Privacy Policy
| ||
Last Reviewed 23 Feb ’24 | Last Amended Next Planned Review in 12 months, or 23 Feb ’24 sooner as required. | |
Business impact | LOW IMPACT | Minimal action required circulate information amongst relevant parties. |
Reason for this review | Scheduled review | |
Were changes made? | Yes | |
Summary: | This Privacy Policy and Procedure sets out the systems and process with regards to privacy. It has been reviewed with no significant changes. References and further reading links have been checked and updated. | |
Relevant legislation: | • The Care Act 2014 • Equality Act 2010 • The Health and Social Care Act 2008 (Regulated Activities) Regulations 2014 • Human Rights Act 1998 • Mental Capacity Act 2005 • Data Protection Act 2018 • UK GDPR | |
Underpinning knowledge – What have we used to ensure that the policy is current: | • Author: Information Commissioner’s Office, (2024), UK GDPR guidance and resources. [Online] Available from: https://ico.org.uk/for-organisations/guide-to-data– protection/guide-to-the-general-data-protection-regulation-gdpr/ [Accessed: 23/2/2024] • Author: Skills for care, (2024), Care Certificate. [Online] Available from: https://www.skillsforcare.org.uk/Learning-development/Care-Certificate/Care- Certificate.aspx [Accessed: 23/2/2024] • Author: Care Quality Commission, (2023), Regulation 10: Dignity and respect. [Online] Available from: https://www.cqc.org.uk/guidance-providers/regulations– enforcement/regulation-10-dignity-respect [Accessed: 23/2/2024] • Author: Care Quality Commission, (2023), Using cameras or other recording equipment to check somebody’s care. [Online] Available from: https://www.cqc.org.uk/contact– us/report-concern/using-cameras-or-other-recording-equipment-check-somebodys– care [Accessed: 23/2/2024] • Author: NHS Digital, (2024), Data Security and Protection Toolkit. [Online] Available from: https://www.dsptoolkit.nhs.uk/ [Accessed: 23/2/2024] | |
Suggested action: | • Encourage sharing the policy through the use of the QCS App | |
Equality Impact Assessment: | QCS have undertaken an equality analysis during the review of this policy. This statement is a written record that demonstrates that we have shown due regard to the need to eliminate unlawful discrimination, advance equality of opportunity and foster good relations with respect to the characteristics protected by equality law. |
1. Purpose |
1.1 To support the human rights of the Service Users and ensure that Medcom Personnel Ltd complies with legislation and regulation in relation to the privacy of individuals. 1.2 This policy covers the day-to-day considerations of ensuring privacy whilst supporting Service Userss. This policy should be read in conjunction with the suite of associated policies and procedures at Medcom Personnel Ltd such as UK GDPR in relation to data protection information sharing. 1.3 To support Medcom Personnel Ltd in meeting the following Key Lines of Enquiry/Quality Statements (New): |
|
Key Question Key Lines of Enquiry Quality Statements
CARING | C1: How does the service ensure that people are treated with kindness, respect and compassion, and that they are given emotional support when needed? | QSC1: Kindness, compassion and dignity |
CARING |
C3: How are people’s privacy, dignity and independence respected and promoted? | QSC1: Kindness, compassion and dignity QSC3: Independence, choice and control |
RESPONSIVE | R1: How do people receive personalised care that is responsive to their needs? | QSR1: Person- centred care |
SAFE | S1: How do systems, processes and practices keep people safe and safeguarded from abuse? | QSS3: Safeguarding |
WELL-LED |
W1: Is there a clear vision and credible strategy to deliver high-quality care and support, and promote a positive culture that is person- centred, open, inclusive and empowering, which achieves good outcomes for people? | QSW1: Shared direction and culture QSW2: Capable, compassionate and inclusive leaders |
1.4 To meet the legal requirements of the regulated activities that Medcom Personnel Ltd is registered to provide:
- The Care Act 2014
- Equality Act 2010
- The Health and Social Care Act 2008 (Regulated Activities) Regulations 2014
- Human Rights Act 1998
- Mental Capacity Act 2005
- Data Protection Act 2018
- UK GDPR
- The following roles may be affected by this policy:
- All staff
- The following Service Userss may be affected by this policy:
- Service Userss
- The following stakeholders may be affected by this policy:
- Family
- External health professionals
- Local Authority
- NHS
- To reinforce the requirement, in accordance with professional codes of conduct, to ensure that privacy is maintained as per the Service Users’s wishes.
