Confidentiality and Information Sharing Policy, Procedures and Guidelines
1. Purpose and Scope
Much of the work that Safe & Settled Ltd carries out involves gaining information about individuals and organisations. The purpose of this policy is to clarify for our customers, employees, volunteers, students or secondees, the concern that Safe & Settled Ltd has to ensure that information we receive or use, is treated with appropriate care.
We recognise that whilst it is of benefit to some individuals and organisations to share data with colleagues or partner organisations, personal and sensitive information, including the results of Disclosure and Barring Service checks, will remain confidential. In some circumstances information gained may not be identified as confidential and judgement will need to be exercised about how that information is used by staff, Directors and volunteers.
Safe & Settled Ltd recognises its responsibility under the Data Protection Act 1998.
2. Procedure and Responsibilities
It is the responsibility of every individual at Safe & Settled Ltd to ensure that customers' all personal information remains confidential and is treated appropriately and sensitively as set out in these procedures.
2.1 Requesting information
When requesting information Safe & Settled Ltd, its individual employees or volunteers, will ensure that the information requested is of direct relevance to the service that we provide. General information available in the public domain can be requested or used from any reliable source
Written permission will be obtained where it is necessary to act on behalf of an individual.
Personal information or sensitive information (e.g. personal details, information relating to health, finance, disability, race or to support CRB disclosures) will be processed according to the principles of data protection. That is:
- Obtained and processed fairly
- Held for a specified purpose
- Adequate, relevant and up to date
- Not kept longer than necessary
- Stored information will be kept secure and protected
- General non confidential information about organisations is stored for unlimited access to all Safe & Settled Ltd employees.
- General non confidential information about individuals is stored for use by Safe & Settled Ltd staff where necessary for their role.
- Safe & Settled Ltd will request permission from individuals or the organisation they represent to hold information not in the public domain.
- Personal or sensitive details or information about volunteers and others will be held in lockable filing cabinets or in password protected files.
- Information on databases will be reviewed and updated regularly. Confidential information will only be carried on visits when essential and will be handled carefully and discreetly. Volunteers holding personal information about customers will ensure that details which can identify those individuals (e.g. name with address, copies of referral forms, enter and view visit logs) remain confidential.
- Employees’ personnel information will be kept in a lockable filing cabinet. Their line manager and the Senior Management Team will have access to these files. Employees will be allowed to see their file following a written request giving 14 days’ notice.
- Volunteer personnel information will be stored and accessed in the same manner as that of employees.
- Information about individuals or organisations which is held in written files or on computer must comply with the Data Protection Act. Requests for access to records must be made in writing giving 14 days’ notice. Only information obtained fairly will be processed.
2.2 Sharing information
- Only the minimum information needed will be requested or disclosed.
- Information will only be shared with partner agencies or organisations where it is clearly identified how information will be used or disclosed.
- Messages will be taken and processed in a discreet manner using email where possible for security purposes.
- Personal information will only be shared with the consent of the subject except in the instance where childen or vulnerable adults are at risk.
- Depersonalised information will be provided for monitoring performance management, quality auditing or accounting purposes.
- Employees and volunteers may discuss sensitive personal information about customers with their relevant line manager, as part of their supervision process.
- Employees and volunteers may share information about customers with other employees and volunteers at support meetings as part of the peer supervision process. This must be done in a sensitive manner and employees and volunteers should take care not to reveal the identity of the individual concerned.
2.3 Disposing of information
Safe & Settled Ltd complies fully with the Disclosure and Barring Service Code of Practice regarding the correct handling, use, storage, retention and disposal of Disclosures and Disclosure Information.
Records not required for audit purposes will be disposed of after five years. Manual records will be reviewed on an annual basis to ensure it is relevant and up to date. Sensitive information will be shredded, other information disposed of.
All staff will have an annual request to delete unwanted files and out of date information.
Email information is automatically deleted at least monthly.
Information held on regularly used databases will be updated as changes are identified. All other databases will be updated at least every two years.
HR and Personnel information will be destroyed after five years.
Data and information stored on memory sticks and other portable storage devices will be regularly reviewed and deleted when deemed necessary.
2.4 Duty to Disclose Information
There is a legal duty to disclose some information including:
- Concerns regarding child protection and vulnerable adult protection will be reported to the relevant Social Services Department.
- Drug trafficking, money laundering, acts of terrorism or treason will be disclosed to the Police.
- The belief that an illegal act has taken place, or that a person is at risk of harming themselves or others will be reported to the appropriate authorities. In all cases information about the incident will be recorded by Safe & Settled Ltd personnel or by the individual who passed on the information on an appropriate report form.
2.5 Breach of confidentiality
Employees and volunteers who are dissatisfied with the conduct or actions of other colleagues at Safe & Settled Ltd should raise this with their Line Manager or Senior Management Team using the Grievance procedure. Employees and volunteers will not discuss their dissatisfaction outside of Safe & Settled Ltd.
Accessing unauthorised material or breaching confidentiality is regarded as a serious matter and will result in disciplinary action up to, and including dismissal.
Ex-employees breaching confidentiality may face legal action.
3. Monitoring and Evaluation
This policy will be reviewed periodically. Work practices relating to this policy will be reviewed during one to one supervision.
All Safe & Settled Ltd customers, staff and volunteers will be made aware of, and have access to, this policy.