Presentation on theme: "Welcome to the Information Sharing Workshop"— Presentation transcript:
1Welcome to the Information Sharing Workshop NIGB would like to thank County Durham and Tees Valley Information Governance Leads Group who allowed us to adapt this workshop from their original workshop materials
2National Information Governance Board Main Office NumberSpeakers
3Today is About… …Sharing Information: Safely Legally and Confidentially
4What is Information Governance? Information Governance (IG) is the overall framework of policies, procedures, standards and responsibilities for managing an organisation’s information assets. It covers all information in all formats (manual & electronic).Main areas of Information Governance:Managing information governanceInformation/ records managementInformation Quality assuranceInformation SecurityLegal complianceCodes of PracticeFOI Act 2000
5What are the Standards? Information Quality Assurance Codes of PracticeInformation Security AssuranceIG ToolkitRecords ManagementCare Record GuaranteesLocal PoliciesCaldicott Report
6Why is IG Important? helps all staff to manage information helps to ensure all staff comply with the lawhelps staff to share information across organisationscan help to improve decision makingTo meet obligations and responsibilities
7So…..IG ensures personal information is dealt with legally, securely, ethically, efficiently and effectively and we can ensure the confidence of the individual
8The Legal Context The Data Protection Act 1998 The Human Rights Act 1998The Health and Social Care Act 2008Common Law of ConfidentialityAdministrative LawFOI Act 2000Other Legislation e.g.Children Act, Mental Capacity Act, Gender recognition Act, Adoption Act.
9A Duty of ConfidenceA duty of confidence arises when one person discloses information to another (e.g. individual to clinician, client to social worker) in circumstances where it is reasonable to expect that the information will be held in confidence or where it is obvious the information is confidential in nature.The duty of confidence -Is a legal obligation derived from case-law.Is a requirement within professional codes of conduct.Is included within many employment contracts as a specific requirement linked to disciplinary procedures.
10The Confidentiality Model PROTECTIMPROVEProtect - look after the patient’s informationInform - ensure that patients are aware of how their information is to be usedProvide choice - allow patients to decide whether their information can be disclosed in particular waysto support these three requirements, there is a fourth:Improve - always look for better ways to protect, inform and provide choiceINFORMPROVIDE CHOICE
11An individuals information PROTECTProcedures to ensure that all staff, contractors and volunteers are fully aware of responsibilities regarding confidentialityRecording an individuals information accurately and consistentlyKeeping information physically secureMaintaining confidentialityDisclosing and using information with appropriate careDuty of confidentiality arises out of common law, professional obligations and employment contracts. Voluntary staff must sign agreement.Maintaining proper records is vital to individual careRecord keeping best practice - factual, consistent and accurate - relevant and usefulNot gossipingTaking care when discussing cases in public placesBoth manual and electronic recordsFollow info sharing protocols; Identify enquirers so share only with right people; apply standards re faxes, s and mail; share minimum necessary to provide safe care or satisfy other purposes - follow Caldicott principles.
12Service Users Effectively No Surprises! InformService Users Effectively No Surprises!Check (where practicable) that leaflets or other guidance on confidentiality has been understoodMake clear to individuals when information is recorded or service records accessedMake clear to service users when information may be disclosed to othersEvery NHS org should have posters and leaflets - both receptionists and clinicians should check.‘Let me make a note in your file’ or ‘I am just taking a note of your blood pressure’. Should occur as natural part of communication.‘I am writing to the consultant to let them know….’ or with electronic records ‘The hospital specialist is able to view your health records to understand your medical history….’ or ‘I will tell Social Services about your dietary needs to help them arrange meals on wheels….’
13Service Users Effectively No Surprises! InformService Users Effectively No Surprises!Check that individuals have no concerns about how their information is disclosed and usedAnswer any queries personally or direct to those who can answerRespect the rights of individuals and help them exercise their right to access their service recordIf information is particularly sensitive staff should be explicit about what is recorded and check that individual is happy with that information being shared.It is better to address concerns immediately but if necessary refer to better source of information. (use PALS?)Patients have a right to see their records under the Data Protection Act.