- To provide clarity and standard practice recommendations to staff at Medcom Personnel Ltd to
ensure that Service Userss have dignity and privacy when they need and want it. This policy is fully aligned with:
- Health and Social Care Act 2008 (Regulated Activities) Regulations 2014
- Regulation 10: Dignity and Respect
- To ensure that Service Userss’, employees’ and stakeholders’ personal data and information is treated with the same level of protection around privacy.
- Medcom Personnel Ltd recognises the right of Service Userss to be left alone, undisturbed and free from intrusion and public attention. The Service Users also has a right to privacy with regard to their personal affairs, data and their belongings.
- Staff will adhere to the human rights of individuals and work in accordance with professional codes of conduct, the Information Commissioner’s Office (ICO) guidance, UK GDPR and Data Protection Policies and Procedures at Medcom Personnel Ltd.
Intentional breaches of privacy will be fully investigated with appropriate bodies informed and lessons learnt.
5.1 Care Planning at the Start of a Service
- The needs of the Service Users regarding privacy will always be considered during the care planning stage to ensure that Medcom Personnel Ltd can effectively meet the person’s needs
- This assessment will include what information about them can be shared and with This includes the Service Users providing formal consent to share information. Where capacity is an issue, the principles of the Mental Capacity Act and associated best interest guidance will be followed
- Preferred Service Users wishes must be communicated to other relevant staff at Medcom Personnel Ltd
- Where possible, the care planning process will be completed in a private area where the Service Users can feel able to discuss areas of their care needs. This is particularly relevant if an assessment is taking place in a hospital or respite setting prior to discharge home
5.2 Service Users Rights
- Service Users choices in relation to privacy will be respected at all times and all information relating to them will be treated in a confidential manner
- Medcom Personnel Ltd recognises the right of Service Userss to be left alone, undisturbed and free from intrusion and public attention. The Service Users also has a right to privacy with regard to personal data and both personal affairs and belongings
5.3 Staff Expectation, Behaviour and Professionalism
- Staff will follow professional codes of conduct as well as operational policies and procedures at Medcom Personnel Ltd when considering privacy for Service This includes all staff expectations around professionalism of communication
- Staff will only discuss Service Userss in the work environment if it is for the purpose of assessment, management and evaluation of care
- Staff will not discuss any aspect of the Service Users’s care outside of the work environment
5.4 Records Management
- Records will be designed, used and stored in a manner which assures privacy
- Records will only be made available to the Service Users’s family and main Care Worker according to the wishes of the Service Users or if information requests fulfil the legal requirements for doing so
- Staff can refer to the Record Keeping Policy and Procedure for further information and guidance
- Information sharing with appropriate health professionals will be done in line with UK GDPR and Data Protection Policies and Procedures at Medcom Personnel Ltd
5.5 Personal Care and Privacy
- Particular attention will be given to preserving privacy in the use of bathrooms, toilets and when supporting any aspect of personal care. At the same time, health and safety and personal risk management will be considered and discussed
- Staff will ensure, with Service Users consent, that curtains/blinds/doors are closed in order to ensure privacy during personal care and moving and handling
- Any personal and sensitive items that may be deemed necessary such as care equipment (for example continence aids, catheters, dressings) will be kept out of view at all times to ensure that privacy is maintained
- Staff will always knock on the Service Users’s door and await a response before entering the Privacy will be respected around the Service Users’s home at all times
5.6 Photography and Filming
Staff can refer to the policies available with regard to privacy, photography, filming and the use of CCTV at Medcom Personnel Ltd and to relevant CQC guidance.
