The Medical and Dental Defence Union of Scotland Protecting you since Essential guide to medical and dental records

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "The Medical and Dental Defence Union of Scotland Protecting you since 1902. Essential guide to medical and dental records"

Transcription

1 The Medical and Dental Defence Union of Scotland Protecting you since 1902 Essential guide to medical and dental records

2 The MDDUS The MDDUS is a mutual indemnity organisation which has provided advice and guidance on medico- and dento-legal matters to members for over 100 years. Benefits of membership include: Access to indemnity against claims of medical and dental negligence Guaranteed access to our professionally trained advisers who are available to speak with you 24 hours a day Legal representation from solicitors who are some of the UK s leading experts in the medico- and dento-legal field Representation and legal support at GMC and GDC proceedings Assistance in dealing with complaints at all levels Assistance with professional disciplinary matters Legal representation and support at fatal accident inquiries or coroner s inquests, which can be lengthy, stressful and expensive processes Lifelong assistance for medico- and dento-legal problems arising from incidents that occur while you are a member, even if you move overseas or have ceased all clinical work when the problem arises Indemnity for medico- and dento-legal work Quality and continuity of service regardless of where you work in the UK Worldwide indemnity for Good Samaritan acts A quality, personalised service at a reasonable cost For further information on becoming a member of the MDDUS contact our Membership Services Department on

3 Foreword Every day MDDUS medical and dental advisers are contacted by members with enquiries about aspects of patient records, such as the rules governing confidentiality, retention and disclosure. More requests are being made by patients and/or their representatives for access to records, and the legislation governing access and disclosure appears to be becoming more complex and complicated. Many patients now access information online and may not always have fully understood their entitlements and right of access. From the clinical point of view, good patient records are an important factor in recording the overall management of a patient or a clinical situation and these same records can prove to be the cornerstones upon which defences can be built against complaints and claims for compensation. Good patient records are also of invaluable help in responding to requests for information for audit and probity purposes. This booklet is not intended to be the definitive source on all aspects relating to patient records. It is intended to be an informative guide which will be helpful to doctors, dentists and all healthcare professionals. Mr Aubrey Craig, Head of Dental Division July, 2013 Medical and dental records 1

4 2013 The Medical and Dental Defence Union of Scotland. All rights reserved Note: The information in this booklet is correct as at July 2013 but is subject to change at any time. It is of general application only and members are encouraged to seek the advice of the Union s medical and dental advisers if in any doubt. 2 Medical and dental records

5 Contents Introduction 04 Purpose 05 Clinical 05 Legal 05 Records best practice 06 Key information 06 Fundamental questions 07 Memory is not reliable 07 Patient access to medical and dental records 08 Data Protection Act Access to Health Records Act Freedom of Information 11 Common issues of concern in access to records Access to patient records by a third party Access to a deceased person s records Access to children s records Patient requests to alter records 14 Retention of records 15 Medical records 15 GP Records 16 Dental records 17 Records transfer 18 Data security 19 Destruction of records 20 The future 21 Appendix A: Further guidance on retention of records 22 Index 23 Medical and dental records 3

6 Introduction Keeping clear, accurate and contemporaneous patient records is a prime responsibility of all medical and dental practitioners. Patient records are integral to effective healthcare, documenting continuity of treatment and outcomes. In medico-legal and dento-legal contexts, records also serve to demonstrate professional integrity and justify courses of action adopted in the treatment process. It is little wonder that in patient complaint or litigation procedures greatest scrutiny is focused on medical and dental records. Legislation has lent even further importance to accurate and sensitive record-keeping. Patients have a right of access to both paper and electronic records. 4 Medical and dental records

7 Purpose Clinical Medical and dental records should fully document the progress of a patient s care. They should record all decisions taken and the evidence upon which those decisions were based. They should clearly communicate this information to those having future contact with the patient, thus ensuring good continuity of care. Creating a record entry is also an important contribution to a doctor s or dentist s selfeducation and personal audit. Healthcare professionals must clarify their views before they can be recorded. This means making a clear assessment of a patient s clinical condition and interpreting the results of investigations before making decisions. Good patient records are also useful in audit and research, assessing factors such as quality and consistency, and in planning services. Legal Clear and accurate contemporaneous records of all decisions made about a patient s care and the justifications behind those decisions are essential in defending against claims of negligence and responding to patient complaints or regulatory investigations. Accurate, legible and complete notes and other records are often the only defence. Memory fades with time and cannot sometimes stand up as a defence in court. Medical and dental records 5

8 Records best practice A good medical or dental record should be comprehensive and accessible. It should comprise history, examination, investigations, decisions taken, treatment, progress notes and summaries describing the continuity of the patient s care and key discussions with the patient. Records should be legible, dated and signed/attributed. Good note taking is essential. Key information Patient records will vary between professions and specialties but should include: History: as it applies to the condition and relevant past history including concurrent illnesses, medications and allergies. Examination of the patient: include both positive and relevant negative findings. Record all relevant observations and measurements (e.g. pulse, temperature, BP). Diagnosis: clear, concise statement. Justify how the conclusion was reached and state any uncertainties or differentials. Investigations: including laboratory results and imaging. Management: record drugs prescribed/administered and dosage and other treatments. Follow-up and referral: include details of follow-up tests, future appointments and referrals and the likely timescales. Patient information: include details of discussions regarding risk-benefit, treatment plan, prognosis and potential complications. Consent: record consent given, ensuring that it is informed by the above discussions. The clinician performing a procedure has a responsibility to ensure that the patient has provided informed consent if the investigation has been arranged by a colleague. 6 Medical and dental records

9 Fundamental questions From a legal perspective patient records should answer some fundamental questions: Who? Records should obviously identify the patient (name, date of birth, hospital number if relevant, address). Notes or entries should also clearly verify the identity of the doctor or dentist making the entry. When? Notes should record when a patient was seen or when a test or other procedure was undertaken, or a treatment given. It should note the date and time of the event, and also when an entry was made if there has been a significant time lapse (hours, days). Detail the reasons for the delay in making the record. What? Record what was done, said, instructed, observed, checked. Why? It is important to justify in the notes decisions taken with regard to patient care. Memory is not reliable Good patient records are always more valuable than memory in a legal context. How many patients will a doctor or dentist see in one session or one week or over a year? To recall the detailed circumstances of a single case would be exceptional (unless particularly rare or traumatic). Good records will corroborate evidence given in court and enhance witness credibility. Medical and dental records 7

