Driving Your Recovery

Kerry Cancer Support Trust CLG

Confidentiality Policy

Document reference number:

KCST 007

Document developed by:

KCST Board

Document revision number:

000

Document approved by:

KCST Board

Approval date:

14-12-2019

Responsibility for implementation:

KCST Board

Revision date:

Every 3 years

Responsibility for review and audit:

KCST Board

Driving Your Recovery

KERRY CANCER SUPPORT TRUST CLG CONFIDENTIALITY POLICY 2016

Introduction

Kerry Cancer Support Trust CLG (hereafter the Charity) is committed to maintaining high standards of confidentiality in all aspects of our work. The organisation holds some confidential information. This is provided by, or derived from service users, voluntary/community groups, members of the public, third parties and staff/volunteers.

Scope

The policy applies to all members, volunteers, staff and all of those who provide services on behalf of the charity.

1. Objectives of Policy

· To ensure that confidential records are properly managed.

· To ensure that confidential information is only released in accordance with our Data Protection Policy, legislative considerations, best practice and strict guidelines of the organisation.

· To ensure that information is only disclosed with the informed consent of the person or organisation to whom the information relates, with the following exceptions:

· when, by law, we must share information

· in an emergency, when public safety is at risk and when information is required by the Guards to prevent or detect crime.

· To promote a policy that respects commercial sensitivity

2. Statement

· The use of information that the Charity collects and processes will be used to provide a service or carry out an authorised or requested transaction.

· The Charity will not sell, trade, rent or lend confidential information to anyone.

· The Charity does use specified information to provide a Directory of Voluntary/Community Organisations where only permitted contact details and essential information to delivering the service will be provided. No confidential individual information will be included.

· The Charity may become privy to certain business information, which will be treated in the same confidential manner as person specific information.

Confidentiality is essential because we recognise:

· The possible consequences for the organisation or individual if it is breached;

· The rights of organisations and individuals to have control over information about them;

· The duties placed on us whereby breaches of confidentiality could lead to formal complaints, grievance or disciplinary actions, or even legal action against us;

· Good practice and our standards for Customer Care.

3. Policy Principles

We will:

· Justify the purpose – Every proposed use or transfer of information will be clearly defined and scrutinised, with continuing uses regularly reviewed by an appropriate guardian.

· Not give organisation specific data to a third party.

· Not use person specific information (unless absolutely necessary) – Person specific information will not be used unless there is no alternative.

· Allow access to information on a strict need to know basis – Only those individuals who need access to organisational, personal and commercially sensitive information will have access to it, and they will only have access to the information items that they need to see.

· Ensure everyone at the Charity is aware of their responsibilities – Procedures are in place to ensure that those handling information are aware of their responsibilities and obligations.

· Understand and comply with the law – the Charity complies with the Data Protection Acts 1988 and 2003 in processing information. This policy will be reviewed regularly, ensuring that the organisation complies with all legal requirements.

· Hold all confidential and personal information under secure and restricted conditions within the office.

4. Detail

The three main principles of the confidentiality policy are “informed consent”, “need to know” and “third party disclosure”. These principles apply both to all members, volunteers, staff and all of those who provide services on behalf of the Charity.

Informed Consent

· Disclosure of personal information will only take place with the informed consent of that person. For consent to be informed, we will tell the member of the public/staff why there is a need to share information, with whom it will be shared and the likely consequences of agreeing or not agreeing to disclosure.

· We will state clearly that the information given may need to be shared with others in order to be able to provide the service requested and that non-disclosure could mean that a person would not gain access to a service or to support to which they might otherwise have been entitled.

· We will inform members of the public of our Confidentiality Policy at the first point of contact and ask them to give their consent to permit the passing on of any personal information given, if necessary, on a “need to know” basis.

Need to Know

· The transfer of personal information relating to a member of the public/staff will be kept to a minimum on a “need to know” basis. Only those staff or other service providers who have a need to know, in order to provide relevant services, will share information and only after informed consent has been given.

Disclosure to Third Parties

· Personal information will only be disclosed to third parties with the express, written or oral, consent of the person(s) who is (are) the data subject(s). Disclosure will only be considered, and consent sought, where there are clear reasons why this should happen.

