In this article
If you work in care, you need to know about confidentiality. We all want to know that our personal information is kept safe and confidential. However, there are times when information about health or social care situations needs to be shared between professionals.
In 2017, there were 112,800 social work jobs in the UK; 2019 statistics show 1.2 million people were working in the NHS in all roles; and a further 1.1 million people were working in adult social care roles according to 2018 numbers. With such a vast workforce dealing with confidential and sensitive information every day, knowing what the rules are is important to your job role.
As a health and social care professional, it’s vital you understand your responsibilities towards your patients and also your colleagues.
We are going to cover:
- The meaning of and concepts behind confidentiality
- The legal framework that you have to work within
- Some best practice tips regarding confidentiality
- When it’s ok to break confidentiality.
This will ensure you’re up to date with the rules and laws, so that you can do your best by those you’re caring for.
What is confidentiality?
The essence of confidentiality is when a patient or person you’re working with gives you information and expects that it’ll be kept in confidence, or secret. There are three ways that the people you work with are offered confidentiality:
1. By law, either through government legislation or case law
2. Through professional codes of conduct or best practices
3. By means of your contract as a healthcare professional.
There are also legal principles that cover what information can be regarded as confidential. Briefly, they are:
- The information must be in some way private and would normally be kept secret
- It must be provided at a time when you’d expect confidence, such as when you tell a doctor about a medical condition
- If the information were to be disclosed it would have negative or detrimental consequences.
In practice, as a healthcare worker you might know about a sensitive illness someone has, such as AIDS. If that information were to be shared, unfortunately that person could find themselves being treated negatively. As another example, a social worker may be helping a client to apply for housing benefit but they may not want their family to know they’re claiming benefits.
Working closely in people’s lives means you’re going to find out deeply personal information about them. As a person in a position of trust, you must keep this information confidential.
What are the five rules of confidentiality?
In a health and social care setting, there are professional rules that you need to follow in terms of confidentiality. There are going to be times when you will need to share information given in confidence. An example might be when a client tells you about a change in the symptoms of their medical condition and you need to share that with their doctor.
We’ll go through the five rules about confidentiality, as set out by the Health and Social Care Information Centre in 2013.
“Confidential information about service users or patients should be treated confidentially and respectfully.”
Being able to maintain confidence will maintain the trust you have with your client or patient. As well as being respectful to them, keeping information confidential maintains trust in all of your professional colleagues.
Whenever you have to record confidential information, such as writing medical records, this should be done accurately and factually.
“Members of a care team should share confidential information when it is needed, for the safe and effective care of an individual.”
You need to make sure that the right information is shared with a person’s care team. That team can include:
- Social workers
- Lab staff carrying out tests
- Social care workers
- Specialised care providers
- Admin staff.
A person can request that information not be shared, but that can be overridden when they have a notifiable disease or there is a safeguarding issue, for example.
Information should only be shared if it’s necessary to look after the client or patient. Nothing should be shared that’s not relevant to taking better care of the person.
“Information that is shared for the good of the community should be anonymised.”
For medical and social researchers, information about patients and service users can be invaluable. Giving them access to information is allowed as long as there’s little or no risk of the person being identified.
There are other rules in place about seeking consent if the information needs to be identifiable. If you come across a situation where you’re asked to share information for research purposes and you’re unsure what to do, seek guidance from your supervisor before going ahead.
“An individual’s right to object to the sharing of confidential information about them should be respected.”
Confidential information can be shared in regards to treatment and care. Anything over that need can be objected to. For example, sometimes government agencies might request information about people with care plans to be able to analyse the data. A patient can say no to this.
It’s still possible for the information to be shared in an anonymised form; this isn’t then breaking anyone’s wishes.
“Organisations should put policies, procedures, and systems in place to ensure the confidentiality rules are followed.”
Organisations that hold confidential information should have a person responsible for everyone following these five rules. If that’s you, there are going to be processes that you need to follow and you’ll need to ensure adequate training for everyone you’re in charge of.
What confidentiality legislation covers health and social care?
Along with these professional rules about confidentiality in a care setting, there are laws in place too. You’ve got responsibilities to meet as a person who gathers and processes confidential information.
There are four main areas of legislation that you need to be aware of as a health or social care professional when it comes to confidentiality.
The common law of confidentiality
In UK common law, everyone has a duty of confidentiality. It basically means that if you come across information that’s confidential, it should remain so if disclosure would be unfair to others.
In your line of work, you can’t share information that you’ve been trusted with, unless you have the consent of the subject of the information. There are exceptions to this under common law, such as:
- For safeguarding purposes or if it’s in the public interest.