10 Patient access to medical and dental records Patient access to medical and dental records is enshrined in law. The right to access also extends to a patient s legal representative or anyone else with the patient s consent (signed and dated). If the patient has died, a personal representative, whether executor or administrator or any person who may have a claim arising from the patient s death, may access the records. The GMC gives guidance on disclosure after a patient s death in their booklet Confidentiality, which is recommended reading for both medical and dental professionals. Relevant legislation is discussed below. Data Protection Act 1998 This Act applies UK-wide to all data about identifiable, living individuals. In the context of medical and dental practice it covers patient records held on computer or in paper files, and extends to handwritten notes and imaging. Under the Act a patient has a right of access to see personal information and to have it corrected if it is wrong. The Act introduces eight data protection principles that set out the standards for handling information. Data must be: fairly and lawfully processed processed for limited purposes adequate, relevant and not excessive accurate not kept for longer than is necessary processed in line with the data subject s rights secure not transferred to countries outside the EU without adequate protection. There are some safeguards within the Act. For example, if in the opinion of the holder of the record, disclosure would cause serious harm to the individual or another person, that part of the record should not be disclosed. Further, the Act also protects information relating to, or provided by, a third party other than the patient, if they can be identified from it (healthcare workers involved in the patient s care are not third parties in this regard). 8 Medical and dental records

11 The Act defines, in detail, circumstances where disclosure is permissible, for example to a person authorised in writing to make the application on the patient s behalf. If in any doubt over the application of the Act, contact MDDUS. Data controller Under the Act, a data controller has to be nominated as the person who determines the purposes and the manner in which personal data are processed. The controller is also responsible for the security measures to safeguard personal data, which means taking appropriate technical or organisational steps to prevent the unauthorised or unlawful processing or disclosure of data. In addition, there is a duty within any health organisation to ensure that patients know the identity and position of the data controller. This is particularly relevant where a number of medical or dental practices share premises. Medical or dental consultants who provide private patient care outside the NHS are data controllers in relation to the data of their private patients and are personally responsible for satisfying the requirements of the Act. How to register The Information Commissioner maintains a public register of data controllers and every data controller is required to register using the notification form available on the website The period of registration lasts one year and carries a fee. Medical and dental records 9

12 Fees The fees chargeable in association with the Data Protection Act relate to any request for a permanent copy of health records whether in computerised or manual form. A fee may not be charged for allowing an applicant to simply inspect their personal health record. Where the individual seeks a permanent copy of the information, a maximum fee of 10 may be charged for granting subject access to computerised records. In the case of paper records, X-rays, etc, a fee up to a maximum of 50 may be charged for supplying a permanent copy and similarly for a copy of a mixture of manual and computerised records. Access to Health Records Act 1990 This Act now only applies to the medical and dental records of deceased patients. However, if the deceased had indicated that certain information within the record was imparted on the understanding it would not be released to another party, this should be complied with. The patient s personal representative, or any person who may have a claim arising out of the death of the patient, may apply for access to information. In the case of the latter, information that is not directly relevant to the claim may not be released. The Access to Health Records Act 1990 is not applicable in Northern Ireland, but provisions with the same effect are contained within the Access to Health Records (NI) Order 1993, which remains in force. 10 Medical and dental records

13 Freedom of Information The Freedom of Information Act 2000 and the Freedom of Information Act (Scotland) 2002 enshrine the right to request and have access to information held by public authorities. The aim is to promote openness and accountability among public authorities by providing the public the general right of access to all types of recorded information held by the authorities. The Acts do not encompass personal data, including medical records, which remain protected under the Data Protection Act. Health authorities, trusts, clinical commissioning groups, health boards, general medical and dental practices are all affected by the legislation. Both Acts place a duty on such public authorities to adopt and maintain a publication scheme, which specifies: the classes or types of information which the public authority publishes or intends to publish the manner in which information is, or is intended to be, published whether the material will be published free of charge or for a fee. Publication scheme All GPs and GDPs providing general and personal medical and dental services are required to register such a publication scheme and publicly notify it to their patients. Initial approval of the publication schemes is for a period of not less than four years. Responsibilities In England, Wales and Northern Ireland the Information Commissioner s Office (ICO) is responsible for the administration of the Freedom of Information Act The website for further information is In Scotland, the Scottish Information Commissioner has responsibility solely for the Freedom of Information (Scotland) Act They welcome contact for advice and queries on compliance. The Scottish Commissioner s website is Medical and dental records 11

14 Common issues of concern in access to records There are four particular areas in which access to records causes most frequent concern and confusion: 1. Access to patient records by a third party Under the Data Protection Act 1998, any request in writing from a third party, if accompanied by a valid consent from the patient, must be complied with. Such requests frequently come from solicitors, insurance companies or relatives. If in doubt, check with the patient that they understand the nature and extent of the request and any subsequent disclosure. The usual exceptions to disclosure under the Data Protection Act apply, notably third party information (healthcare workers involved in the patient s care are not third parties in this regard) and where the disclosure could result in serious harm to the patient or other person. If a request from a third party (e.g. a police inquiry) is not accompanied by consent from the patient, guidance is provided by the GDC and GMC, and specific advice can be sought from MDDUS. 2. Access to a deceased person s records Requests for access to a deceased person s records are covered by the Access to Health Records Act 1990 (see above). After death, access may be granted to the deceased s personal representative or any person who may have a claim arising from the death. In addition, the GMC outlines circumstances where it may be appropriate to release information concerning a deceased patient, even if there is not a strict legal requirement to do so. See the booklet Confidentiality. (access at 12 Medical and dental records

15 3. Access to children s records The Information Commissioner s Office states that even if a child is too young to understand the implications of subject access rights, data about them is still their personal data and does not belong, for example, to a parent or guardian. In responding to a subject access request for information held about a child it is essential to consider whether the child is mature enough to understand their rights. If judged capable, then the decision to grant access to personal data should be the responsibility of the child rather than a parent. In borderline cases, the ICO suggests taking account of: the child s level of maturity and their ability to make decisions like this the nature of the personal data any court orders relating to parental access or responsibility that may apply any duty of confidence owed to the young person any consequences of allowing those with parental responsibility access to the child s or young person s information, which is particularly important if there have been allegations of abuse or ill treatment any detriment to the child or young person if individuals with parental responsibility cannot access this information any views the child or young person has on whether their parents should have access to information about them. In Scotland, the law presumes that a child aged 12 years or more has the capacity to make a subject access request. In England and Wales or in Northern Ireland this presumption does not apply but the general principles above hold in practice. Difficulties can arise when parents in conflict seek access to the clinical notes of a child judged too young to make decisions on access to personal data. Anyone with parental responsibility can seek access to a child s notes. If parents were married at the time of having the child, both have parental responsibility, even if they subsequently separate or divorce. Both therefore have rights of access under the Data Protection Act. As always, with any application for access, the exception should be remembered, that is, third party and harmful information. Medical and dental records 13

