Caerphilly Assertive Outreach Team (Mental Health)
WASPI Tier 3:
Operational Requirements to Support Lawful Personal Information Sharing
Caerphilly Assertive Outreach Team
(Mental Health Services)
WASPI Tier 3: Operational Requirements to Support Lawful Personal Information Sharing
Caerphilly Assertive Outreach Team
(Mental Health Services)
WASPI Tier 3:
Operational Requirements to Support Lawful Personal Information Sharing
Contents
Introduction
1 Scope and Purpose of this Document 5
2 Who does this operational instruction apply to? 6
3 Further Sources of Information 6
4 Who should I contact in case of queries? 7
Part A 8
1 Summary 8
2 What personal information will be shared? 8
3 What information collection tools must be used? 9
4 When is personal information shared? 9
5 Key Identifying Information 9
6 How much personal information should be shared? 9
7 How is personal information to be shared? 9
8 What other rules should be followed? 10
Part B 11
1 Summary 11
2 The Standard Consent Rules for UAP and CPA 11
3 Legislative/Statutory Powers 11
4 Ensuring Consent is Informed 12
5 Obtaining Consent 12
6 How long does consent last? 12
7 Recording Consent 13
8 Extended Consent Rules for Assertive Outreach Services 13
9 Actions to be taken where subject lacks mental capacity 13
10 Actions required when consent is refused or withdrawn 14
11 Actions required when information is shared without consent 14
12 Recording Consent under the Extended Consent Rules 15
Part C 16
Standard Information Flows to support Assertive Outreach Services 16
Attachment 1 – CPA Assessment Form 19
Introduction
1 Scope and Purpose of this Document
This document is Tier 3 of a four Tier approach.
Tier 1 agrees a common set of principles under which partner organisations will share information with each other.
Tier 2 (the Personal Information Sharing Protocol – PISP) sets out the broad framework for information sharing for specific purposes, the signatory organisations, the group(s) of Service Users it impacts upon, the relevant legislative powers, what data is to be shared, the consent processes involved (where appropriate) and the process for review.
Tier 3 describes the operational procedures that should be applied to the sharing of personal information for the purposes set out in the equivalent Tier 2 PISP.
Tier 4 informs the Service User and staff about the processes and the information used.
This Tier 3 document has been prepared to support the PISP for the Assertive Outreach Services. Its purpose is to provide operational staff with guidance on the day-to-day handling and management of personal information about Service Users.
The high-level functions of the Assertive Outreach Services and the relevant Tier 2 PISP are:-
- Agreeing referrals into the service
- Assessing the service users need
- Agreeing multi-agency commissioning care plan
- Implementing multi-agency support in relation to service user need
- Supporting multi-agency monitoring and review of service users progress
- Discharges from the service
This Tier 3 document sets out the rules and procedures to be adopted when sharing information to support these functions. Information shared to support functions other than those listed is not covered by this document.
In this document:-
Part A sets out the detailed rules and operational procedures that must be followed when sharing personal information.
Part B describes the specific rules relating to consent to sharing of information.
Part C is a table that summarises the common rules and procedures governing the sharing of information for the purposes described in this document.
Part D is a table that sets out any special circumstances to supplement the standard operating procedures set out in part C.
2 Who does this operational instruction apply to?
The organisations that are engaged in delivering Assertive Outreach Services as part of the Caerphilly Assertive Outreach Team are:-
- Caerphilly Local Authority Social Services Department
- Gwent Healthcare NHS Trust
Staff of these organisations who work directly with Service Users in order to carry out the functions of the Assertive Outreach Team described in the Introduction are bound by these instructions and the Assertive Outreach Services Tier 2 PISP.
Note: the term ‘staff’ encompasses paid workers, volunteers, students and other temporary workers approved by the employing/hosting organisation to carry out work relating to the Assertive Outreach Services. See also definition in Tier 2.
3 Further Sources of Information
This document should be read in conjunction with the available over-arching Tier 1 document, the Tier 2 PISP for Assertive Outreach Services and also the Code of Practice on Confidentiality for health and social care workers.
In addition the following may be consulted:-
A General Framework for Information Sharing in Social Services, Department of Health, 2003.
Information Sharing Toolkit, Operational Version 1.0, Greater Merseyside Connections Partnership, 2005.
Public Sector Data Sharing: Guidance on the Law, Department for Constitutional Affairs, November 2003.
4 Who should I contact in case of queries?
If you have any queries about this document or what it means for you in practice, please contact:-
Caerphilly Social Services Assertive Outreach Team Manager
Gwent Healthcare NHS Trust Outreach Team Manager Caerphilly
Caerphilly Assertive Outreach Team (Mental Health)
WASPI Tier 3:
Operational Requirements to Support Lawful Personal Information Sharing
Part A
1 Summary
Information can only be shared for the purposes set out in the Introduction.
Personal information should be collected using the approved collection tools and ensuring the required identifying information is complete and up-to-date.
Only the minimum necessary personal information should be shared to support the work of staff that have a legitimate involvement with the Service User.
Whichever method is used to transfer information, it must be secure, and follow the rules set out here.
Each organisation will also have special rules relating to information handling that staff must follow.
2 What personal information will be shared?
The CPA is intended to be applied to any adult aged 18 and over who requests or appears to require an assessment of needs.
The information gathered for the purpose of the Assertive Outreach Services includes a wide range of information about the Service User’s general health and social well-being. Basic personal details will be gathered, as well as material related to physical and mental health status, relationships, ability to live independently, suitability of accommodation and user/carer perspective of the situation. Any issues relating to abuse/neglect will also be recorded.