- If you’re legally obliged to through a court order.
In terms of access to confidential information, you and your team should only have access to the data you need to be able to complete your role. Transporting records should also be done with great care.
Once a patient or service user has died, there is no legal obligation of confidentiality, however, ethically you still wouldn’t share data unless really necessary.
The Care Act 2014
Under the Care Act 2014, you have a duty of care to share information when you have a safeguarding concern. Under the Act, you should always seek consent to share information wherever possible.
There are times when it’s ok to not tell your patient or client that you’re going to share their information. You need to take into account the safety and well-being of the person under your care.
An example would be in a situation where there is domestic abuse or violence; you may need to withhold the fact you’re going to share information with the police in order to protect the person in your care.
When information does need to be shared, it must be:
You must also keep a record of any information you share, whether consent has been given, and any reasons or justifications why not.
Human Rights Act 1998
There are 13 articles enshrined in the Human Rights Act. When it comes to confidentiality in care, Article 8 is the one you need to be aware of.
Article 8 protects your right to a private and family life. In practice, this means that your patient or client has a right to have their information treated confidentially and only have it shared with their consent. The principles are similar to common law confidentiality in the UK.
The way data is stored about a person is also covered in this right. When you make and keep confidential records about a person, you have a responsibility to keep those records secure.
Data Protection Act 2018
The 2018 Act supersedes the 1998 Data Protection Act and strengthens the rules around holding and processing data. You might have heard of the General Data Protection Regulations from the European Union; these are those rules in UK law.
The principles of the Data Protection Act say that any information that you handle must be:
- Used in a legal, open, and fair way
- Used for clearly defined reasons
- Used only when needed
- Not kept for any longer than you need it
- Kept secure from people trying to use it illegally.
However, along with these principles, there are exceptions. You are still allowed to share information, with and sometimes without consent, if there are safeguarding or public interest concerns.
You need to make a judgement whether it is necessary to share information without a person’s consent. As a care worker you may find that a person’s family member is taking money without their knowledge and by sharing it with your client it could cause them to be a victim of abuse. In this situation, you’d need to weigh up whether sharing this information without consent is the best course of action for the person you’re caring for.
Dos and don’ts of confidentiality
A lot of the ideas surrounding confidentiality may seem like common sense. It may feel easy, but that’s even more reason to really pay attention to it. You may make an assumption about information sharing based on your own ideas that goes against the basic ideas.
For example, you might think nothing of sharing a medical diagnosis with your own brother but your patient may find it completely against his right to confidentiality. Here, we’ve put together a quick list of the things you should consider when it comes to confidentiality.
Dos of confidentiality
- Ask for consent to share information
- Consider safeguarding when sharing information
- Be aware of the information you have and whether it is confidential
- Keep records whenever you share confidential information
- Be up to date on the laws and rules surrounding confidentiality.
Don’ts of confidentiality
- Keep data unless you really need
- Give out any information without asking for consent
- Share any information unless you have justification
- Be secretive about the data you have.
When can you break confidentiality?
As we’ve discussed at a few different points, confidentiality isn’t absolute. Working in a health or social care setting, you become privileged to a whole range of data and information about the people in your care. Whilst you should always maintain the confidence wherever possible, sometimes you have to break it.
If you know someone is being abused or neglected, or is at risk of being so, you have a duty to share that information as a safeguarding concern. If someone lacks mental capacity, you must also share information if you believe they are at risk of or are being abused.
You may also sometimes be faced with a legal request for confidential information. This would come in the form of a court order. It’s best that you seek legal advice before disclosing any information; your supervisor will be able to help you source advice.
There is also a consideration of public safety which can override confidentiality. Say you have a service user who is alcohol dependent; when you go into their home to care for them, you become aware they’ve consumed a lot of alcohol. They tell you that they intend to drive to the shop later. Although you know this is confidential information, since the person could cause serious harm by driving under the influence of alcohol, you’re obliged to break confidentiality and share the information with the police.
We all expect a basic level of confidentiality when we interact with professionals. When you get confidential information, it’s important that you treat it as such so that you can build and maintain trust with your patients, clients, or service users.
Be aware of both the five rules of confidential information and the laws that govern information protection and sharing. Your service users do have lots of rights, but you also have responsibilities to them and sometimes to the general public to share information.
When you have concerns about abuse or neglect or when public safety may be in jeopardy, you are allowed to break confidentiality. Remember, confidentiality in a care setting isn’t absolute, but when you need to break a confidence you should always seek permission to do so wherever possible.