Data protection is the protection and the legal control over access to and the use of all data stored physically and electronically. It is defined by the Data Protection Act (DPA) of 1998 and was updated by the General Data Protection Regulations (GDPR) in 2018.
Confidentiality of information is a key part of maintaining dignity for those using health and social care services. The DPA requires public bodies and their data controllers to comply with a range of predefined principles.
What are the principles of the protection of data?
The Data Protection Act controls how your personal information is used by organisations, businesses or the government. Everyone responsible for using data has to follow strict rules enforced by the Information Commissioners Office (ICO). They must make sure the information is:
- used fairly and lawfully
- used for limited, specifically stated purposes
- used in a way that is adequate, relevant and not excessive
- kept for no longer than is absolutely necessary
- handled according to people's individual rights
- kept safe and secure
- not transferred outside the European Economic Area without adequate protection
Can information be withheld?
There are some situations when organisations are allowed to withhold information, for example for:
- the prevention, detection or investigation of a crime
- national security or the armed forces
- the assessment or collection of tax
- judicial or ministerial appointments
In these circumstances, the organisation doesn't have to say why they're withholding information.
What does a Data Protection course cover?
While GDPR legislation has updated how the law is to be implemented in care homes (as well as any business), a data protection course will typically cover the following:
- General and sensitive personal data
- Protect personal data when dealing with customers
- Learn to process personal data safely
- Eight principles of DPA
The GDPR is an EU regulation and is read alongside the DPA, which was updated in the UK in 2018.
Further information on the GDPR and steps to ensure your care home is compliant can be found at ico.org.uk/media