just because something does not appearto be sensitive does not mean that it is not important to an individual service user in his or her particular circumstances.
Staff must:
a. Ask service users/ children & young people before using their personal information in ways that do not directly contribute to, or support the delivery of, services;
b. Respect service users/ children & young peoples’ decisions to restrict the disclosure or use of information, except where exceptional circumstances apply;
- Communicate effectively with service users/ children & young people to ensure they understand what the implications may be if they choose to agree to or restrict the disclosure of information.
- Treat all access to service user/children’s records with respect, sensitively and appropriately i.e. both paper files and electronic records
10Improve wherever possible
Staff must:
a. Be aware of the issues surrounding confidentiality, and seek training or support where uncertain in order to deal with them appropriately.
b. Report possible breaches or risk of breaches.
The disclosure and use of confidential service user/ children & young people information needs to be both lawful and ethical. Whilst law and ethics in this area are largely in step, the law provides a minimum standard that does not always reflect the appropriate ethical standards that the government and the professional regulatory bodies require.
Further, where the law is unclear, a standard may be set, as a matter of policy, which clearly satisfies the legal requirement and may exceed some interpretations of the law.
11ICT Security and Managing Electronic Records
Staff need to refer also to the Blackpool Borough Council’s ICT Security Policy for more detail about their individual and corporate responsibilities in respect to confidentiality.
However, all staff must continually be aware of the sensitivity of data they handle and manage, either on electronic systems such as data held on the Capita One System (formerly EMS), Frameworki (ICS); on shared directories/folders, or paper documents. With the introduction of the national ContactPoint system in 2008 staff should be aware of the sensitive nature of the data held. ContactPoint will hold a record of every child in England between the ages of 0 and 17. Security levels for access to the system will be extremely high, and staff must take all practicable steps to ensure that their actions do not compromise security in any way.
Staff need to ensure they maintain confidentiality including their own individual desk space and with people outside the work place.
12Legal Considerations
There are a range of statutory provisions that limit or prohibit the use and disclosure of information in specific circumstances and, similarly, a range of statutory provisions that require information to be used or disclosed.
13Common Law of Confidentiality
This is not codified in an Act of Parliament but built up from case law where practice has been established by individual judgments. The key principle is that information confided should not be used or disclosed further, except as originally understood by the confider, or with their subsequent permission. Whilst judgments have established that confidentiality can be breached ‘in the public interest’, these have centred on case-by-case consideration of exceptional circumstances. Confidentiality can also be overridden or set aside by legislation.