Information Sharing Principles Sample Clauses
Information Sharing Principles. Must have lawful authority Must be necessary Must be proportionate Must need to know Must be accountable Must ensure the safety and security of the information shared
Information Sharing Principles. The parties signing up to this agreement will be required to manage information sharing based on, the Caldicott Principles adopted by NHS staff and the overarching 6 key principles for sharing information contained within the ‘Guide to Information Sharing’ (DfES April 2006).
Information Sharing Principles. Personal information must be: • fairly and lawfully processed • processed for specified limited purposes • adequate, relevant and not excessive • accurate and kept up to date • not kept for longer than is necessary • processed in accordance of the rights of the people it relates to • protected by appropriate security • not transferred to other countries without adequate protection
Information Sharing Principles. Parties to this agreement agree to apply the following principles:
4.1 A person’s health, safety and wellbeing is more important than data protection.
4.2 Information sharing is legitimate where it is used to improve services or positively benefit customers or service users, or where it assists in detection of crime and fraud.
4.3 The way personal information is used and with whom it may be shared should be transparent (e.g. privacy notices or verbal scripts).
4.4 Disclosure of sensitive or confidential information requires a person’s explicit consent unless for a statutory purpose.
4.5 The potential consequences of an individual declining consent should be explained to them (e.g. limitations in the provision or quality of service).
4.6 Registered professionals or practitioners involved in an individual’s direct care and support are encouraged to share information in accordance with their respective professional codes of practice. Such sharing may be subject to the common law duty of confidence.
4.7 Decisions to disclose personal confidential information without a person’s knowledge or consent are considered a matter of professional judgement. Such decisions must be judged at an appropriately senior level and are expected to consider the sensitivity and potential impact on a person’s security and safety.
4.8 Disclosure and sharing of information for research, statistical or business intelligence purposes is expected to comply with the ICO Anonymisation Code of Practice (2012)2
4.9 Disclosure of patient information must be approved by an organisation’s Caldicott Guardian or an appropriate responsible officer. 2 Anonymisation: managing data protection risk code of practice (ICO 2012)