Presentation is loading. Please wait.

Presentation is loading. Please wait.

Appropriate Data Sharing in Health and Social Care

Published byBrian Bishop Modified over 6 years ago

Similar presentations

Presentation on theme: "Appropriate Data Sharing in Health and Social Care"— Presentation transcript:

1 Appropriate Data Sharing in Health and Social Care
Data Protection Reform in Local Government Regional Conference Mark Golledge, Programme Manager, Health and Social Care, LGA David Evans, Senior Information Governance Advisor, NHS Digital Date

2 Outline General Data Protection Regulations (GDPR) and Data Protection Bill Common Law Duty of Confidentiality Consent – To consent or to not consent… Caldicott Standards and Data Protection and Security Toolkit Opt out Model Things to Consider

3 1. GDPR and Data Protection Bill
GDPR - processing is fair, lawful and transparent Lawful specifically includes that the common law duty of confidentiality is also satisfied Organisations must establish, record and inform subjects about the lawful basis they are relying on This means: an Article 6 condition is satisfied (for personal data); and an Article 9 condition is satisfied (for special categories of data) and To respect confidentiality (common law): there is consent from an individual or there is another legal basis to set aside common law

4 1. GDPR and Data Protection Bill
Lawfulness of Processing 6(1)(a) – Consent 6(1)(b) – Performance of a contract (care providers) 6(1)(c) – Compliance with a legal obligation 6(1)(e) – Public interest or official authority functions Processing Special Categories of Personal Data 9(2)(a) – Explicit consent 9(2)(b) – Safeguarding for direct care 9(2)(h) – Medical treatment and social care provision 9(2)(j) – Research or statistical purposes

5 1. GDPR and Data Protection Bill
The Data Protection Bill states that this includes circumstances in which it is carried out: By or under the responsibility of a health professional or social work professional By another person who in the circumstances owes a duty of confidentiality under an enactment or rule of law (i.e. non-registered professionals) Social workers are regulated by the Health and Care Professions Council and expected to adhere to professional codes of practice

6 2. Common Law Duty of Confidence
Meet both GDPR and common law duty of confidence requirements “Consent” to meet the common law is different to consent to processing under GDPR. Consent may be obtained for confidentiality – not needed for GDPR No need to change consent practices if consent not used for GDPR processing

7 3. To consent or not consent…
Using consent under GDPR: Public bodies must keep a record of where someone has obtained consent In order for consent from an individual to be valid under the GDPR it is required to comply with the following: To be freely given To be specific To be informed To be unambiguous A clear affirmative act Article 29 Working Party guidance on consent:

8 3. To consent or not consent…
For social care: Imbalance of power and the data subject will have no realistic alternatives to accepting processing. Maintain a record of social care involvement. If you use, the data subject has rights to withdraw consent as well as erase the data. However, you may still wish to seek consent to meet the requirements of the common law duty of confidentiality. Right to Erasure Right to Portability Right to Object Consent X but right to withdraw consent Contract Legal obligation Vital interests Public task Legitimate interests

9 3. To consent or not consent…
For common law purposes there are two general types of consent: Implied consent – assumed where the use of the information is to support direct care Explicit consent - i.e. a patient has agreed to the use of their data for a purpose; this does not have to meet GDPR requirements but does need to be transparent and supported by appropriate information Other clear legal basis Section 251 application NHS Digital collects under direction Public Interest

10 4. Caldicott Standards & Data Protection and Security Toolkit
Caldicott Report introduced a new set of data security standards alongside a proposal for a new opt-out model Data security standards will form part of the replacement for the IG Toolkit which will launch from April 2018. organisations

11 5. Opt Out Model From May 2018 Public will be able to register to opt out of their personal and confidential information being used beyond direct care (online and paper) Between May 2018 and 2020 opt outs will be applied to data Webinars to understand impact on Local Government: Friday 26 January :00-12:00 Wednesday 14 February :00-12:00 Thursday 15 February :00-16:00 To book a place,

12 6. Things to consider GDPR
Have you identified (and communicated via your privacy notice) the legal basis for processing data under the GDPR? Have you documented your lawful basis decision to demonstrate compliance? Where consent is being used as the legal basis have you made sure that you are able to meet all the requirements set by the GDPR?

13 6. Things to consider Common Law Duty of Confidence
Have you determined how to meet the common law duty of confidence when sharing information i.e. is information being shared through informed consent, explicit consent or another basis (i.e. confidence is “set aside” through Section 251 of the NHS Act 2006)? Caldicott Standards & Data Security and Protection Toolkit Are you sighted on plans for the new Data Security and Protection Toolkit launching in April 2018? Are you considering how to support care providers in meeting their responsibilities under GDPR? Some councils are supporting them directly.

Download ppt "Appropriate Data Sharing in Health and Social Care"

Similar presentations

NATIONAL INFORMATION GOVERNANCE BOARD

NATIONAL INFORMATION GOVERNANCE BOARD
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales  2074 6677  2074 5626 

DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales   
The EU General Data Protection Regulation Frank Rankin.

The EU General Data Protection Regulation Frank Rankin.
Ethical, legal and social aspects of public health genomics Mark Taylor, School of Law, University of Sheffield 7 th November 2014.

Ethical, legal and social aspects of public health genomics Mark Taylor, School of Law, University of Sheffield 7 th November 2014.
General Data Protection Regulation (EU 2016/679)

General Data Protection Regulation (EU 2016/679)
Preparing for the GDPR Helping us to help you.

Preparing for the GDPR Helping us to help you.
Data Protection Officer’s Overview of the GDPR

Data Protection Officer’s Overview of the GDPR
Key changes with the GDPR

Key changes with the GDPR
The future of data protection: General Data Protection Regulation

The future of data protection: General Data Protection Regulation
Student Privacy in an Ever-Changing Digital World

Student Privacy in an Ever-Changing Digital World
Microsoft 365 Get help with regulatory compliance

Microsoft 365 Get help with regulatory compliance
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
Operationele blik op GDPR

Operationele blik op GDPR
GDPR – Legal Aspects Desislava Krusteva, Attorney-at-Law, CIPP/E

GDPR – Legal Aspects Desislava Krusteva, Attorney-at-Law, CIPP/E
General Data Protection Regulations: what you really need to know

General Data Protection Regulations: what you really need to know
General Data Protection Regulation

General Data Protection Regulation
The National Data Guardian review & Government response

The National Data Guardian review & Government response
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
About the national data opt-out

About the national data opt-out

Similar presentations

Ads by Google