14Provide Choice Provide Choice Ask the individual before using personal information in ways that do not contribute directly to, or support, the purposeRespect the individuals decisions to restrict disclosure or use of information, except in exceptional circumstancesCommunicate effectively with service users to ensure they understand the implications of non-disclosureWhere info is required but does not meet tests of necessity and appropriateness, anonymise info.Otherwise obtain consent.If not possible to restrict info without compromising care discuss with individual. Patients choice ultimately to be respected.Ensure records are kept of care provided and restrictions placed on disclosing by patients. Show that individual safety nor clinical responsibility has been neglected.In order to make valid choices patients must know what options are, but also the consequences of those choices.If patients make a choice which compromises provision of high quality care, this should be documented within record. Patients should be aware they can change their mind later.
15It is not possible to achieve best practice overnight. Staff must: ImproveWherever PossibleIt is not possible to achieve best practice overnight. Staff must:Be aware of the issues surrounding confidentiality and seek training or support where uncertain in order to deal with them appropriatelyReport possible breaches or risk of breachesIgnorance is no excuse. Work within the spirit of this code and any locally produced guidelines, protocols and proceduresReport breaches or near misses to senior staff or Info Governance lead. What is your incident reporting procedure?Specific legislation to protect whistleblowers.Professional staff may contact professional bodies for guidance.
16Death of Baby PeterIn August 2007 Baby Peter died of horrific injuries inflicted by his carersHe had suffered over 50 injuries despite receiving 60 visits from social workers, doctors and the police over an 8 month periodLaming enquiry criticised failings in information sharing between agencies, the poor training and support given to “over-stretched” front-line staff and the red tape “hampering” social workers
17What Guidance is Available National information sharing guidance produced by Children’s Services including information sharing pocket guide and dvdEvery Child Matters reforms 2004 – 2008 new guidance was issued to reflect current policy for practitioners working with both adults and children’s servicesInformation Sharing ProtocolsSocial Care Record Guarantee, NHS Care Record GuaranteeNational Information Governance Board (NIGB)Recognise that a difference of culture may exist with the agencies you wish to share information with and work to removing barriers where there is a legitimate legal reason for sharing.
18What does this mean?Where possible we should respect the wishes of individuals who do not consent to share confidential information. You may still share information, if in your judgement on the facts of the case, there is sufficient need to override the lack of consentSeek advice when in doubt, especially where your doubt relates to a concern about possible significant harm to a child, vulnerable adult or serious harm to othersYou should ensure that the information you share is:Accurate and up-to-date (historical information maybe relevant too)Necessary for the purpose for which you are sharing itShared only with those people who need to see itShared securelyAlways record the reasons for your decisions – whether it is to share information or not
19Valid ConsentIn Health consent can be implied or explicit, in Social Care it is always explicit but for both it needs to beInformedUnderstood - The service user needs to have capacity to understandFreely given
20Implied Consent Consent not expressly given: Often consent is assumed for sharing information with colleagues within the organisation, particularly in Health.i.e. a individual sees a nurse for a test, it is assumed that the individual will consent for the results to be shared with the treating doctor.In Social Care sharing with other departments in the Local Authority would require explicit consent for another purpose.i.e. to share with housingSharing information between health care colleagues in different organisations e.g. ambulance crews to A & E staff.
21Explicit or Informed Consent Agreement to sharing should be recorded the individual should be made aware of: -What information is to be sharedWhat is the purpose of sharing itWho it is to be shared withHow the information will be protectedWhether it may be further sharedThat they have the right to refuse (if they do)The consequences of refusal and agreement to consent
22How do we obtain consent Consent should be sought at the earliest opportunityConsent should be recorded using the relevant Consent or Permission to Share form and signed by both the social work professional and the individual or their representative. In Heath this should be recorded in the individual notesClear explanation should be given to the individual on what they are consenting to and for how longIt should be made clear that consent can be withdrawn at any time but we will share when there is a legal requirement to do soAn individual should understand that if they withdraw their consent this may affect the service we can provide to themRevisiting consent – at least annually or when a new event happens
23Children and competence to Consent Children and young people16 assumed to be competentUnder 16 competent if they have the capacity to understand and take own decisionsOtherwise consent from whoever has parental responsibilityChanges at 16 onus of proof shifts from being on the child to being on the person wanting to assert lack of capacity.
24Adult Capacity to Consent Adult unable to give consent?Take into account the views of relatives or carer’sRespect any previously expressed wishesMental Capacity Act (MCA)Adults lacking capacity may have an advocateProvision under MCA for proxy consent via LPA or Court appointed deputyUltimately, the professional must act in the individual’s best interestsRecord the decision and the reasons for itMention Mental Capacity Act 2005 – In force February 2007.
