Data Protection and Confidentiality
Your rights in relation to data protection and confidentiality
The Data Protection Act 1998 protects people’s rights to confidentiality. It restricts how personal and sensitive information can be collected, used, stored and passed on. Personal details must not be passed on unless the person gives their permission. These laws give you rights as an employee but also require you to treat individuals’ information responsibly. See below
Your responsibility in relation to data protection and confidentiality
Understand the importance of keeping confidential information and personal data safe and always attend your training. You have access to the names, addresses, key codes and personal and sensitive information about many vulnerable people. You sometimes know where their money or bank card is kept, when they are going on holiday and when the house is going to be empty, what medication they take and where it is kept. You therefore have a huge responsibility to make sure that NO-ONE, who doesn’t have a right to this information, has access to it.
To put it into perspective – imagine what it would feel like if you went on to your Facebook page or opened the newspaper to find that all your very personal information; your address, telephone number, details of conversations and activities were there for everyone to read. You would be justifiably angry and upset…and you would feel very vulnerable.
Sharing information
- Never share information about service users with people who do not need to know – ask yourself ‘does this person NEED to know this information?’ If the answer is ‘no’, don’t share it. Equally, do not assume that it is ok to share confidential with family members, you should ask the service user if it is ok to share.
- Be clear about when and who you MUST share confidential information with. E.g. you must tell your line manager if you suspect a service user is being abused in some way.
- Be confident to challenge people who ask for information they have no right to. This may be other service users, other staff or your family and friends asking quite innocent questions. It is your responsibility to politely but firmly explain that you cannot share the information and the reason why. Politely request that they do not ask you to share information again.
- Be aware that some people may try to trick you to gain confidential information. This may be the innocent looking man asking for directions – he may really be a bogus caller trying to gain access to the homes of vulnerable people.
- Never discuss work related issues in public places, especially confidential information. This includes directly outside the service users home where their neighbours could be passing. If you need to discuss an issue about the service user you have just seen, return to your car to speak with your double up partner or telephone the office.
- Be confident to tell your manager if you accidently breach confidentiality or data protection. It is far better to be honest if you have made a mistake so that actions can be taken to minimise any risk to service users, your employer or the Council.
Use to answer question 1.2a and 14.1a of the Care Certificate
ID badges
Wear your ID badge when you are at work and keep it safe when not at work. Don’t leave it lying around at home and never in your car. If you leave your employment give your ID badge back so that it can be securely destroyed.
Work related paperwork
- Keep any work related paperwork, such as rotas, safe when at home and work so that no-one else can see it.
- Never write down key safe numbers, names and addresses together.
- Keep it in an opaque folder that you use only to keep your rota in.
- Never leave work related paperwork on car seats, especially when the window is rolled down. It is best to keep paperwork with you, but if you must leave it in your car you must lock it in your boot.
- Once work related paperwork is no longer current always dispose of it immediately and correctly (ideally be cross shredding) so that names, addresses and key safe numbers are not identifiable.
Use to answer question 1.2a and 14.1a of the Care Certificate
Key safe codes
- If you store key safe codes in your mobile phone, do so in such a way that makes sense to you and no-one else. If you receive a key safe code by e-mail or text delete it immediately once it has been used.
- Always input key safe codes discreetly so that passers-by cannot see the number. Don’t say the code out loud while you are inputting it.
- Ideally key safe codes should be changed periodically with the agreement of the service users and their carers and only the people who essentially need it should be made aware of it.
- If the key safe is the dial type, the dial should be ‘scrambled’ after use.
Electronic devices and social media
- Increasingly you are expected to send and receive information on electronic devices. Sometimes these are your own personal devices. It is very important that they are secure. I.e. they are physically secure, and have strong passwords.
- Ensure that you delete confidential information such as addresses as soon as you have used them. Make sure you regularly ‘clean up’ your mobile phone, computer etc. to delete any information which is confidential.
- Ensure that if you share a laptop or tablet etc. with other family members, that they cannot access your work related information.
- Never discuss any aspect of your work on social media sites.
- Ideally do not even identify on the sites, the nature of your work or the company you work for.
- It is best practice never to ‘friend’ service users or their carers on social media sites. ‘Friending’ can lead to information and photographs being shared inadvertently and inappropriately.
- Never share photographs of service users on social media sites. Even if you are proud of an achievement such as helping someone to look their best for a Christmas party – do not share (even with the service user’s permission).
Use to answer question 1.2a of the Care Certificate