- The information should only be used for the purposes explained when it was collected.
- The information should not be disclosed to anyone who has no right to know it.
- The information collected should be relevant and contain no more than it is necessary for its purpose.
- The information should be accurate when collected and where necessary kept up to date.
- Individuals should have access to the data held about them.
- Appropriate security measures should be taken to prevent unauthorised access to data.
The Data Protection Act does not require care workers to keep secrets; it is possible to share relevant information and important details with others. However this is usually only done on a need to know basis. The “need to know” policy works in junction with The Caldicott Principles as well as the Date Protection Act. The Caldicott Principles has six principles which guide the maintenance and sharing of personal information in health and social care settings.
Another piece of legislation which relates to handling of information is The Health and Social Care Act 2008. This Act relates to keeping accurate and confidential records, storing records safely and destroying records safely. The details from this law are incorporated into the compliance Guidance for social care settings issued by the CQC.
Policies and legislations on data handling affects my work and work role, as care assistants use and update information on service users on a daily basis. For example updating a service users care plan is completed so that it is suitable