Confidentiality Policy MANKIND UK recognises that confidentiality is of the utmost importance to service users, and therefore essential to the effective running of the whole service. A “service user” is defined as anyone approaching the service for help, advice or information, and not just those being offered a treatment service. This confidentiality policy is based on the principle that the service user’s interests, wishes and rights are of fundamental importance. An individual who uses MANKIND UK’s services has the right to be confident that: Information collected for service monitoring purposes will not be able to directly identify any individual user of the service. Information given by the service user will only be used for the purpose for which it was disclosed and will not be shared with anyone outside the agency without the express consent of the service user. There are exceptions to this which are detailed below. Every effort will be made to ensure that records are kept so as to avoid service users being easily identified from clinical notes, and all records will be securely stored. See also Data Protection and Information Sharing Policy. Information received by MANKIND UK from the service user will be treated as confidential to the agency. Where the agency wishes, or has been requested, to disclose information to a third party then the full and informed consent of the service user will be requested. The service user has the right to withhold consent, either with regard to a specific piece of information or specific agency, or more generally. If consent is withheld then information will not be shared with a third party, except in exceptional circumstances. Withholding consent to share information may mean that the client cannot access treatment. In some cases service users will provide the agency with information in the expectation that this information will be shared outside the agency, for example, in the form of a referral. Nevertheless, it will still be made clear to the service user what information will be passed on and who will receive it. LIMITATIONS OF CONFIDENTIALITY OFFERED Information about service users is confidential to MANKIND UK as a whole, and not to individual workers. MANKIND UK does not operate a policy of absolute confidentiality. There are three main exceptions to the requirement to maintain confidentiality. These are: (a) When there is a concern that a user of the service is a danger to themselves or others (especially when that individual is a child); (b) When there is a medical emergency; (c) When information is revealed in regard to a serious crime or national security. There may also be circumstances when the Courts can order disclosures. Further details regarding exceptions are found in the ‘BREACHES OF CONFIDENTIALITY’ section of this document. POLICY ON SHARING OF INFORMATION WITHIN THE AGENCY There is an expectation that certain information will be passed between agency workers, including staff who are seconded to the agency by other organisations: The role of Agency staff, paid and volunteer Information about service users is confidential to the agency as a whole, and not to individual workers. Whilst it is essential that all workers within the agency understand and support the Confidentiality Policy and accept responsibility for the security of the information they encounter, this does not mean that all workers have equal access to confidential information. Normally, information will be shared on a “need to know” basis, and good practice will limit to a minimum the sharing of knowledge within the agency. Agency Workers’ Training It is important that all agency staff have a clear understanding of how the principles of confidentiality are embodied in practice. In order to safeguard service user confidentiality, the agency will take all reasonable practical steps through the training and instruction of personnel, together with the administrative arrangements of the service, to prevent disclosure of confidential information. Agency workers’ responsibilities in relation to confidentiality It is the responsibility of the worker to ensure that the service users understand the confidentiality procedures which apply at all stages of their contact with the agency. Staff Contracts All MANKIND UK staff, whether as paid employees, external supervisors, or in a voluntary capacity, will be required to sign a confidentiality contract. Anyone working for the agency who breaches this contract will be liable to disciplinary action under the Staff Disciplinary Procedure. Employees of other organisations who work at the service will be required to conform to these principles too. POLICY ON PROVIDING INFORMATION TO OUTSIDE AGENCIES There are some circumstances in which information may be shared with outside organisations. Service users referred by other organisations The extent of information to be shared with the service user’s referrer (e.g. GP, Social Services, Court, Probation Service, and/or Employer), if any, will be discussed with the service user at the earliest opportunity. If the service user consents to information being shared with the referrer, it will be necessary to distinguish between cases where it is sufficient for the referrer to know that the service user is attending the agency, and those where a greater degree of shared service user information is agreed. Service users who self-refer If the service user is self-referred, information will not normally be shared with a third party. If it becomes necessary to share information outside the agency, every attempt will be made to ensure the full and informed consent of the service user. When an enquiry is received from a partner, relative or friend of the service user, no information of any kind will be imparted without the service user’s express permission. Service users who request contact with other organisations This will be regarded by the agency as a situation where the service user has given consent to information being passed on. It is essential that the service user is clear how much information is being disclosed, and to whom. The worker has an obligation to see that the service user is clear about the consequences of disclosure. OBLIGATIONS OF AGENCY The agency will ensure that staff (both paid and unpaid): are properly qualified, trained and competent to receive confidential information and deal with the issues that are raised. induction involves familiarisation with the agency’s Confidentiality Policy. receive training and support in its implementation throughout their employment with the agency. This involves: details of the agency’s policy communicating the policy to service users iii. safe storage of data (both paper and computer records) procedures for note taking dealing with telephone enquiries procedures for breach of confidentiality Staff are required not to discuss service users outside the agency, or otherwise act in a manner which threatens an individual’s confidentiality. Within the agency, all discussion of service users should be purposeful and not trivialising. RECORDING AND STORAGE OF DATA The nature and scope of records a) The scope and extent of the information to be entered in the service user’s record will be discussed with the service user at the outset of treatment, and checked later in the intervention; b) Records and case-notes should be accurate with a clear distinction between fact and opinion. Service users’ access to files All service users have a right of access to their own records in accordance with: The Data Protection Act 1984 The Access to Personal Files Act 1988 Access