The Department of Health, the General Medical Council and the Information Commissioner have issued joint guidance on the use of IT equipment and access to data.
The three bodies say the joint statement is intended to ensure that all those who have access to patient information are clear about what is expected of them.
The guidance acknowledges the potential for abuse stating: “No IT system can be immune to inappropriate use by individuals who have been authorised to use the system and to access data.”
It says that indivdiuals authorised to use new NHS IM&T systems must be aware of the standards of behaviour required by law and professional codes and will have to sign a statement indicating their agreement to those standards.
The guidance also states that it is DH policy that non-clinical information on the Personal Demographics Service is to be treated as if it were held under legal obligations of confidentiality, even though in most cases it is not covered by such laws.
The guidance outlines doctors’ duties as set out by the General Medical Council, the NHS code of practice on confidentaility, the obligations in the NHS Care Record Guarantee and the obligations covered by Human Rights Act, the Data Protection Act and the common law.
The guidance, signed by NHS chief executive David Nicholson, Finlay Scott, chief eexectuive of the GMC and Information Commissioner Richard Thomas, also says that DH has strongly supported the Information Commissioner’s call for stronger penalties for illegally obtaining information. It states that the law will be changed to include the posibility of a custodial sentence for those found guilty.
Links