16 Mothers automatically have parental responsibility. Where parents are not married, if the father is registered on the birth certificate, both parents then have parental responsibility (in England and Wales since December 2003, in Northern Ireland since April 2002, in Scotland since May 2006). An unmarried father can also acquire parental responsibility by court order or having a parental responsibility agreement with the mother (for which there is a formal procedure). Parental rights can also be revoked by court order in relation to one or both parents. If in doubt about granting access, advice can be sought from a variety of sources including MDDUS. 4. Patient requests to alter records Under the Data Protection Act (DPA) 1998 patients have the right not only to access any personal information held by a practice or healthcare body but also to request amendments to their records if that information is inaccurate. This can include correcting simple errors or may involve more fundamental conflicts over clinical content. A Department of Health publication on Guidance for Access to Health Record Requests states: The DPA fourth principle requires that information should be accurate and kept up-to-date. This provides the legal basis for enforcing correction of factual inaccuracies. An opinion or judgement recorded by a health professional, whether accurate or not, should not be deleted. Retaining relevant information is essential for understanding the clinical decisions that were made and to audit the quality of care. The guidance recommends that in cases where both parties agree that information is factually inaccurate the record should be amended but ensuring that the original information is still legible along with an explanation of why the record has been altered. In hard copy records, text to be amended should be scored out with a single line and the correct entry written alongside. Amendments should be clear and legible and should include time, date and a signature of the individual making the change. Computer records should also allow for an audit trail identifying the date and time of any change and the person responsible. 14 Medical and dental records

17 In any disagreement over the accuracy of an entry the patient should be allowed to include a statement within the record to the effect that they disagree with the content. The patient should be further advised that if they are unhappy with this outcome they can make a complaint through NHS Complaints procedures or the Information Commissioner s Office which handles cases involving compliance with the Data Protection Act. Retention of records All NHS records are classified as public records and their retention is therefore dictated by the regulations contained in the Public Records Acts of 1958 and 1967, and by Department of Health Guidelines. Medical records Recommended timescales for the retention of records are as follows: England, Wales and Northern Ireland Guidance from the Department of Health is complex but here are some retention periods commonly cited: Adults aged 16 or over on the date of admission 10 years (8 years for hospital records) after conclusion of treatment or death. Children and young people until the patient is 25 (or 26 if the entry was made when the young person was 17) or 8 years after death of the patient if sooner. If the illness or death could have potential relevance to adult conditions or have genetic implications, the advice of clinicians should be sought as to whether to retain the records for a longer period. Maternity records (including obstetric and midwifery records) 25 years after birth of last child. Mentally disordered person (within the meaning of any Mental Health Act ) 20 years after the last contact between the patient and any healthcare professional or 10 years after the patient s death if sooner Medical and dental records 15

18 Scotland In Scotland, the corresponding recommendations are: Adults 6 years after date of last entry or 3 years after the patient s death Children and young people retain until the patient s 25th birthday or 26th if the young person was 17 at the conclusion of treatment, or 3 years after death. If the illness or death could have potential relevance to adult conditions or have genetic implications, the advice of clinicians should be sought as to whether to retain for a longer period. Mentally disordered person (within the meaning of any Mental Health Act) retain for 20 years after last contact or 3 years after death. Maternity records (including obstetric and midwifery records) 25 years after birth of last child. General practice records retain for the lifetime of the patient and for 3 years after their death; electronic patient records (GP only) must not be destroyed, or deleted, for the foreseeable future See specific codes of practice in Appendix A. GP records In relation to GP records, these should normally be sent to the appropriate health board on the death of the patient, where they will be retained for an appropriate period of time. Where members are considering detailed questions in relation to the formatting of records, retention periods or the destruction of records, we would advise that they seek specific advice from the MDDUS. Complaint correspondence, medico-legal correspondence and insurance reports are examples of material that do not form part of the medical records. Practices should ensure that if correspondence of this nature is routinely scanned into a patient s file, that there is a mechanism to ensure that it is not automatically disclosed when a request for copy medical records is received. 16 Medical and dental records

19 Dental records NHS procedures (Scotland, England, Wales and NI) require that community dental screening records are kept for 11 years for adults, and 11 years for children or up to the 25th birthday, whichever is longer. These include treatment records, radiographs, photographs and study models. See specific codes of practice in Appendix A. Medical and dental records 17

20 Records Transfer Routine one-touch electronic transfer of medical and dental records when patients move practices is not universal and transfer of paper records alongside electronic ones is still relatively common. Practices can transfer records electronically (provided both practice computer systems are compatible) but managers must be sure that any remaining hardcopy documents not included in the electronic records are also printed or photocopied and sent to the new practice. Under the Data Protection Act (DPA), information should not be held for longer than necessary. This would normally mean that when a patient leaves a practice and registers elsewhere, the records held by the former practice should be destroyed. But GPs have been exempted from this element of the Act because the audit trails within the GP clinical system record and electronic records cannot be transferred between practices. The General Practitioners Committee and Information Commissioner agreed the exemption will remain in place until audit trails can be transferred. However, practices should have a policy in place to ensure that other patient information is reviewed regularly and not retained indefinitely. A transfer of medical and dental information is also necessary in referrals to hospital specialists. The risks here may seem low but there are pitfalls. In providing patient referrals, practices should only include personal information relevant to the condition being treated. Inadvertent inclusion of personal details that a patient may not want disclosed in a referral is a much greater risk today with most patient information now being held in easily transmissible electronic form. It is important that practice systems for referrals take account of this risk. Disclosure of confidential information unnecessarily or improperly can expose practitioners to possible civil actions or disciplinary proceedings, or prosecution under the DPA. The same principles apply when dealing with legitimate requests from insurance companies or other health professionals such as occupational therapists. Any sensitive or third party information must be redacted before files are sent. Doctors must also remember that, while the DPA may allow for the disclosure of certain information under certain circumstances, GMC guidelines may not. Doctors must be prepared to answer to the GMC should they disclose information in a way that conflicts with the Council s guidance. 18 Medical and dental records