to Health Records 1990 A service user wishing to access to his/her record must make a request in writing to the Chair of the Trustees. See Access Policy for Client Records. In some situations, the legislation permits a service user’s access to records to be restricted: Certain information may be held in a service user’s record which concerns, or which has been provided by, a third party. The service user will not have automatic access to this part of the file without express permission from the third party. Access will be withheld if providing access to it would not be in the service user’s best interest. This decision will be made by the Supervision Manager, in consultation with the Counselling Coordinator, and the Office Manager. Storage of data a) Recorded information, either in paper form or computer data, will be held in secure and private storage. The obligations imposed by the Data Protection Act will always be adhered to. b) Movement of confidential information outside physical areas in which it is safeguarded will be avoided as far as possible. c) In the case of adult clients, we will keep inactive files for eight years after the conclusion of treatment, unless they have a mental illness, in which case we will keep the records for twenty years after the conclusion of treatment (or eight years after their death). USE OF INFORMATION FOR PLANNING, RESEARCH AND PUBLICITY Information used for planning purposes by the agency will be presented statistically, or in aggregated form, thus ensuring that individuals are not identifiable and preserving confidentiality. Service users will not be the subject of research or have information about them used in publicity material without their consent. Any approach to the service user, via the agency, by researchers will be treated with the utmost caution. No personal details concerning the service user will be disclosed by the agency. Instead the agency will undertake to brief the service user fully regarding the purpose of such an approach in order to allow the service user to decide whether s/he is prepared to be the subject of inquiry. The agency should warn the service user that neither s/he nor the agency may have control over the researcher’s final material and there is the possibility that confidentiality may be breached. BREACHES OF CONFIDENTIALITY If it appears that confidentiality will have to be breached, the worker will make every effort to discuss the situation with the service user (unless it seems to the worker that this would make the situation worse or if there a potentially violent incident likely to take place), thus encouraging the service user to take responsibility for contacting the relevant authorities. Should the service user decide to disclose the required information, then no breach of confidentiality will have taken place. If the service user is unwilling to take action, the decision to breach confidentiality will not be taken on an individual basis, but by the agency. All decisions to breach will be taken by the Designated Officer, (the CEO), or the Caldicott Guardian (the Chair of Trustees), or by their nominated deputies. Any breach of confidentiality will be minimised by restricting the information conveyed to that which is relevant to the immediate situation. Instances where confidentiality may be breached are under the following headings. Where circumstances fit these criteria the procedure for breaching confidentiality (below) should be followed without exception. Medical Emergency - Where an individual becomes unable to give a coherent response or is unconscious, and is in need of prompt medical attention, it may be deemed appropriate to divulge relevant information to ambulance, nursing or medical staff attending the scene. Violence - Physical violence towards staff or other service users in the agency cannot be tolerated, and in certain circumstances the police may have to be called. If this occurs it would count as a breach of confidentiality Legal - Agency workers will not voluntarily give information either to the courts or to police officers without the service user’s consent, with the following exceptions; Where a court has subpoenaed an individual worker or the Agency as a whole. Terrorism – There is a legal obligation for the counsellor, as a citizen, to pass on information about planned or actual terrorist offences. (Please see G2 information sheet for full details) Drug Trafficking – The counsellor must disclose to the police as soon as practically possible if they know or suspect that a person is concealing money made through drug trafficking and this information came to them in the course of their trade, profession, business or employment. The counsellor must not inform the client that the police have been notified as this could constitute a separate offence. Child Protection – Where there are child protection issues. See also Child And Young Person Safeguarding Policy. PROCEDURE FOR BREACHING CONFIDENTIALITY In the first instance, if a worker feels that the information a service user is giving to him/her may be about to occasion a breach of confidentiality, it is good practice to warn the service user that this may happen. There may be occasions in which the agency worker judges that they will be at risk of violence if they request a client to disclose information. In these cases the worker should seek to bring the session to a close as quickly as possible and see the client from the premises. When this has been achieved, the worker should immediately seek the Designated Officer, Line Manager, or Caldicott Guardian. Do not take action without advice. When circumstances arise where workers feel that a breach of confidentiality is necessary; a) the Service User should be told (unless legal requirement not to), and the Designated Officer, b) or the worker’s Line Manager / Supervisor should be immediately informed. c) In their absence the Caldicott Guardian should be immediately informed. The situation will then be discussed (in the case of medical emergency this may not take long) and a plan for the action to be taken will then be made and carried out. A careful note of the circumstances will be made as part of the case record. The note must show: The extent of the disclosure; To whom it was made and when; The reason for the disclosure; Who was consulted beforehand; Whether the service user was informed, and if so how and when. If the person receiving the information agrees to conditions about how it should be used, a note should also be made of this. If a service user feels that her/his right to confidentiality was not respected by the agency then s/he has a right to invoke MANKIND UK’s Complaints Procedure (see separate policy). He/she may also be able to take legal action. Service users, who wish to complain about a possible breach of confidentiality, or to pursue the matter legally, should not feel that this puts at risk the specific service that they are accessing within the agency. The agency will make all efforts to continue to support that client during the period of the complaint. In addition, when working in H.M.Prisons, we are required to reveal to the authorities any statement made to us about a crime that has not been tried at court. In the event of this information being forthcoming, please contact Mankind UK management. Where it is essential that information is released outside this agency, it must be in accordance with existing protocols on exchange of information with Probation, Health, Social Services, or the Police or Prison Service. Once again, do not take action without taking advice first.