· We will ensure that the recipient understands the need for confidentiality and that disclosure only takes place on the terms agreed with the person it concerns.

· On any occasion when confidential information is provided by way of a written or an oral response, we will state that the information provided is CONFIDENTIAL and should be respected as such.

5. Procedure for Dealing with Breaches of this Policy

Any breach of this policy, intended or accidental, is not acceptable. Infringements of this policy will be dealt with seriously as disciplinary matter under the Charities normal disciplinary procedures and may involve either informal or formal action depending on the seriousness of the case.

The Policy in Practice

1. A client’s visit or telephone call to the Charity is completely CONFIDENTIAL. Information is only ever shared on a ‘need to know’ basis see 4.2. This is the case regardless as to whether the person in question is known to us or not, or of who is enquiring.

2. Information discussed during meetings where third parties may be present should be treated with the same level of confidentiality, with the exception that the third party signs a Confidentiality for Visitors form prior to the meeting and receives at the same time the Charity Policy on Confidentiality and Policy on Disclosure of Information. Third parties may include other health professionals, workers or managers from other agencies with whom the Charity shares or is likely to share clients, students undertaking work placement or visiting students in the course of their training, volunteers of the Charity, other legitimate visitors working with or connected professionally to clients of the Charity.

3. CONFIDENTIALITY WILL ONLY BE BREACHED IN THE FOLLOWING CIRCUMSTANCES:

· In certain circumstances the charity is legally and ethically obliged to say whether or not a client is known to the charity or is at, or has recently visited, used our service, volunteered/worked for us.

· All concerns and action regarding the necessary breach of confidentiality will be recorded.

Equality and Diversity

We aim to be an organisation that values, recognises and responds to the diverse needs of members and those we serve. We adhere to the Equality Act 2004 and will not discriminate against any person or other organisation with particular reference to the protected characteristics

Guidelines for Staff/Volunteers implementing this policy

The following are the Charitie’s guidelines/ procedures to outline the steps to be taken in order to achieve and implement the policy.

Privacy

· Service users are entitled to privacy. Conversations of a confidential or sensitive nature should be conducted in an appropriate location, e.g. in a private room or office. Avoid having these conversations in a public area.

· Reception staff or volunteers should be aware of who is visiting whom but not divulge this to unauthorised third parties.

· Records containing names, addresses, contact details and identifying information about service users must be held securely at all times.

· Ensure that equipment and treatment rooms are screened from prying eyes, e.g. by having blinds on windows, using screens, not placing equipment near uncovered windows or open doors.

· Discussing or describing a service users personal information even though names, addresses or other identifying information is not revealed, is a breach of confidentiality.

Sharing information

· Medical and personal information about service users or confidential information relating to other staff or volunteers must be treated with the strictest confidence.

· Medical and personal information provided to you by a service user must not be passed on to anyone else who does not have a right to that information or without the service user express permission.

· Medical and personal information provided by a service user must not be discussed with your family, friends or acquaintances.

· Attendance by a service user to your service or referrals made to other services or treatments must not be divulged to your family, friends or acquaintances.

· Patient information must not be divulged to anyone without authority.

Clear desks

· Written information or correspondence, faxes, print-outs of e-mails, tapes, disks, patient records and reports should not be left lying around.

· Remove confidential paperwork from view when you are away from your desk or work station.

· Store confidential information securely (e.g. locked drawer or filing cabinet) if you are away for prolonged periods during the day and at the end of the day.

Telephones

· Fax messages and notes made from telephone conversations with service users should not be left lying around.

· Care should be taken when using technology such as caller display or caller ID to ensure the confidentiality and privacy of the caller is not compromised.

· Messages left by you for service user on telephone answering machines or mobile answering services should not go into details but should indicate the name, time and telephone number of the caller.

Computers and other technology

· Computers containing information about service users should be password protected to prevent unauthorised access.

· Computer passwords must be kept confidential.

· Log off your computer terminal when you are away from your desk/work station or when you are finished using it.

· Do not leave computer disks or printouts or tapes lying around.

· Do not use information in e-mail messages that could identify a service users. Instead attach a Word document or, if appropriate, a password protected file.

Written correspondence and case files

· Any documents or items belonging to the Charity may not be removed from the service’s premises at any time without proper advance authorisation.