The information gathered might therefore include:-
• User's perspective• Basic demographics
• Carer's perspective and need
for carer assessment
• Clinical background
• Disease prevention / • Mental health
• Personal care and physical well-being
• Activities of Daily Living
· Relationships
• Safety
• Senses
This information is used to prepare a care plan detailing how services will be provided; how needs will be met; who will be involved; whether any needs will remain unmet and how the Service User’s ongoing care will be managed and reviewed.
The full range of information to be shared is included within the CPA Assessment Form as attachment 1.
3 What information collection tools must be used?
The organisations’ approved collection tools for gathering this personal information are the following form(s) and system(s):-
- CPA Assessment form – paper
- Caerphilly Social Services Department – SWIFT Information System
- Gwent Healthcare NHS Trust – ePEX Mental Health Information System
- Gwent Healthcare NHS Trust word documentation held on the Trust server
4 When is personal information shared?
Information may only be shared on a need-to-know basis when it supports the delivery of the functions of the Assertive Outreach Services as set out above and in the Assertive Outreach Services Tier 2 PISP.
If a worker makes changes to a record, reasonable efforts should be taken to ensure that anyone who has received a copy of the record is also alerted to the change.
5 Key Identifying Information
When sharing information, the following data items will be used to ensure that all partners are referring to the same individual:-
Name
Date of Birth
Address
6 How much personal information should be shared?
Only the minimum necessary personal information consistent with the purposes set out here must be shared.
7 How is personal information to be shared?
The methods that are used to exchange personal information are:
· paper form
· verbal transfer (telephone, mobile, mdt meetings)
· fax
· post
· magnetic media
· access to IT ePEX & SWIFT
8 What other rules should be followed?
Organisational policies and procedures relating to personal information will need to be followed such as:-
• The means of storing information in electronic and paper recording systems.
• Retention and disposal rules.
• Data quality routines.
• Change of circumstances procedures.
Part B
1 Summary
Generally speaking, information sharing should not take place without the informed consent of the Service User. This Part sets out the law and general rules of consent that will usually apply. It also describes what to do in special circumstances where the user does not consent, is unable to consent or withdraws consent.
2 The Standard Consent Rules for UAP and CPA
The phrase “Standard Consent Rules” refers to circumstances where informed consent can be obtained.
3 Legislative/Statutory Powers
The legal basis on which information sharing is permitted to support UAP is as follows:
a. The Unified Assessment Guidance was issued as NAFWC 09/02 and as WHC(2002)32. It requires local authorities and health services to work together to provide assessment of needs for all adults.
b. Section 47 of the NHS and Community Care Act 1990 provides for social services authorities to involve staff of health and housing agencies in order to prepare comprehensive assessments of need. It can be implied from this duty that there is a power to share information with health bodies or housing authorities.
c. Section 22 of the National Health Service Act 1977 provides for a general duty on NHS bodies and local authorities to co-operate with one another in order to secure and advance the health and welfare of the people of England and Wales. This general duty implies a power to share information between NHS bodies and local authorities.
d. Local authorities also have wider powers under section 2 of the Local Government Act 2000 to promote or improve the social wellbeing of their area. This provides an implied power to share information with other statutory services and the independent sector.
e. Paragraph 16 of Schedule 2 to the National Health Service and Community Care Act 1990 provides that NHS Trusts have general powers to do anything which is necessary or expedient for the purposes of or in connection with the provision of goods and services for the health service and similarly will give rise to an implied power to share information.
Whilst these provisions provide the power to share information, the actual disclosure of information in accordance with these powers must be conducted within the legal framework of the Data Protection Act and the Human Rights Act and in compliance with the common law duty of confidence.
4 Ensuring Consent is Informed
Staff need to ensure that consent is given on an informed basis by explaining what information is to be shared, who it is to be shared with and the purpose of sharing it. It is expected that this will be discussed directly with the Service User but it is also possible to supplement this with:-
• Public information leaflet
• Standard letter
It should also be made clear to Service Users that under the Data Protection Act they have a right to withhold their consent or to choose to limit the type of information that can be shared and to limit the agencies with which it can be shared. In this case, see ‘Actions required when consent is refused or withdrawn’ below.
While it is preferable to obtain this consent at the point of contact and before information is shared, it is recognised that in emergencies it may not be possible to seek consent. In this case, see ‘Actions required when information is shared without consent’ below.
5 Obtaining Consent
In most circumstances, consent should be obtained as follows:-
Normally, explicit consent is required. Whilst explicit consent can be given in writing, this is not essential. Provided that Service Users have been informed appropriately as set out above, verbal consent to a particular use or disclosure of information is sufficient to allow information sharing.
For information sharing between social care practitioners see ‘Intra-Social Care Information Sharing’.
For information sharing between NHS health practitioners see ‘Intra-NHS Information Sharing’.
6 How long does consent last?
Consent should not be regarded as a permanent state. Opportunities to review the Service User’s continuing consent to information sharing should arise during the course of ongoing case management and service provision. It is not possible to set hard and fast rules on the timing of such reviews and practitioners should exercise professional judgement in determining whether it would be appropriate to re-visit an individual’s continued consent at any given juncture. Ideally, it should take place in the context of the care plan review or a re-assessment.
7 Recording Consent
All discussions and decisions regarding consent must be recorded in the paper file and/or the electronic record.
Staff must check the record to ensure consent is valid when sharing information.
8 Extended Consent Rules for Assertive Outreach Services
The phrase ‘Extended Consent Rules’ refers to circumstances where the usual method of obtaining cannot be followed, typically where consent is withdrawn, refused or cannot be relied upon due to capacity issues. There may also be circumstances where information needs to be shared but it would not be appropriate to seek consent, for example where to do so would place an adult at risk of serious harm.