SENDING PERSONAL INFORMATION BY POST

This is anagreed set of administrative and physical security procedures that have been designed to minimise the risks of breach of confidentiality or loss of information when sending or taking personal information out of the Trust.

Contents

Part 1 Internal mail and District Transport

Part 2Royal Mail

Part 3Private Courier services

Part 4 Taxis

1.Internal mail, Courier Service Between Campuses and District Transport

Confidential personal information must be securely protected during its transit through the internal or district mail systems.

Single items, i.e. a letter, confidential documents, medical records etc. must be clearly addressed to a known contact and safely secured in a sealed envelope marked “Private and Confidential”

Bulk items e.g. several records going back to file, must be kept in a secure area whilst awaiting collection and only transported via the established secure Trust procedures.

Disks/removable media must not be sent via the internal postal systems unless the data is encrypted. See Security of Information Held on Removable Media guidance.

2.Royal Mail or other postal services

Letters

Confidential correspondence should be clearly addressed to a known individual and secured in a sealed envelope marked “Private and Confidential”. This information can be sent via routine mail services e.g. Royal Mail 1st or 2nd class postal services.

Parcels

Confidential documents e.g. medical records, a confidential report or other personal papers should be:

  1. Securely sealed in an inner envelope clearly addressed to a known contact and marked “Private and Confidential - To be opened by the addressee only”
  2. Securely sealed in a 2nd outer envelope clearly addressed to a known contact and,
  3. Marked “Private and Confidential” and “If undelivered please return to – name, department, hospital address” must be clearly marked on the reverse side
  4. Dispatched via Special Delivery – mark it on the envelope to tell the Post Room
  5. Tracked and a confirmation of receipt obtained and kept.

Disks/removable media

See Security of Information Held on Removable Media guidance.

Any personal data stored on removable media must be encrypted. Any movement of unencrypted personal data is not allowed in the NHS. This is now a requirement across all public sector organisations set by the Cabinet Secretary

Removable media includes: tape, floppy disc, optical discs DVD or CD Rom, memory sticks/USB

Encrypted Information

To encrypt disks and other media see

Encrypted discs should be:

  1. Securely sealed and protected in a robust envelope e.g. “jiffy bag”
  2. Marked “Private and Confidential” and “If undelivered please return to – name, department, hospital address” must be clearly marked on the reverse side
  3. Dispatched via recorded Mail or equivalent e.g. (tracked) DX - mark it on the envelope to tell the Post Room
  4. Tracked and a confirmation of receipt obtained and kept

The encryption key (password) must be dispatched securely and separately only when receipt of the disc has been confirmed.

Further guidance is available on

Unencrypted information

Data that cannot be encrypted, e.g. a tape, must only be sent via Royal Mail Special Delivery service.

The information must be:

  1. Securely sealed and protected in a robust envelope e.g. “jiffy bag”
  2. Marked “Private and Confidential” and “If undelivered please return to – name, department, hospital address” must be clearly marked on the reverse side
  3. Dispatched via Special Delivery – mark it on the envelope to tell the Post Room
  4. Tracked and a confirmation of receipt obtained and kept

3Private Courier Services

Confidential information held on electronic media e.g. a disk/CD Rom must not be sent via courier service unless it is encrypted. (This is Department of Health policy – David Nicholson January 2008)

Confidential information that cannot be encrypted must always be securely protected and the following procedures adhered to, to ensure its security during transit.

NUH authorised courier services should be used to transport encrypted confidential information or non-encrypted confidential paper based information as per part 1 of this guidance.

Authorised courier services are:

  • NUH Internal Logistics services
  • NUH Courier Service between Campuses
  • District Transport (managed by Nottinghamshire Healthcare Trust)
  • TNT - for contracted medical records services

Other courier services should not be used to transport confidential information unless it is absolutely necessary and no other service is available.

If a private courier is used, the following procedures must be adhered to ensure adequate security measures:

  • Authority to use courier service is obtained from appropriate level of management.
  • A signature sheet is used to capture details of handover/takeover of the data disks
  • The data file creation is authorised (name/role/date/time).
  • The data file is created by (name/role/date/time) and is burned to DVD/CD and encrypted in accordance with Department of Health guidelines.
  • Packaging is checked to ensure it is sufficient to protect the contents from any physical damage likely to arise during transit such as exposure to heat, moisture or electromagnetic fields;
  • The identification of courier is checked before handover of media
  • The courier collects the encrypted disk and the signature sheet is signed by both parties
  • A telephone call to notify despatch is made from the despatching organisation to a named individual in the receiving organisation. The data disks are couriered directly to the destination
  • Nominated staff at the destination receive the disks and sign the signature sheet.
  • The recipients in the presence of the couriers upload the data from the disks to the secure system.
  • The couriers then notify the despatching organisation and request pass phrase is forwarded to recipient.
  • The recipient decrypts data with the received pass-phrase and confirms that the data can be used by the appropriate database applications.
  • The disks are then given back to the couriers with appropriate signatures and returned to the despatching organisation for destruction.
Part 4 - Taxis
  • The transfer of medical records by taxi must only be used in urgent cases where there is no alternative method of secure authorised courier transport available.
  • Only Trust contract Taxi services (DG) can be used to transport confidential medical records
  • The medical record must be securely protected in a sealed envelope, marked “Private and Confidential” and clearly addressed to a known individual. “If undelivered please return to – name, department, hospital address” must be clearly marked on the reverse side.
  • The recipient must be informed to expect the confidential information by taxi so that it can be collected immediately upon delivery.

Updated April 2008

ICT Services

Information Governance