Concept of Confidentiality
As in all aspects of patient care advanced practitioners have a duty to protect the confidentiality of patient/client records. The Data Protection Act 1998, information governance strategies and other local polices govern patient confidentiality and it is important that advanced practitioners are familiar with the requirements of these policies and their accountability for maintaining confidentiality of patient information.
NHSScotland has developed a ' Code of Practice on Protecting Patient Confidentiality' which outlines the responsibility and accountability of all healthcare staff.
The main tenets of these policies are that
- Confidentiality is central to the trust between professionals and their patients/service users
- Information about the health and welfare of a patient and where appropriate their family is confidential and is for use only by those providing the patient with health care or directly concerned with the social welfare and aftercare of that patient.
Disclosure of information to a third party
Information should only be routinely disclosed in connection with the purposes of health care and social welfare to those who would be unable to provide effective treatment and care without that information.
In specific circumstances disclosure to other persons is required without the consent of the patient
- when required by law
- in the wider public interests e.g. prevent or help investigate serious crime or serious harm)
- to protect the best interests of the patient e.g. prevent abuse or harm
In applying the tenets of the Data Protection Act 1998, disclosure or sharing of a patient's personal health information to another professional group or third party e.g. social services must be considered very carefully and should only be done with the expressed consent of the patient.
All Health Boards have a Data Protection Officer. It is also mandatory to have a senior member of staff appointed as the Caldicott Guardian. This individual is charged by the Health Board to maintain the security and confidentiality of all patient health records within their area and enabling appropriate data sharing. These individuals should be consulted for all aspects of confidentiality and information disclosure. Further detail can be found on the Knowledge Network which hosts the Information Governance site for NHSScotland. This site is a valuable source of information on all aspects of confidentiality and release of information
In order to highlight the importance of this issue a confidentiality clause forms part of most health professionals' employment contract and details the employing Health Board policies on the management of patient records/data. This clause often specifies the requirements of the employee in adhering to these policies and provides further information on good practice in the development and maintenance of patient records and the use of anonymised data in research and professional education. All healthcare professionals have a duty to familiarise themselves with these documents and ensure that they understand their responsibilities.
Advanced practitioners are frequently in direct communication with a wide range of professionals and non-professional colleagues in the course of their duties to the patient. They are also likely to be involved in research and education and may be involved in creating and developing databases or other electronic systems that hold patient information. Being fully aware of their individual responsibilities in relation to developing and maintaining confidential patient records is therefore vital.
