Health and Social Care Act 2001
Article 8 for The European Convention on Human Rights
1.2Summarise the main points of legal requirements and codes of practice for handling information in health and social care The Data Protection Act 1998.
The Act defines personal data as information which relates to a living individual who can be identified from the data or from the data and other information that the data controller is in possession of or is likely to become in possession of. This information may be in electronic or manual form (i.e. paper). The main principals of the act are:
•The data must be fairly and lawfully processed and shall not be processed if certain conditions are not met. •The data must only be obtained for one or more lawful purposes. •The data must be adequate, relevant and not excessive to the purpose for which the data are required. •The data must be accurate and where necessary, kept up to date. •The data must be kept no longer than necessary.
•The data must be processed in accordance with the rights of the individual. •The data must be kept secure against unlawful or unauthorised processing, accidental loss or erasure. •The data must not be transferred to a country outside of the European Economic Area (EEA) unless that country ensures an adequate level of protection. Health and Social Care Act 2001.
Section 60 of this Act gives the Secretary of State for Health the power to make regulations to authorise or require health service bodies to disclose patient information, including data which is patient-identifiable, which is needed to support essential NHS activity, in the interests of improving patient care or in...