25Consent - SummaryEnsure the child/adult has the necessary capacity to understand what they are consenting to and seek advice if unsureRecord what information will be shared and with whom (always record reasons for sharing without consent)It is the individuals choice to refuse consent, alter arrangements or withdraw consent at a later stageExplain what the consequences are of withdrawing consent and where it may be shared anywayNeed only one parent, with parental responsibility, to give consent - ‘Fraser’ (judgement Gillick) competent’ children under 16 also have rights of confidentiality
26Consent The sharing of information should be controlled and justified Remember – the consequences of NOT sharing information with other agencies could be far worse than inappropriate sharingThere are some circumstances in which sharing confidential information without consent will normally be justified in the public interest:When there is evidence that the child/vulnerable adult is suffering or is at risk of suffering harm; orWhere there is reasonable cause to believe that a child may be suffering or at risk of significant harm; orTo prevent significant harm arising to children/vulnerable adult including through the prevention, detection and prosecution of serious crime
27So what if they say noConsider Public Interest justification before seeking consent which could affect approach to consent.I.e. need to provide the information but would prefer to disclose with their agreement. Give an opportunity for them to state their case for non-disclosure.May not be appropriate if there is risk to staff or others.
28Understanding Consequences Explain consequences of agreeing to consentExplain consequences of refusing consent i.e. limiting Services – housing etc.
29So, what if they say No?If the individual is competent to make the decision and they fully understand the consequences of the decision for care or treatment:Understand their reasons and see if they can be satisfiedCan care be provided in different way? (Must be practical)Balance the risks – consider ‘public interest’ – you may need to share anyway…Harm to selfHarm or risk to othersMental Capacity Act 2005.
30What if they say “Yes”… and then change their mind! Even Worse!What if they say “Yes”…and then change their mind!
31QUESTIONS TO ASK BEFORE SHARING INFORMATION Q: Can I still disclose if they don’t consent?“There must never be another tragic case where a child suffers as a result of professionals not sharing what they know.”Margaret Hodge“…in every judgment they make, staff have to balance the right of a parent with that of the protection of the child.”Lord Laming,The Victoria Climbié InquiryShould not be sharing without an explicit reasonOnly justified if the purpose of the sharing is clearly in the best interests of the data subjectPractitioners must be able to state the purpose of the request for information. This can be expressed in general terms, but needs to relate to the welfare of the data subject. The gathering/ documentation of evidence may call for some thought and judgement, but should not be used as a barrier to information sharing.
32QUESTIONS TO ASK BEFORE SHARING INFORMATION Q: Can I still disclose if they don’t consent?Failure to share information appropriately can be a serious breach of careSharing without consent may be necessary and appropriate under some circumstances:When a child is believed to be at serious risk of harmWhen there is evidence of serious public harm or risk to others or and individualFor the prevention, detection or prosecution of serious crimeWhen instructed to do so by a courtShould not be sharing without an explicit reasonOnly justified if the purpose of the sharing is clearly in the best interests of the data subjectPractitioners must be able to state the purpose of the request for information. This can be expressed in general terms, but needs to relate to the welfare of the data subject. The gathering/ documentation of evidence may call for some thought and judgement, but should not be used as a barrier to information sharing.
33ProportionalityThe proposed disclosure should be proportionate to the need to protect the child’s/vulnerable adult’s welfareThe amount of information disclosed and the number of people to whom it is disclosed should be no more than is necessary to meet the public interest in protecting the health and wellbeing of the child/vulnerable adult
34When in DoubtConsult a Manager/Caldicott Guardian or Data Protection/Information Governance OfficerObtain advice from legal services if appropriateRecord reasons why a decision was made to:Override the requirement to seek consentShare information without consent
35Questions To Ask Before Sharing Information…with anyone, about anyone What are the reasons for sharing?Is there sufficient ‘need to know’?Is the request proportionate?Is the information up to date/accurate?Will there be secondary disclosure?Do I need consent?Have I got consent?Can I still disclose if they don’t consent – is there another justification?Have I recorded the sharing?Am I sharing securely?Secure means that all reasonable steps have been taken to prevent the information being passed to someone that does not have the right to it.VERBALLYBY POSTByBy FAX
36New Technology The NHS NPfIT Programme National Records Electronic Common Assessment systemsUse of NHS mail to share information for multi-agency teamsWith new systems the ability to share information will become easier.We will be dependant on other peoples information being accurate and many decisions about peoples lives will be based on the information that we share and crucially on what we don’t share.