21 Data security The seventh principle of the DPA stipulates that personal data must be kept securely. It states that: Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. Information relating to a patient s physical or mental health contained in their medical or dental record is classified under the act as personal sensitive data, which places important responsibilities on data controllers to ensure that existing security measures are effective and sufficient. The Information Commissioner now has new powers to impose monetary penalties up to 500,000 for a single serious breach of data protection principles. The Commissioner expects data controllers to take reasonable steps to prevent such breaches of the Act, such as undertaking risk assessments or having security policies in place to protect personal data. Some reasonable precautions to consider include: Avoid storing identifiable personal data on portable devices and where this is necessary, encryption should be used. Implement an information security policy which all staff are aware of. Never store patient identifiable data on personal computers. Report any loss of data or security breaches straightaway to the nominated senior person in your practice/organisation so that action can be taken to prevent further breaches. Consideration should be given to informing the Information Commissioner of any breach. Medical and dental records 19

22 Destruction of records Any method that is used to destroy patient case records must be fully effective and ensure that confidentiality of the material is maintained. The preferred method of destruction of paper files is by shredding, pulping or incineration. Computer data disks and CD-ROMs should be overwritten by random data or destroyed. Software is available to overwrite computer hard drives or the drive can be destroyed. Deleting files or reformatting hard drives will not erase data. It is the responsibility of the medical or dental practitioner, or NHS trust, CCG or health authority, to satisfy themselves that the methods used throughout the process provide adequate safeguards against the accidental loss or disclosure of the records contents. There should be a written policy on data destruction and the process documented. The following information should be recorded: list of the records destroyed when destruction took place who authorised the destruction who carried out the process the reason for destruction. 20 Medical and dental records

23 The future The increasing sophistication of medical and dental care and the likely growth in importance of the secondary objectives of medical and dental records, such as research and audit, mean that good record keeping is likely to become more important and complex in future. Much is expected from the application of information technology to record keeping and, indeed, the potential benefits are considerable. It has long been realised that major clinical, education, training and research gains can be achieved by central archiving of electronic patient records. New IT initiatives in the NHS offer potential for the sharing of accurate clinical records across the health service (including access by patients to personal health records) but these also pose challenges, not least of which is ensuring secure patient confidentiality. It is important for practices to monitor developments in this area. Medical and dental records 21

Dental records. 30 DDU Guide

Dental records. 30 DDU Guide 4 Dental records Dental records are an essential clinical tool for the dental professional. A patient s records may include: clinical notes radiographs consent forms photographs study casts audio or visual

More information

Access to health records

Access to health records Access to health records Guidance for health professionals in the United Kingdom August 2014 What is a health record? Record-keeping Living patients Deceased patients Table of contents 1. Introduction..........................................................

More information

Guidance for Access to Health Records Requests

Guidance for Access to Health Records Requests Guidance for Access to Health Records Requests February 2010 1 DH INFORMATION READER BOX Policy HR / Workforce Management Planning / Clinical Document Purpose Gateway Reference Title Estates Commissioning

More information

Access to Health Records

Access to Health Records Access to Health Records Crown Heights Medical Centre Procedure Access to Health Records ACCESS TO MEDICAL RECORDS (DATA PROTECTION) POLICY INTRODUCTION The Access to Health Records Act 1990 gave individuals

More information

West Sussex County Council. Guidance on Information Law for Schools

West Sussex County Council. Guidance on Information Law for Schools This guidance recognises that schools already deal with a great variety and number of requests for information and provides a straightforward approach to compliance with the following legislation: Education

More information

Guidance for Access to Health Records Requests under the Data Protection Act 1998

Guidance for Access to Health Records Requests under the Data Protection Act 1998 Guidance for Access to Health Records Requests under the Data Protection Act 1998 Version 1 July 2002 Version 2 June 2003 Guidance for Access to Health Records Requests under the Data Protection Act 1998

More information

HOW WE USE YOUR PERSONAL INFORMATION

HOW WE USE YOUR PERSONAL INFORMATION HOW WE USE YOUR PERSONAL INFORMATION Information Leaflet Your Health. Our Priority. Page 2 of 9 Introduction This Leaflet explains why the NHS collects information about you and how it is used, your right

More information

MORE THAN DEFENCE ESSENTIAL GUIDE SERIES PART 1 MPS AN ESSENTIAL GUIDE TO MEDICAL RECORDS ADVICE FOR THE UNITED KINGDOM. www.medicalprotection.

MORE THAN DEFENCE ESSENTIAL GUIDE SERIES PART 1 MPS AN ESSENTIAL GUIDE TO MEDICAL RECORDS ADVICE FOR THE UNITED KINGDOM. www.medicalprotection. ESSENTIAL GUIDE SERIES PART 1 MORE THAN DEFENCE MPS AN ESSENTIAL GUIDE TO MEDICAL RECORDS ADVICE FOR THE UNITED KINGDOM www.medicalprotection.org AN ESSENTIAL GUIDE TO MEDICAL RECORDS UK INTRODUCTION This

More information

Scottish Rowing Data Protection Policy

Scottish Rowing Data Protection Policy Revision Approved by the Board August 2010 1. Introduction As individuals, we want to know that personal information about ourselves is handled properly, and we and others have specific rights in this

More information

Information Governance in Dental Practices. Summary of findings from ICO reviews. September 2015

Information Governance in Dental Practices. Summary of findings from ICO reviews. September 2015 Information Governance in Dental Practices Summary of findings from ICO reviews September 2015 Executive summary The Information Commissioner s Office (ICO) is the regulator responsible for ensuring that

More information

Safer recruitment scheme for the issue of alert notices for healthcare professionals in England

Safer recruitment scheme for the issue of alert notices for healthcare professionals in England Safer recruitment scheme for the issue of alert notices for healthcare professionals in England November 2006 The issue of alert notices for healthcare professionals Summary 1. NHS Employers and the Department

More information

PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE

PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE ADOPTED ON 9 th January 2008 TABLE OF CONTENTS Page No. 1 Introduction...3 2 Glossary...3 3 Types of Personal Data held by Us...3 4 Obligations

More information

Subject Access Request Policy

Subject Access Request Policy Subject Access Request Policy Version Version 4.0 Ratified By Date Ratified 24th February 2015 Author(s) Responsible Committee / Officers Date Issue February 2015 Quality, Performance and Finance Committee

