The Caldicott Principles were developed in 1997 following a review of how patient information was handled across the NHS. The Review Panel was chaired by Dame Fiona Caldicott and it set out six Principles that organisations should follow to ensure that information that can identify a patient is protected and only used when it is appropriate to do so. Since then, when deciding whether they needed to use information that would identify an individual, an In April 2013, Dame Fiona Caldicott reported on her second review of information governance, her report "Information: To Share Or Not To Share? The Information Governance Review", informally known as the Caldicott2 Review, introduced a new 7th Caldicott Principle.
The Principles were extended to adult social care records in 2000.
The Caldicott Principles revised 2013 are:
- Principle 1 - Justify the purpose(s) for using confidential information
Every proposed use or transfer of personal confidential data within or from an organisation should be clearly defined, scrutinised and documented, with continuing uses regularly reviewed, by an appropriate guardian.
- Principle 2 - Don't use personal confidential data unless it is absolutely necessary
Personal confidential data items should not be included unless it is essential for the specified purpose(s) of that flow. The need for patients to be identified should be considered at each stage of satisfying the purpose(s).
- Principle 3 - Use the minimum necessary personal confidential data
Where use of personal confidential data is considered to be essential, the inclusion of each individual item of data should be considered and justified so that the minimum amount of personal confidential data is transferred or accessible as is necessary for a given function to be carried out.
- Principle 4 - Access to personal confidential data should be on a strict need-to-know basis
Only those individuals who need access to personal confidential data should have access to it, and they should only have access to the data items that they need to see. This may mean introducing access controls or splitting data flows where one data flow is used for several purposes.
- Principle 5 - Everyone with access to personal confidential data should be aware of their responsibilities
Action should be taken to ensure that those handling personal confidential data - both clinical and non-clinical staff - are made fully aware of their responsibilities and obligations to respect patient confidentiality.
- Principle 6 - Comply with the law
Every use of personal confidential data must be lawful. Someone in each organisation handling personal confidential data should be responsible for ensuring that the organisation complies with legal requirements.
- Principle 7 - The duty to share information can be as important as the duty to protect patient confidentiality
Health and social care professionals should have the confidence to share information in the best interests of their patients within the framework set out by these principles. They should be supported by the policies of their employers, regulators and professional bodies.
A form of digital identity for a computer, user or organisation to allow the authentication and secure exchange of information.
Where shared computong (compute) and storage resources are accessed as a service (usually online), instead of hosted locally on physical services. Resources can include infrastructure, platform or software services.
A duty of confidence arises when one person discloses information to another (e.g. patient to clinician), in circumstances where it is reasonable to expect that the information will be held in confidence. In the UK, confidentiality is a common law duty.
A guide to confidentiality requirements and expectations for those who work within or under contract to an organisation.
Consent of the data subject is one of the six possible lawful bases for processing personal data under the GDPR.
It means "any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her".
Under the GDPR, 'Controller', also known as a 'Data Controller' is "...the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by (European) Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law"
Under Articlel 10 of the GDPR, "Processing of Personal Data relating to criminal convictions and offences or related security measures based on Article 6(1) shall be carried out only under the control of official authority or when the processing is authorised by Union or Member State law providing for appropriate safeguards for the rights and freedoms of data subjects.
Any comprehensive register of criminal convictions shall be kept only under the control of official authority."
See also 'Special Category data'
Malicious attempts to damage, disrupt or gain unauthorised access to computer systems, networks or devices, via cyber means.
A breach of the security rules for a system or service - most commonly attempts to gain unauthorised access to a system and/or to dataUnauthorised use of systems for the processing or storing of dataChanges to a systems firmware, software or hardware without the system owners consentMalicious disruption and/or denial of service.
The risks to and the protection of devices, services and networks - and the information on them - from theft or damage.