The purpose of this Confidentiality Policy is to lay down the principals that must be observed by all who work at Frome Medical Practice and have access to person-identifiable information or confidential information. All staff need to be aware of their responsibilities for safeguarding confidentiality and preserving information security.

All employees working in the NHS are bound by a legal duty of confidence to protect personal information they may come into contact with during the course of their work. This is not just a requirement of their contractual responsibilities but also a requirement within the Common Law Duty of Confidentiality and General Data Protection Regulation 2018 (GDPR). It is also a requirement within the NHS Care Record Guarantee, produced to assure patients regarding the use of their information.

It is important that Frome Medical Practice protects and safeguards person-identifiable and confidential business information that it gathers, creates, processes and discloses, in order to comply with the law, relevant NHS mandatory requirements and to provide assurance to patients and the public.

This policy sets out the requirements placed on staff when sharing information within the NHS and between NHS and non NHSorganisations.

Person-identifiable information is anything that contains the means to identify a person, e.g. name, address, postcode, date of birth, NHS number and must not be stored on removable media unless it is encrypted as per current NHS Encryption Guidance or a business case has been approved by the Information Governance Manager.

Confidential information within the NHS is commonly thought of as health information; however, it can also include information that is private and not public knowledge or information that an individual would not expect to be shared. It can take many forms including patient level health information, employee records, occupational health records, etc. It also includes Frome Medical Practice confidential business information.

Information can relate to patients and staff (including temporary staff), however stored. Information may be held on paper, removable storage devices for example CD/DVD or USB sticks, computer files or printouts, laptops, tablets, mobile phones, digital cameras or even heard by word of mouth.


Roles and Responsibilities

The Partners

Have overall responsibility for strategic and operational management, including ensuring that Frome Medical Practice’s policies comply with all legal, statutory and good practice guidance requirements.

The Caldicott Guardian

The Caldicott Guardian is responsible for ensuring implementation of the Caldicott Principles with respect to patient-identifiable information.

Information Governance Lead

The Information Governance lead will be responsible for overseeing the development and implementation of Information Governance at Frome Medical Practice and ensure that the Practice complies with supporting the Legal and NHS Mandatory Framework with regards to Information Governance.

The Information Governance lead is responsible for providing advice on request to any member of staff and ensuring that training is provided for all staff groups to further understand the principles and their application.

HR Department

The HR department is responsible for ensuring that the contracts of all staff (permanent and temporary) are compliant with the requirements of the policy and that confidentiality is included in inductions for all staff.

Team Leaders

Team Leaders are responsible for ensuring that the policy and its supporting standards and guidelines are built into local processes and that there is on-going compliance. They must ensure that any breaches of the policy are reported, investigated and acted upon.

All Staff

Confidentiality is an obligation for all staff. Staff should note that they are bound by the Confidentiality: NHS Code of Practice 2003. There is a Confidentiality clause in their contract and that they are expected to participate in induction, training and awareness raising sessions carried out to inform and update staff on confidently issues.

Any breach of confidentiality, inappropriate use of health or staff records, or abuse of computer systems and misuse of smart cards is a disciplinary offence, which could result in dismissal or termination of employment contract, and must be reported.


What is Personal Data?

Personal data is any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.


What is Sensitive Personal Data or Special Categories of Personal Data?

Sensitive personal data is personal data that contains information about:

  • The racial or ethnic origin of the data subject
  • Their political opinions
  • Their religious beliefs or other beliefs of a similar nature
  • Whether a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992)
  • Their physical or mental health or condition
  • Their sexual life
  • Genetic or Biometric data where processed to uniquely identify an individual

Personal data relating to criminal convictions and offences are not included but similar extra safeguards apply to its processing (see Article 10, General Data Protection Regulation 2018)



All staff must ensure that the following principles are adhered to:

Person-identifiable or confidential information must be effectively protected against improper disclosure when it is received, stored, transmitted or disposed of. This includes ensuring that any patient identifiable information cannot be seen by patients when working in areas that can be seen by the public such as the Information Desk, Prescriptions Desks or any Reception Areas. Keep documents face down or covered so that they cannot be seen by patients and do no leave any documents containing patient identifiable information unattended in public areas.

Access to person-identifiable or confidential information must be on a need-to-know basis.

Disclosure of person identifiable or confidential information must be limited to that purpose for which it is required.

Recipients of disclosed information must respect that it is given to them in confidence.

If the decision is taken to disclose information, that decision must be justified and documented.

Any concerns about disclosure must be discussed with The Duty Manager or Caldicott Guardian.

Frome Medical Practice is responsible for protecting all the information it holds and must always be able to justify any decision to share information.

Person-identifiable information, wherever possible, must be pseudonymised by removing as many identifiers as possible whilst not unduly compromising the utility of the data. Pseudonymisation takes the most identifying fields within a database and replaces them with artificial identifiers, or pseudonyms. For example a name is replaced with a unique number. The purpose is to render the data record less identifying and therefore reduce concerns with data sharing and data retention.

Access to rooms and offices where terminals are present or person-identifiable or confidential information is stored must be controlled. Where appropriate doors must be locked with keys, keypads or accessed by swipe card. In mixed office environments measures should be in place to prevent oversight of person-indefinable information by unauthorised parties.

All staff should clear their desks at the end of each day. In particular they must keep all records containing person-identifiable or confidential information in recognised filing and storage places that are locked.

Unwanted printouts containing person-identifiable or confidential information must be put in a confidential waste bin. Printouts and removable storage devices for example USB, CDs, DVDs or external hard drives must not be left out but be filed and locked away when not in use.

All staff sign a contract of employment which includes a commitment to confidentiality. Breaches of confidentiality could be regarded as gross misconduct and may result in serious disciplinary action up to and including dismissal.