Confidentiality

Confidentiality

This page provides information relating to how our team handle any information provided to us when we work with patients and clients. For information relating to how we handle the information provided to us by people visiting our website please see our privacy page.

What is a service user?

When we refer to ‘service users’ we mean patients (children and young people), clients and other people who are directly affected by the care, treatment or other services that our team provide. The key principles set out on this page also apply when our team provide services to organisations rather than individuals.

Key principles

This page cannot cover every situation where problems or challenges about confidentiality might come up. However, we keep the following principles in mind when handling service user information:

1 Safety

Take all reasonable steps to keep information about service users safe.

2 User's concent

Make sure we have the service user’s consent if we are passing on their information (unless there are good reasons not to, for example, it is necessary to protect public safety or prevent harm to other people).

3 Express concent

Get express consent, in writing, if we are using identifiable information for reasons which are not related to providing care, treatment or other services for service users.

4 Disclosure

Only disclose identifiable information if it is necessary, and, when it is, only disclose the minimum amount necessary.

5 Notify

Tell service users when we have disclosed their information (if this is practical and possible).

6 Keep record

Keep appropriate records of disclosure.

7 Keep up to date

Keep up to date with relevant law and good practice.

8 Advice

If appropriate, we will ask for advice from colleagues, professional bodies, unions, or legal professionals.

9 Decision

Make our own informed decisions about disclosure and be able to justify them.

What is confidentiality

Confidentiality to us means protecting the personal information relating to our service users. This information might include details of a service user’s lifestyle, family, health or care needs which they want to be kept private.

Service users should expect any contact with the Beast Prosthetics team to be treated as confidential. Any of the team involved in the care or treatment of service users will protect their confidentiality at all times.

Our standards of conduct, performance and ethics

As a service we work inline with the HCPC standards of conduct, performance and ethics. You can expect us to:

  • Promote and protect the interests of service users, parents and carers
  • Communicate appropriately and effectively
  • Work within the limits of our knowledge and skills
  • Delegate appropriately
  • Respect confidentiality
  • Manage risk
  • Report concerns about safety
  • Be open when things go wrong
  • Be honest and trustworthy
  • Keep records of our work
  • Confidentiality and the law
  • We have a professional and legal responsibility to respect and protect the confidentiality of service users at all times

Our standards of conduct, performance and ethics say that:

We must treat information about service users as confidential. We must keep records secure by protecting them from loss, damage or inappropriate access. This means that we take all reasonable steps to protect information about our service users.

Consent and confidentiality

Identifiable information is disclosed for a number of reasons. It can happen when we refer a service user to another health and care professional or when a service user asks for information to be given to a third party.

It is important that we get the service user’s permission, or ‘consent’, before we share or disclose their information or use it for reasons which are not related to the care or services we are providing for them.

What is consent?

Consent, for the purposes of confidentiality, means that the service user understands and does not object to:

  • The information being disclosed or shared
  • The reason for the disclosure
  • The people or organisations the information will be shared with
  • How the information will be used
  • For consent to be valid, it must be voluntary and informed, and the person giving consent must have the capacity to make the decision.

By ‘voluntary’, we mean that the person makes the decision freely and without being persuaded or pressurised by professionals, family, friends or others.

By ‘informed’, we mean that the service user has enough information to make a decision about whether they give their permission for their information to be shared with other people. (This is sometimes called ‘informed consent’.) Service users should be fully aware of why we need to share any information about them, how we will do so, who we will be sharing the information with and how that information will be used. We should also tell them how not giving their permission is likely to affect the care, treatment or services they receive.

Disclosing information with consent

In most cases, we will need to make sure that we have consent from the service user before we disclose or share any identifiable information.

One of the most common reasons for disclosing confidential information will be when we contact other health and care practitioners. This might include discussing a case with a colleague or referring a service user to another health and care professional.

Sharing information is part of good practice. Care is rarely provided by just one healthcare professional, and sharing information within our team, the wider multidisciplinary team, or with other organisations or agencies is often an important way of making sure care can be provided effectively.

Most service users will understand the importance of sharing information with others who are involved in their care or treatment and will expect us to do so, so we will normally have implied consent to do this.

However, when we share information with other colleagues, we should make sure that:

  • It is necessary to provide the information
  • We only disclose the information that is relevant
  • The professional receiving the information understands why we are sharing it and that they have a duty to keep it confidential

If we decide not to contact other practitioners when we might reasonably be expected to, or if a service user asks us not to, it is important that we keep clear records of this and are able to justify our decision.

If we are concerned about a request someone makes for information – for example, we think the information they have asked for is not relevant – we may contact the person who has asked for the information so they can explain their request. We may also want to get legal advice, or advice from our professional body.

Sharing information with third parties

It is important that we get consent, in writing where possible, if we plan to use identifiable information for reasons which are not directly related to the service user’s care or if they would not reasonably expect their information to be used or shared in that way.

Sometimes, a third party who is not a health and care professional may ask us for information. This might be a request to send information to an insurance company, education setting, local authority, or a solicitor. We would always make sure that we have express consent of the service user prior to providing any confidential information.

There are a small number of circumstances where we might need to pass on information without consent, or when we have asked for consent but the service user has refused it. The reasons for this are covered below in the sections public interest and safeguarding.

Disclosing information without consent

Public interest

We should carefully consider whether it is in the public interest to disclose the information. If we are unsure we may want to get legal advice.

We need to be able to justify a decision to disclose information in the public interest (or a decision not to disclose information) so it is important that we keep clear records.

Even where it is considered to be in the public interest to disclose confidential information, we should still take appropriate steps to get the service user’s consent (if possible) before we do so. We should keep them informed about the situation as much as we can. However, this might not be possible or appropriate in some circumstances, such as when we disclose information to prevent or report a serious crime.

Sometimes, we may be asked for information directly under the law – for example, if a court has ordered us to disclose the information. We have a legal duty to keep to orders made by the court.

We should tell the service user if we have had to disclose information about them by law, unless there are good reasons not to – for example, if telling them would affect how serious crime is prevented or detected. We should also only provide the information we have been asked for and keep a record of this.

Keep in mind that not all requests from solicitors, the police or a court are made under a legal power that means we must disclose information. If disclosure is not required by law, and cannot be justified in the public interest, we must get express consent from the service user.

Safeguarding

Our standards of conduct, performance and ethics say that:

We must take appropriate action if we have concerns about the safety or well-being of children or vulnerable adults.

In these situations, the following apply.

We follow local policies and processes for raising a safeguarding concern. This might include informing the local council or the police.

If we are concerned that someone has caused harm, or could pose a risk to vulnerable groups, we should refer the matter to the Disclosure and Barring Service, or in Scotland, Disclosure Scotland. We may also want to inform the local council or the police.

Requests from service users for access to the information we have about them.

Service users have the right to see information we hold about them and it is important that we respect this. We charge a flat admin fee of £50 for any data requests. Any such requests should be made to this email address office@orthotics.co.uk.

Questions about confidentiality

This page does not cover every situation about confidentiality. If you have a question about confidentiality please contact us.