More information

Record keeping. Guidance for nurses and midwives

Record keeping. Guidance for nurses and midwives Record keeping Guidance for nurses and midwives 1 We are the nursing and midwifery regulator for England, Wales, Scotland, Northern Ireland and the Islands. We exist to safeguard the health and wellbeing

More information

Merthyr Tydfil County Borough Council. Data Protection Policy

Merthyr Tydfil County Borough Council. Data Protection Policy Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the

More information

POLICY FOR THE SUPPORT OF STAFF INVOLVED IN INCIDENTS, INQUESTS, COMPLAINTS AND CLAIMS

POLICY FOR THE SUPPORT OF STAFF INVOLVED IN INCIDENTS, INQUESTS, COMPLAINTS AND CLAIMS UNIVERSITY HOSPITALS OF LEICESTER NHS TRUST POLICY FOR THE SUPPORT OF STAFF INVOLVED IN INCIDENTS, INQUESTS, COMPLAINTS AND CLAIMS TRUST REF: B28/2007 APPROVED BY: POLICY & GUIDELINE COMMITTEE DATE OF

More information

The Medical and Dental Defence Union of Scotland Protecting you since 1902. Essential guide to the fatal accident inquiry

The Medical and Dental Defence Union of Scotland Protecting you since 1902. Essential guide to the fatal accident inquiry The Medical and Dental Defence Union of Scotland Protecting you since 1902 Essential guide to the fatal accident inquiry The MDDUS The MDDUS is a mutual indemnity organisation which has provided advice

More information

Making a complaint in the independent healthcare sector. A guide for patients

Making a complaint in the independent healthcare sector. A guide for patients Contents 1. Introduction pages 3 5 2. Local Resolution Stage One pages 6 8 3. Complaints Review Stage Two page 9 4. Independent External Adjudication Stage Three pages 10 11 2 The Patients Association

More information

What NHS staff need to know

What NHS staff need to know St George s Healthcare NHS NHS Trust Surrey Health Informatics Service Sussex Health Informatics Service Records Management Explained What NHS staff need to know A guide to Records Management Contents

More information

LCAT-Data Protection Policy-U LOOE COMMUNITY ACADEMY TRUST DATA PROTECTION POLICY. Introduction

LCAT-Data Protection Policy-U LOOE COMMUNITY ACADEMY TRUST DATA PROTECTION POLICY. Introduction LOOE COMMUNITY ACADEMY TRUST DATA PROTECTION POLICY Introduction 1. Looe Community Academy Trust (the Academy) is required to maintain certain personal data about living individuals for the purposes of

More information

POLICY STATEMENT 5.17

POLICY STATEMENT 5.17 POLICY STATEMENT 5.17 DENTAL RECORDS 1 (Including ADA Guidelines for Dental Records) 1. Introduction 1.1 Dentists have a professional and a legal obligation to maintain clinically relevant, accurate and

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection

More information

1 Introduction... 1. 2 History... 2. 3 Employing authority/trust indemnity: who is covered for what?... 3

1 Introduction... 1. 2 History... 2. 3 Employing authority/trust indemnity: who is covered for what?... 3 This guidance note describes the NHS indemnity scheme introduced in January 1990 and alerts members to its limitations. Members are advised to retain defence body membership or take out personal indemnity

More information

So the security measures you put in place should seek to ensure that:

So the security measures you put in place should seek to ensure that: Guidelines This guideline offers an overview of what the Data Protection Act requires in terms of information security and aims to help you decide how to manage the security of the personal data you hold.

More information

Legal Action / Claiming Compensation in Scotland

Legal Action / Claiming Compensation in Scotland Legal Action / Claiming Compensation in Scotland This help sheet explains your legal rights if you have been injured as a result of medical treatment and the steps involved in seeking compensation through

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY Page 1 of 10 Table of Contents 1. Points of Contact for this Policy 4 2. Purpose of Data Protection Policy 4 3. Overview of the Data Protection Act 1998 5 4. Confidentiality and

More information

NHS complaints procedure An overview

NHS complaints procedure An overview MEDICAL PROTECTION SOCIETY PROFESSIONAL SUPPORT AND EXPERT ADVICE MPS COMPLAINTS SERIES BOOK 5 NHS complaints procedure An overview www.mps.org.uk Contents Regulations and principles page 3 Putting the

More information

DATA PROTECTION CORPORATE POLICY

DATA PROTECTION CORPORATE POLICY DATA PROTECTION CORPORATE POLICY Information Management V1.1 03 July 2012 Not protectively marked This policy must be complied with fully by all Members, Officers Agents and Contractors of Plymouth City

More information

Data Protection Policy

Data Protection Policy London Borough of Enfield Data Protection Policy Author Mohi Nowaz Classification UNCLASSIFIED Date of First Issue 10/08/2012 Owner IGB Issue Status DRAFT Date of Latest Re-Issue 12/09/2012 Version 0.6

More information

Clause 1. Definitions and Interpretation

Clause 1. Definitions and Interpretation [Standard data protection [agreement/clauses] for the transfer of Personal Data from the University of Edinburgh (as Data Controller) to a Data Processor within the European Economic Area ] In this Agreement:-

More information

MEDICAL MALPRACTICE AND PUBLIC LIABILITY INSURANCE FOR PARAMEDICS

MEDICAL MALPRACTICE AND PUBLIC LIABILITY INSURANCE FOR PARAMEDICS MEDICAL MALPRACTICE AND PUBLIC LIABILITY INSURANCE FOR PARAMEDICS INDEX 1 Page Nos. Page Nos. Introduction 3 4 Complaints Procedure & Claims 18 19 Reporting Who we are? 5 6 Financial Conduct Authority

More information

MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY

MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY Page 1 of 16 Contents Policy Information 3 Introduction 4 Responsibilities 7 Confidentiality 9 Data recording and storage 11 Subject Access 12 Transparency

More information

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1 Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees

More information

Medical defence and what every junior doctor should know

Medical defence and what every junior doctor should know Medical defence and what every junior doctor should know MDU Services Limited (MDUSL) is authorised and regulated by the Financial Services Authority in respect of insurance mediation activities only.

