Understand requirements for handling information in health and social care settings
identify legislation and codes of practice that relate to handling information in health and social care
•data protection act 1998
•freedom of information act 2000
•human rights act 1998
Summarise the main points of legal requirements and codes of practice for handling information in health and social care.
The Data Protection Act 1998 (DPA) is a United Kingdom Act of Parliament which defines UK law on the processing of data on identifiable living people. It is the main piece of legislation that governs the protection of personal data in the UK. Although the Act itself does not mention privacy, it was enacted to bring UK law into line with the EU data protection directive of 1995 which required Member States to protect people's fundamental rights and freedoms and in particular their right to privacy with respect to the processing of personal data. In practice it provides a way for individuals to control information about themselves. Most of the Act does not apply to domestic use, for example keeping a personal address book. Anyone holding personal data for other purposes is legally obliged to comply with this Act, subject to some exemptions. The Act defines eight data protection principles. It also requires companies and individuals to keep personal information to themselves.
Freedom of information
General right of access to information held by public authorities.
(1) Any person making a request for information to a public authority is entitled— •To be informed in writing by the public authority whether it holds information of the description specified in the request, and • If that is the case, to have that information communicated to him. (2) Where a public authority—
•reasonably requires further...