· Any documents or items which contain confidential information about service users must not be removed from the service’s premises without proper advance authorisation.

· Where possible use plain envelopes to communicate written information or to correspond with service users.

· Personal written information or correspondence should not be left lying around. Confidential information should be securely locked away when not in use.

· Names and addresses of service users should be kept separately from personal case notes.

· Personal case notes that are no longer required, e.g. when supports or therapies end, should be either safeguarded or destroyed.

Record handling and storage

· Only necessary records and background information should be kept on service users. All information on service users must be stored securely.

· Personal information on service users, staff or volunteers must only be accessible to relevant, authorised people.

· All information in the possession of a staff member or volunteer must be returned to the Charity on request or upon termination of person’s employment or volunteering contract.

Termination

· A breach of confidentiality, other than in the special circumstances set out below, will be grounds for dismissal or will result in the termination of a volunteer contract.

· Even when an employee or volunteer is no longer working with the Charity they will be bound to maintain any and all information of a confidential nature regarding the service, its service users, staff and volunteers.

Circumstances in which this confidentiality policy does not apply

There are some circumstances under which this policy does not apply - they are as follows:

· When there is a threat to life (suicide, homicide or medical emergency).

· When there is a disclosure that a child may be at risk of abuse.

· When required by a court of law.

Should you face any of the above circumstances, where possible you should discuss this first with the service user and try to engage them in a disclosure to your immediate supervisor /manager.

Should a threat be imminent, dial 999 and refer to the most appropriate emergency service. It is then critically important that you inform your supervisor /line manager and complete the relevant incident log or report form.

If the disclosure is regarding child abuse, you should report this to the designated child protection officer for your organisation. If there is no child protection officer, you should seek the advice of your immediate supervisor / line manager and ensure that a report is made to the local office of the HSE or An Garda Síochana.

Groups

· Service users attending a support group or self-help group need to feel that they are in a safe environment. It is important therefore that all taking part in the group (facilitators, therapists, other service users, guest speakers, etc), understand and respect that what is said in the group is confidential and should not be discussed with third parties or circulated outside the group.

· Who attends the group is also confidential information and should not be divulged to any third party without the service user’s express permission. Make sure that new service users joining a group are made aware of your confidentiality policy.

· Explain to all service users what information is kept and where it is kept and who has access to it. Explain that such information can only be divulged with the person’s explicit consent.

Right of access

· Service users have the right to access any written records or email messages about them.

Reporting breaches of confidentiality

· Record and report incidences of concern which threaten to breach service user confidentiality.

Media disclosure

· In the event that a service user’s case is made public through the news media this does not alter the fact that the service user still has confidentiality privileges within our cancer support service and confidentiality should still be maintained by you.

Signing the confidentiality agreement

· Appendix 1 contains a confidentiality statement that all staff and volunteers should sign.

REVIEW OF POLICY

This Policy will be reviewed every three years by the Board or sooner if warranted by internal or external events or changes.

Signed:

Chairperson: Date:

Board Rep: Date:

Appendix 1

Confidentiality Declaration

I understand that in the course of my duties with Kerry Cancer Support Trust CLG

I may come into possession of medical and personal information about service users or confidential information relating to other staff or volunteers. I understand that all such information must be treated with the strictest confidence and as such I will not discuss or divulge it to anyone who does not have the right to that information or without the express permission of the individual involved.

I understand that I may not remove any documents or items belonging to Kerry Cancer Support Trust CLG or which contain any confidential information from the service’s premises at any time without proper advance authorisation.

I understand that if I breach confidentiality I can be dismissed from my job or my volunteer contract can be terminated.

I agree to return to the Kerry Cancer Support Trust CLG upon request, and in any event, upon the termination of my volunteering period, all documents and things belonging to the service or which contain or refer to any confidential information and which are in my possession or under my control. I understand that even when I am no longer a volunteer with Kerry Cancer Support Trust CLG I will be bound to maintain any and all information of a confidential nature regarding the service, its service users, staff and volunteers.

I have read and understood the confidentiality policy of Kerry Cancer Support Trust CLG

Signature:

Print Name:

Witnessed by designated representative of Kerry Cancer Support Trust CLG

Signature:

Print Name:

Date:

12 | Page