DRAFT Confidentiality Clause for Staff Contracts

East Surrey Local Health Community

Confidentiality Clause for Staff Contracts

Dated: April 2002

Version: 2.0

Confidentiality clause for staff contracts

1Introduction

In the UK there are several Acts of Parliament that deal with issues of security, confidentiality and privacy of personal information. Under these Acts each employee is legally bound to comply with the requirements as individuals can face action for breach of the requirements as there is personal liability specified within some of the legislation.

These requirements, and penalties for breaches, are re-enforced within your contract of employment and the Authority/Trust/Practice Employee Code of Conduct, and also summarised below. In addition any breach of these requirements could be considered a disciplinary offence that could lead to dismissal.

2Your responsibilities as an employee

During the time you are working within the Authority/Trust/Practice as part of your normal duties, you may have access to confidential information that can identify a patient, another member of staff and/or business in confidence information about the Authority/Trust/Practice.

This type of information should not be disclosed to any person outside of your normal working environment, particularly non-Authority/Trust/Practice employees. If you need to disclose/share this information in pursuit of your working duties you will have been granted permission to do this by your line manager.

If you receive a request for information that is not a ‘normal’ request e.g. someone you would normally share information with, you must seek, prior to any release of information, specific permission on behalf of the Authority/Trust/Practice by your manager or another authorised person.

Confidential information includes, but is not limited to, all information of a secret or confidential nature relating to the affairs of any person whose information is held within the Authority/Trust/Practice. This will include: patients, patient’s relatives and friends, employees and any business or affairs of any other person to whom the Authority/Trust/Practice has an obligation of confidentiality and/or secrecy.

Confidential information can also be business information such as waiting times for patients, financial information relating to the Authority/Trust/Practice, employees salaries etc.

You will be provided with a copy of the Authority/Trust/Practice Employee Code of Conduct that will highlight all of your personal responsibilities. You will be expected to have read the Code of Conduct before you sign this contract of employment you as, by agreeing to and signing this contract, you will be accepting receipt of the Code of Conduct and compliance with it’s content.

Nothing in this contract shall prevent disclosure by you of information disclosed for the purpose of making a protected disclosure within the meaning of Part 1V A of the Employments Rights Act 1996 or information which has come into the public domain otherwise than by breach of confidence on your part.

Confidentiality clause for staff contracts

Dated: April 2002 Version 2.0 Page 1 of 4

Relevant Acts of Parliament and NHS guidelines and what they mean for employees

Requirement / What it covers / Personal responsibilities / Penalties for breaches
Data Protection Act 1998 / Person identifiable information about living individuals – manual and automated records (e.g. on computer, video tape, digital images) / Keep all person identifiable information secure and confidential – see Code of Conduct for specific details / Unauthorised disclosure of personal identifiable information could lead to court action and a criminal conviction and/or the payment of compensation to a claimant
Human Rights Act 1998 (Article 8) / An individual’s right to privacy for themselves and their family members / As above / As above
Computer Misuse Act 1990 / Unauthorised access to computer held programs and information/data / Do not use any other persons access rights (e.g. user id and password) to access a computer database / A criminal record and a prison sentence of up to 5 years
Common Law of confidentiality / An individual’s right to confidentiality of their information when alive and once they have died / Keep all information secure and confidential. Also remember this covers wishes of deceased persons – if it is recorded they do not want details of their treatment disclosed when they die this wish will normally need to be respected / Disciplinary action
Caldicott / Security and confidentiality of personal health and social care information for patients and service users / See Code of Conduct and further information available from the A/T/P Caldicott Guardian / Disciplinary action
Contract of employment / Employees responsibilities including security and confidentiality of any information accessed during the course of work / Comply with contract and Code of Conduct / Disciplinary action

Confidentiality clause for staff contracts

Dated: April 2002 Version 2.0 Page 1 of 4