Patient Confidentiality

Is your Data handling and Confidentiality SOP fit for 2023?

As the world of data and technology rapidly evolves, it is important to ensure your practice
is up-to-date on how you gather, store and share your patient and employee data.

Effective information governance policies and procedures are essential for managing an
organisation’s information assets, ensuring compliance with regulations and laws, and
safeguarding confidential information while maintaining data accuracy and integrity. It
is also important
to ensure that your practice’s handling of patient and employee data is in
line with GDPR guidelines.

It is the responsibility of all dispensary staff to familiarise themselves with the Practice
Information Governance policy, GDPR guidelines and the Caldicott Principles and adhere
to these. Compliance with these is a condition of employment and breach of policy may
result in disciplinary action.

Our SOP Dispensary Confidentiality DPX-D5 will help to ensure patient confidentiality when
using, storing and accessing patient information.

The scope of DPX-D5 will help ensure:

  • Patient information will only be accessed in reference to patient care or treatment
  • Patient information will be kept up to date and stored securely
  • The sharing of information remains within strict professional boundaries
  • Patients right to confidentiality and understanding how their information is used and stored
  • Effective reporting in a breach of confidentiality

Key Points

  • Patient information should not be used or disclosed in a form that may identify them without their consent
  • All Patient information must be regarded as confidential
  • Access to patient information must be on a need-to-know basis only in purposes of care or treatment
  • Smartcards must not be left logged in to computers when not in use
  • Lock computers when not in use
  • Position computer screens so they cannot be seen by anyone from the waiting room or through windows
  • Be aware when using the telephone, so as not to be overheard sharing sensitive patient information
  • Prescriptions and dispensed medicines must not be stored in such a way as to be able to view sensitive
    information by other patients/carers/general public

        References: The Caldicott Principles & data protection

Dispex members can login to view our comprehensive Dispensary Confidentiality SOP (DPX-D5) in full.
Should your team require training in this area, please
email us.