A browse through recent clinical governance reviews from the Commission for Health Improvement (CHI) reveals that many trusts are being told to bring their compliance with Caldicott principles on patient-identifiable information up to scratch.

With the exception of a few beacons of good practice, the reviews point to lapses of confidentiality and a widespread lack of knowledge about Caldicott.

Review comments include:
“Very few staff know who the Caldicott Guardian is or understand the principles.”
“CHI found that the requirement for confidentiality of information (Caldicott) is not widely understood by some staff and that others had no knowledge of it at all.”
“CHI found that senior staff and other support workers are not aware of Caldicott or the implications of it for their service.”
“The level of compliance with Caldicott is minimal.”

E-Health Media has compiled the web resources below as a starting point for anyone who wants to review or refresh their personal knowledge of Caldicott or offer support to Caldicott Guardians. If you would like to add material, send an e-mail to info@e-health-media.com

Resources

Data Protection & Confidentiality: Practical strategies for compliance and best practice. A conference organised by IBC UK to be held on October 28 in Manchester. Click here for details. Papers from previous conferences are also available.

A very readable executive summary of the original report by Dame Fiona Caldicott and her committee, published in December 1997.

Protecting And Using Patient Information: A Manual for Caldicott Guardians published by the NHS Executive.

The NHS Information Authority’s page on Caldicott offers help desk support.

The NHS Information Policy Unit material on information security and risk management.

Home page for Dr Ross Anderson , an expert on information security based at the University of Cambridge Computer Laboratory, whose interests include the security of clinical information systems.

Honeynet, a non-profit research group of 30 security professionals dedicated to information security.