More information

Information Governance Policy

Information Governance Policy Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its

More information

Trafford Council. Data Protection. Policy, Statement and Guidance for Employees

Trafford Council. Data Protection. Policy, Statement and Guidance for Employees Trafford Council Data Protection Policy, Statement and Guidance for Employees Author Nick Evans Date August 2009 Status Final Version 1.3 Review Date October 2015 Review By Kathryn Wright Next Review October

More information

d d mm y y If the injury was as a result of criminal assault or a Road Traffic Accident, was the accident reported to the police?

d d mm y y If the injury was as a result of criminal assault or a Road Traffic Accident, was the accident reported to the police? Personal Accident Claim Form This form has been designed to help you provide all the information we need to process your claim quickly. Failure to complete this form correctly may delay your claim. We

More information

Human Resources and Data Protection

Human Resources and Data Protection Human Resources and Data Protection Contents 1. Policy Statement... 1 2. Scope... 2 3. What is personal data?... 2 4. Processing data... 3 5. The eight principles of the Data Protection Act... 4 6. Council

More information

SUBJECT ACCESS REQUEST PROCEDURE

SUBJECT ACCESS REQUEST PROCEDURE SUBJECT ACCESS REQUEST PROCEDURE Document History Document Reference: Document Purpose: IG31 This procedure sets out the responsibility for staff when receiving requests for information provided under

More information

CHAPTER 13 Medical records and patient access to information

CHAPTER 13 Medical records and patient access to information CHAPTER 13 Medical records and patient access to information Robert Stevens is an Auckland barrister and a consultant in the management of personal information and privacy. Cite this as Stevens R 2013.

More information

What are medical records? What is the purpose of the medical record?

What are medical records? What is the purpose of the medical record? Medical Records Contents What are medical records? 3 What is the purpose of the medical record? 3 What should my medical records contain? 4 Why are medical records important medico-legally? 6 How long

More information

PROPOSED REVISED GUIDANCE TO NHS BOARDS FOR CONSULTATION

PROPOSED REVISED GUIDANCE TO NHS BOARDS FOR CONSULTATION Dear Colleague Arrangements for NHS Patients Receiving Private Healthcare 1. This letter provides revised guidance to NHS Boards covering situations where patients obtain private healthcare in addition

More information

Newcastle Safeguarding Children Board Multi-agency information sharing agreement

Newcastle Safeguarding Children Board Multi-agency information sharing agreement Newcastle Safeguarding Children Board Multi-agency information sharing agreement March 2016 Introduction Newcastle Safeguarding Children Board (NSCB) is the strategic body for promoting and safeguarding

More information

2015 No. 0000 FINANCIAL SERVICES AND MARKETS. The Small and Medium Sized Businesses (Credit Information) Regulations 2015

2015 No. 0000 FINANCIAL SERVICES AND MARKETS. The Small and Medium Sized Businesses (Credit Information) Regulations 2015 Draft Regulations to illustrate the Treasury s current intention as to the exercise of powers under clause 4 of the the Small Business, Enterprise and Employment Bill. D R A F T S T A T U T O R Y I N S

More information

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:

More information

INTERNATIONAL SOS. Data Protection Policy. Version 1.05

INTERNATIONAL SOS. Data Protection Policy. Version 1.05 INTERNATIONAL SOS Data Protection Policy Document Owner: LCIS Division Document Manager: Group General Counsel Effective: December 2008 Revised: 2015 All copyright in these materials are reserved to AEA

More information

DATA PROTECTION ACT 1998 COUNCIL POLICY

DATA PROTECTION ACT 1998 COUNCIL POLICY DATA PROTECTION ACT 1998 COUNCIL POLICY Page 1 of 5 POLICY STATEMENT Blackpool Council recognises the need to fully comply with the requirements of the Data Protection Act 1998 (DPA) and the obligations

More information

Professional Behaviour and Ethical Conduct. Code of Practice relating to:

Professional Behaviour and Ethical Conduct. Code of Practice relating to: Code of Practice relating to: Professional Behaviour and Ethical Conduct Promoting transparency and enhancing public confidence in the dental profession February 2012 Code of Practice relating to: Professional

More information

Human Resources Policy documents. Data Protection Policy

Human Resources Policy documents. Data Protection Policy Policy documents Aims of the Policy apetito is committed to meeting its obligations under data protection law. As a business, apetito handles a range of Personal Data relating to its customers, staff and

More information

Medicolegal Problems Facing Breast Radiologists: How to Avoid Them

Medicolegal Problems Facing Breast Radiologists: How to Avoid Them Medicolegal Problems Facing Breast Radiologists: How to Avoid Them Dr Philip Zack Medicolegal Adviser Brighton - British Society of Breast Radiology Conference 10/11/2014 Total number of reported CNST

More information

Satisfaction of principles In order to meet the requirements of the principles, Team Bees will:

Satisfaction of principles In order to meet the requirements of the principles, Team Bees will: Data Protection Policy Introduction. Team Bees is required to maintain certain personal data about living individuals for the purposes of satisfying operational and legal obligations. Team Bees recognises

More information

Appendix 11 - Swiss Data Protection Act

Appendix 11 - Swiss Data Protection Act GLEIF- LOU Restricted Appendix 11 - Swiss Data Protection Act GLEIF Revision Version: 1.0 2015-09-23 Master Copy page 2 of 11 Applicable Provisions of the Swiss Data Protection Act (DPA) including the

More information

WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY

WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY Version 3.0 DATA PROTECTION ACT 1998 POLICY CONTENTS 1. INTRODUCTION... 3 2. PROVISIONS OF THE ACT... 4 3. SCOPE... 4 4. GENERAL POLICY STATEMENT...

More information

Interface between NHS and private treatment Guidance from the Ethics Department February 2004

Interface between NHS and private treatment Guidance from the Ethics Department February 2004 Interface between NHS and private treatment Guidance from the Ethics Department February 2004 Summary General principles Issues for consultants Issues for general practitioners Advertising Summary Although

More information

East Northamptonshire Council Policy & Community Development. Data Protection Policy December 2007

East Northamptonshire Council Policy & Community Development. Data Protection Policy December 2007 East Northamptonshire Council Policy & Community Development Data Protection Policy December 2007 If you would like to receive this publication in an alternative format (large print, tape format or other

More information

The interface between the NHS and private treatment: a practical guide for doctors in Scotland

The interface between the NHS and private treatment: a practical guide for doctors in Scotland The interface between the NHS and private treatment: a practical guide for doctors in Scotland Guidance from the BMA Medical Ethics Department September 2009 Introduction General principles Issues for

More information

Education and Training Committee, 10 March 2011. Professional indemnity insurance. Executive summary and recommendations.