5.7 Breach in Privacy
- Any breach in the privacy of a Service Users will be considered a serious event. The incident will be fully investigated in accordance with UK GDPR, Data Protection Policies and Procedures at Medcom
Personnel Ltd and there will be evidence available about what has been learnt to ensure that the risk of reoccurrence is reduced. Disciplinary action will be taken where the incident is considered to have been caused with intent
- Any environmental or equipment fault which reduces the privacy of any Service Users must be reported to the Registered Manager or senior member of staff
- Breaches of privacy of a serious nature will be referred to the local Safeguarding Board and appropriate regulatory body notifications will be completed by Mrs Irene Mtisi or delegated other, who has the relevant skills, knowledge and experience
5.8 Training and Education
- Privacy forms part of the Care Certificate for care New staff who have not already completed this will be expected to achieve this unit
- Staff will be expected to review their professional code of conduct and be aware of what this means in practice
- Training will be given with regard to UK GDPR and Data Security and Protection
- Privacy will form part of the supervision process agenda at Medcom Personnel Ltd as well as at staff and Service Users meetings in order to review practice, seek feedback and determine quality assurance
5.9 Capacity and Privacy
The same rights of privacy apply to individuals who are proven to lack capacity, therefore staff must do the following:
- Establish any previously expressed views or wishes of the individual regarding privacy from family and others
- Observe Service Users behaviours to identify what the preferences may be for that individual wishing to have privacy
- Continue to follow the core principles and practices as detailed within this policy, if deemed to be in the best interests of the Service Users to do so (in accordance with the Mental Capacity Act) when weighing up privacy. Refer to associated policies and procedures for further guidance
6.1 Information Commissioner’s Office
- The ICO is the UK’s independent body set up to uphold information rights in the public interest
- This covers the following legislation:
- Data Protection Act
- Freedom of Information Act
- Privacy and Electronic Communications Regulations
- General Data Protection Regulation (UK GDPR)
- Environmental Information Regulations
- INSPIRE Regulations
- eIDAS Regulation
- Re-use of Public Sector Information Regulations
- NIS Regulations
- Investigatory Powers Act
6.2 Human Rights
- Human rights are the basic rights and freedoms that belong to every person in the world, from birth until They apply regardless of where you are from, what you believe or how you choose to live your life. They can never be taken away, although they can sometimes be restricted; for example, if a person breaks the law, or in the interests of national security
- These basic rights are based on values like dignity, fairness, equality, respect and But human rights are not just abstract concepts, they are defined and protected by law. In Britain our human rights are protected by the Human Rights Act 1998
6.3 Privacy
- In literal terms, privacy is defined as a state in which one is not observed or disturbed by other people, or the state of being free from public attention
- For the purposes of health and social care, privacy is very personal and means different things to different Therefore in order to respect people, privacy services need to be personalised as much as possible
6.4 Care Certificate
- The Care Certificate identifies a set of standards that social care and health workers It describes the minimum standards that should be covered as part of the induction training of new care workers
Professionals providing this service should be aware of the following:
- Any breach of a person’s privacy is a serious event and will be fully investigated to ensure there is a period of learning, reflection and change in practice
- The environment where Service Userss are supported needs to accommodate the ability to promote privacy
- Your professional codes of conduct refer to your accountability in relation to supporting people with maintaining privacy
- It is a fundamental right for everyone to have privacy and as professionals, your role is to promote and adhere to this right
People affected by this service should be aware of the following:
- Information about you will only be shared with your permission, or if you are unable to give permission, when it is deemed to be in your best interest to do so
- You have full rights to Staff will discuss what your wishes are around this and what that means for you
- Staff supporting you will respect your privacy wishes and support you in providing environments that are private
As well as the information in the ‘underpinning knowledge’ section of the review sheet we recommend that you add to your understanding in this policy area by considering the following materials:
Many further reading resources combine best practice of privacy with dignity and respect, the following sites contain further information and guidance for health and social care professionals:
Dignity in Care – Getting the Basics Right: https://www.dignityincare.org.uk/Resources/Useful_resources_for_Dignity_Champions/Dignity_Map/getting_the_basi Dignity in Care – Privacy:
https://www.dignityincare.org.uk/Resources/Respecting_dignity/Privacy/
NICE Guidelines: Home Care – delivering personal care and practical support to older people living in their own homes:
https://www.nice.org.uk/guidance/ng21/chapter/Recommendations
To be ‘ outstanding ’ in this policy area you could provide evidence that:
- The wide understanding of the policy is enabled by proactive use of the QCS App
- Regular audits take place that review the privacy practices at Medcom Personnel Ltd
- Privacy forms a core agenda item for staff meetings, training and supervisions
- Service Userss are provided with an opportunity to feedback their experiences in relation to privacy in order for practice review and quality assurance
- Staff follow the principles and practices of this policy