A PHP Error was encountered

Severity: Warning

Message: date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.

Filename: libraries/Core.php

Line Number: 227

Implementing Caldicott in Primary Care - First Practice Management

Implementing Caldicott in Primary Care

Review of Patient-Identifiable Information - The Caldicott Report

The 1997 report of the Review of Patient-Identifiable Information, chaired by Dame Fiona Caldicott (the Caldicott Report), made a number of recommendations for regulating the use and transfer of person identifiable information between NHS organisations in England and to non-NHS bodies. The Caldicott Committee’s remit included all patient-identifiable information passing between organisations for purposes other than direct care, medical research, or where there was a statutory requirement for information. The aim was to ensure that patient-identifiable information was shared only for justified purposes and that only the minimum necessary information was shared in each case. The Committee also advised on where action to minimise risks of confidentiality would be desirable.

The recommendations of the Caldicott Committee

The recommendations of the Caldicott Committee defined the confidentiality agenda for NHS organisations for a number of years. Central to the recommendations was the appointment in each NHS organisation of a “Guardian” of person-based clinical information to oversee the arrangements for the use and sharing of clinical information. Subsequent work extended the requirement to appoint Caldicott Guardians into Councils with Social Care Responsibilities [CSSRs].1.3 A key recommendation of the Caldicott Committee was that every use or flow of patient-identifiable information should be regularly justified and routinely tested against the principles developed in the Caldicott Report.

Principle 1 – Justify the purpose(s) for using confidential information

Principle 2 – Only use it when absolutely necessary

Principle 3 – Use the minimum that is required

Principle 4 – Access should be on a strict need-to-know basis

Principle 5 – Everyone must understand his or her responsibilities

Principle 6 – Understand and comply with the law

Further developments in information management in the NHS and CSSRs

Since then developments in information management in the NHS and CSSRs have added further dimension to the Caldicott role. These include:

• the Data Protection Act 1998;

• the Human Rights Act 1998;

• the Freedom of Information Act 2000;

• the NHS Code of Practice on Confidentiality 2003;

• the inception of NHS Information Governance 2003;

• ICT strategic developments (such as the NHS Care Record, Electronic Social Care Records, and the Secondary Uses Service) 2005 onwards;

• the election of the UK Caldicott Guardian Council 2005;

• section 251 of the NHS Act 2006 (formerly section 60 of the Health and Social Care Act 2001);

• establishment of the National Information Governance Board (NIGB) for health and social care as a statutory body in 2008;

• the Ethics and Confidentiality Committee of the National Information Governance Board;

• the final report on data handling procedures in Government by the Cabinet Office June 2008;

• publication of the NHS Constitution in January 2009 (updated March 2010);

• NHS Care Record Guarantee for England published in 2005 (updated 2009);

• Social Care Record Guarantee for England 2009.1.5 

The Caldicott Guardian Manual 2010 should be read alongside the e-learning module “The Role of the Caldicott Guardian:  NHS and Social Care”, which provides more detailed information on all aspects of the Caldicott Guardian role. 

Caldicott Guardians

Individual general medical and dental practices, pharmacists and opticians do not need to appoint a Caldicott Guardian, but do need to have an Information Governance lead (sometimes referred to as a Caldicott lead) who, if they are not a clinician, will need support from a clinically qualified individual. Primary Care Trusts should ensure that within every practice there is an Information Governance lead and provide support and guidance as required.

Caldicott Protocol

Subscribers to the Members section of the FPM website can access a draft Caldicott Protocol in the Practice Operation & Development index of the Protocols Library. If you are not a Member, have a look at the information about the benefits of membership and how to subscribe.

Further information

Link won't open?