Education and Training Committee, 10 March 2011. Professional indemnity insurance. Executive summary and recommendations. Education and Training Committee, 10 March 2011 Professional indemnity insurance Executive summary and recommendations Introduction This paper appeared as a paper to note at the Council meeting on 10 February

More information

Information Governance. and what it means for you

Information Governance. and what it means for you Information Governance and what it means for you 1 Content Introduction 3 Who are we? 4 What is Information Governance? 4 Purpose of Holding Information 5 Confidentiality and Security 5 Accuracy of Information

More information

Medico-legal guide to The NHS complaints procedure. Introduction

Medico-legal guide to The NHS complaints procedure. Introduction 1.1 Medico-legal guide to The NHS complaints procedure Introduction The NHS and social care complaints procedure was introduced in England on 1 April 2009. The local resolution stage of the procedure is

More information

Data controllers and data processors: what the difference is and what the governance implications are

Data controllers and data processors: what the difference is and what the governance implications are ICO lo : what the difference is and what the governance implications are Data Protection Act Contents Introduction... 3 Overview... 3 Section 1 - What is the difference between a data controller and a

More information

How to complain about a doctor

How to complain about a doctor How to complain about a doctor England This booklet is for patients in England. Our procedures are the same throughout the UK, but healthcare and support organisations do vary. We have therefore also produced

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Policy Details Produced by Assistant Principal Information Systems Date produced Approved by Senior Leadership Team (SLT) Date approved July 2011 Linked Policies and Freedom of Information

More information

How do I obtain copies of my medical records?

How do I obtain copies of my medical records? How do I obtain copies of my medical records? INJURY & NEGLIGENCE SPECIALISTS WELCOME TO PANNONE PART OF SLATER AND GORDON When choosing a law firm, what do you look for? Quality service? Great reputation?

More information

THE ROYAL COLLEGE OF RADIOLOGISTS

THE ROYAL COLLEGE OF RADIOLOGISTS THE ROYAL COLLEGE OF RADIOLOGISTS TEL: 020-7636-4432 FAX: 020-7323-3100 38 PORTLAND PLACE LONDON W1B 1JQ BFCR(06)4 (updated February 2008) Retention and Storage of Images and Radiological Patient Data

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Title Author Approved By and Date Review Date Mike Pilling Latest Update- Corporation May 2008 1 Aug 2013 DATA PROTECTION ACT 1998 POLICY FOR ALL STAFF AND STUDENTS 1.0 Introduction 1.1 The Data Protection

More information

John Leggott College. Data Protection Policy. Introduction

John Leggott College. Data Protection Policy. Introduction John Leggott College Data Protection Policy Introduction The College needs to keep certain information about its employees, students and other users to allow it to monitor performance, achievements, and

More information

Code of Practice on Data Protection for the Insurance Sector

Code of Practice on Data Protection for the Insurance Sector Code of Practice on Data Protection for the Insurance Sector (Approved by the Data Protection Commissioner under Section 13 (2) of the Data Protection Acts, 1988 and 2003) Forward I am very happy to be

More information

Identity Cards Act 2006

Identity Cards Act 2006 Identity Cards Act 2006 CHAPTER 15 Explanatory Notes have been produced to assist in the understanding of this Act and are available separately 6 50 Identity Cards Act 2006 CHAPTER 15 CONTENTS Registration

More information

Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015

Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015 Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015 Aim of the Session Identify legal and ethical problems that may be encountered when providing

More information

Steve Mason, Legal Services and Governance Lead. Ratified and Approved CCG Governing Body on 10 October 2013 by:

Steve Mason, Legal Services and Governance Lead. Ratified and Approved CCG Governing Body on 10 October 2013 by: Title: Claims Management Policy Reference No: Owner: Author: Steve Mason, Legal Services and Governance Lead First Issued On: Latest Issue Date: Operational Date: Review Date: Consultation Date: Policy

More information

SCOTLAND S COMMISSIONER FOR CHILDREN AND YOUNG PEOPLE STANDARD CONDITIONS OF CONTRACT FOR SERVICES

SCOTLAND S COMMISSIONER FOR CHILDREN AND YOUNG PEOPLE STANDARD CONDITIONS OF CONTRACT FOR SERVICES SCOTLAND S COMMISSIONER FOR CHILDREN AND YOUNG PEOPLE STANDARD CONDITIONS OF CONTRACT FOR SERVICES 1 1 Definitions In these conditions:- We means Scotland s Commissioner for Children and Young People,

More information

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19 Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility

More information

Lord Chancellor s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000

Lord Chancellor s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000 Lord Chancellor s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000 Lord Chancellor s Code of Practice on the management of records issued under

More information

Information Assurance Policies and Guidance. Information Governance Policy. Document Version: v0.5 Review Date: 1 May 2016

Information Assurance Policies and Guidance. Information Governance Policy. Document Version: v0.5 Review Date: 1 May 2016 Information Assurance Policies and Guidance Information Governance Policy Document Version: v0.5 Review Date: 1 May 2016 Owner: Information Governance Manager 1 P a g e Document History Revision Version

More information

HERTSMERE BOROUGH COUNCIL

HERTSMERE BOROUGH COUNCIL HERTSMERE BOROUGH COUNCIL DATA PROTECTION POLICY October 2007 1 1. Introduction Hertsmere Borough Council ( the Council ) is fully committed to compliance with the requirements of the Data Protection Act

More information

1.2 Scope This policy and guidance applies to all University staff, students and others who use or process any personal information.

1.2 Scope This policy and guidance applies to all University staff, students and others who use or process any personal information. MANCHESTER METROPOLITAN UNIVERSITY DATA PROTECTION POLICY This policy should be read in conjunction with the Data Protection Guidance, which is attached as: Appendix A Dealing with Personal Data Appendix

More information

technical factsheet 176

technical factsheet 176 technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection

More information

Electronic health records: data protection issues in Europe

Electronic health records: data protection issues in Europe Electronic health records: data protection issues in Europe By Clare Sellars and Dr Amanda Easey IPM&T Group, McDermott Will & Emery UK LLP This article has been published in the April 2008 issue of BNAI

More information

Reports and court appearances

Reports and court appearances 5 Reports and court appearances As a dental professional, you may be asked to be a professional witness. In this capacity, you provide evidence about a patient who may be someone you have treated recently

More information

QIPP Digital Technology. Online Meeting Services: Information Governance Guidance

QIPP Digital Technology. Online Meeting Services: Information Governance Guidance QIPP Digital Technology Online Meeting Services: Information Governance Guidance Author: Richard Trusson Date: March 2012 Version: 1.0 Crown Copyright 2012 Page 1 of 22 Contents 1. Executive Summary...