37Impact of Technology on Data Protection Whose record is it if more than one individual contributes to the record –multi agency teamsHow will we handlepre adoption information electronicallySubject Access RightsThird Party informationMother’s information in Children’s recordsSeriously harmful dataCase recording
38Records Management More professional More factual Meet the Data Protection requirementsMental Capacity Act 2005Freedom of Information 2000Share a common languageRecording Consent – Reasons and FactKeeping Secure
39Recording Facts and opinions Example Undiagnosed mental illness?Appeared to be unwashed and dishevelledError correction, or if the individual disagrees (Guidance)
40Why do we Need an Information Sharing Protocol ? So everyone knows the rules and has clear guidance on how, where, when and with whom.Protects the subject, the staff and the organisationIs not instead of consentExampleCare Homes – expectations of those we share information with
41Information Sharing Protocols What data do we want to share?With whom do we want to share it?Why do we want to share it?How can we justify sharing it?How do we comply with the law?These guidelines should be followed when sharing information within organizations as well as when sharing information with other agencies. Finding positive answers to the questions will enable information sharing based on solid reasoning, rather than finding reasons not to share.Pro-active Framework
42Using the Three Tier Model at local level Principles we will all work to contained in the high level protocolTier 2Purpose for Sharing Information e.g Care of AdultsExample of a local protocol – Child Protection – Single Assessment Process – Sure startProcess of how we will share the information in the Service Level Information Sharing protocolTier 3
43The Protocol should describe How we comply with the LawWhy we need to share the informationHow we justify sharing the informationWhat information we want to shareWith whom we will share the informationHow we will protect the informationData Protection Act, Human Rights, Common Law of Confidentiality, Mental Capacity Act 2005 etc
44How We Comply With The Law How we restrict access to the information -consentWho needs to know, how muchWhat security will protect itHow long it will be kept forWhat format will it be inWhen it can be destroyed or ArchivedSubject Access rightsData QualityHiding behind legislation and red tape!!!Access by staff to information, Cannot do the job without the information accessPaper locked away, Policies for passwords, Safe Haven Faxes, subject access requests, Records Management etcRecord keeping, retention and destruction
45Why we need to share information To enable early intervention to help children and vulnerable adults to achieve positive outcomesTo enable professionals to feel confident in making good effective information sharing decisionsTo prevent death or serious harm being caused to vulnerable children and adults as a result of failing to:record informationshare itunderstand the significance of the information sharedtake appropriate action in relation to known or suspectedabuse or neglectCommon Assessment Framework, Single Assessment Process
46Breakout ObjectivesA more informed understanding about why information should be shared, when and with whom.Clarification of the legal and ethical issues that surround information sharing.A toolkit to support information sharing
47Breakout ObjectivesIncreased awareness of partner agencies and their responsibilities and concerns in relation to information sharing.Strategies for disseminating these ideas to others in your organisations.Impact of new technology on information sharing.
48Delegate ObjectiveClarification on safe, legal and confidential ways to send information via computerTo get a more informed understanding about sharing informationTo link/network with other delegates with the same remit as myselfTo widen my knowledge of the subject areaTo explore issues/dilemmas/barriers with other professionals
49Group Work One Raising the issues – What Will Happen if we Do Share Information?What Could Happen if we Don’t Share Information?
50You have 30 minutes to complete this exercise InstructionsChoose 1 of the 3 scenarios on the tableAs instructed by your facilitator each person takes a cardBeginning with the oldest date each person decides who they would or would not share the information with, they then read the card to the groupDebate in your groups whether or not having all of the information would change any decisions madeYou have 30 minutes to complete this exercise
51Group Work Two Deciding What to Share - Would We? - Could We? - Should We?
52InstructionsPick a scenario card, work through as many scenarios as you have time forDiscuss and decide if you would share the informationDiscuss and decide if you could share the informationDiscuss and decide if you should share the information(You have 30 minutes to complete this exercise)
53Feedback from Tables and any questions Each group chooses one question to ask the panel of experts arising out of the discussionsComplete the evaluation form