More information

How to see your Health Records

How to see your Health Records How to see your Health Records Version 3 Produced in April 2007 Revision date April 2009 NHS SCOTLAND Who is this leaflet for? It is for people who use the NHS in Scotland. People using private healthcare

More information

Non ASPH Trust Staff - DATA ACCESS REQUEST Page 1/3

Non ASPH Trust Staff - DATA ACCESS REQUEST Page 1/3 Paper 9 Non ASPH Trust Staff - DATA ACCESS REQUEST Page 1/3 Please ensure that all THREE pages of this contract are returned to: Information Governance Manager, Health Informatics, Chertsey House, St Peter

More information

Requesting amendments to health and social care records

Requesting amendments to health and social care records Requesting amendments to health and social care records National Information Governance Board for Health and Social Care Guidance for patients, service users and professionals Contents About this guidance

More information

Council, 14 May 2015. Information Governance Report. Introduction

Council, 14 May 2015. Information Governance Report. Introduction Council, 14 May 2015 Information Governance Report Introduction 1.1 The Information Governance function within the Secretariat Department is responsible for the HCPC s ongoing compliance with the Freedom

More information

(4) THAMES VALLEY POLICE of Oxford Road, Kidlington, OX5 2NX ("Police Force"),

(4) THAMES VALLEY POLICE of Oxford Road, Kidlington, OX5 2NX (Police Force), DATE OF INFORMATION SHARING AGREEMENT JULY 2015 PARTIES (1) LIVE NATION (MUSIC) UK LIMITED (Company Number 02409911) whose registered office is at 2 nd Floor, Regent Arcade House, 19-25 Argyll Street,

More information

INTRODUCTION 1 STRUCTURE AND APPROACH 1 CONTEXT AND PURPOSE 2 STATEMENT OF PURPOSE 3

INTRODUCTION 1 STRUCTURE AND APPROACH 1 CONTEXT AND PURPOSE 2 STATEMENT OF PURPOSE 3 June 2007 Table of Contents INTRODUCTION 1 STRUCTURE AND APPROACH 1 CONTEXT AND PURPOSE 2 STATEMENT OF PURPOSE 3 3 Standard 1: Statement of purpose 3 Standard 2: Written guide to the adoption service for

More information

Paperless World Limited

Paperless World Limited Paperless World Limited Security Policy Statement Contents Section 1: Paperless World Limited Security Policy Statement... 2 Section 2: The Data Protection Act 1998... 2 Section 3: Definitions... 2 Personal

More information

University of Limerick Data Protection Compliance Regulations June 2015

University of Limerick Data Protection Compliance Regulations June 2015 University of Limerick Data Protection Compliance Regulations June 2015 1. Purpose of Data Protection Compliance Regulations 1.1 The purpose of these Compliance Regulations is to assist University of Limerick

More information

Information Governance Framework. June 2015

Information Governance Framework. June 2015 Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review

More information

UNIVERSITY HOSPITALS OF LEICESTER NHS TRUST

UNIVERSITY HOSPITALS OF LEICESTER NHS TRUST UNIVERSITY HOSPITALS OF LEICESTER NHS TRUST POLICY FOR TRUST INDEMNITY ARRANGEMENTS (IN RESPECT OF CLINICAL NEGLIGENCE AND OTHER THIRD PARTY LIABILITIES) 21 st November 2003 APPROVED BY: Trust Executive

More information

www.informationlaw.org.uk Information Law Training and Advice Access to Deceased Persons Records under the Freedom of Information Act 2000

www.informationlaw.org.uk Information Law Training and Advice Access to Deceased Persons Records under the Freedom of Information Act 2000 First published in World Data Protection Report (November 2007) Access to Deceased Persons Records under the Freedom of Information Act 2000 The dead can t sue or so the saying goes. But do they have a

More information

Firm Registration Form

Firm Registration Form Firm Registration Form Firm Registration Form This registration form should be completed by firms who are authorised and regulated by the Financial Conduct Authority. All sections of this form are mandatory.

More information

Subject Access Request, Procedure, Guidance and Information

Subject Access Request, Procedure, Guidance and Information Subject Access Request, Procedure, Guidance and Information Updated: July 2015 Page 1 of 61 CONTENTS 1. Introduction 5 2. Legal Context 5 3. Subject Access Request to Personal Records Guidance 6 Guidance

More information

How to see your Health Records

How to see your Health Records How to see your Health Records Version 4 Produced in April 2009 Revision date February 2012 NHS SCOTLAND Who is this leaflet for? It is for people who use the NHS in Scotland. People using private health

More information

OBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data;

OBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; OBJECTS AND REASONS This Bill would provide for (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; (b) the protection of the privacy of individuals in relation

More information

Personal Accident Claim Form

Personal Accident Claim Form Personal Accident Claim Form Claimant Details Title Full Name Date of Birth Occupation Usual Country of Domicile Claimant Address: Contact Details Postcode: Daytime Telephone: Email Address: Wherever possible

More information

Governance. Information. Bulletin. Welcome to the nineteenth edition of the information governance bulletin

Governance. Information. Bulletin. Welcome to the nineteenth edition of the information governance bulletin Welcome to the nineteenth edition of the information governance bulletin Our regular bulletin about information governance and the work of the IG transition programme Publication Gateway Reference: 02465

More information

Data Protection Policy

Data Protection Policy Data Protection Policy April 2014 Author: Jennifer McLaren, Assistant Principal, Curriculum Support & Finance Impact Assessment Date: 15 February 2010 Date: April 2014 Contents 1 Purpose... 2 2 Policy...

More information

How to complain about a doctor. England

How to complain about a doctor. England How to complain about a doctor England This booklet is for patients in England. Our procedures are the same throughout the UK, but healthcare and support organisations do vary. We have therefore also produced

More information

Guide to making a complaint about an NHS service

Guide to making a complaint about an NHS service Guide to making a complaint about an NHS service February 2014 Healthwatch Coventry www.healthwatchcoventry.org.uk Contents 1. About this guide page 3 2. The NHS complaints procedure page 3 3. About the

More information