What is Caldicott?
Maintaining the legal right to patient confidentiality continues to be an important commitment for the Trust. To ensure the principles are upheld, we have appointed a Caldicott Guardian, Denise Townsend, Director of Nursing, who has responsibility to ensure the protection of patient confidentiality throughout the Trust.
What are the Caldicott Principles?
Principle 1. Justify the purpose(s) for using confidential
Every proposed use or transfer of personal confidential data
within or from an organisation should be clearly defined,
scrutinised and documented, with continuing uses regularly
reviewed, by an appropriate guardian.
Principle 2. Don't use personal confidential data unless
it is absolutely necessary
Personal confidential data items should not be included unless
it is essential for the specified purpose(s) of that flow. The need
for patients to be identified should be considered at each stage of
satisfying the purpose(s).
Principle 3. Use the minimum necessary personal
Where use of personal confidential data is considered to be
essential, the inclusion of each individual item of data should be
considered and justified so that the minimum amount of personal
confidential data is transferred or accessible as is necessary for
a given function to be carried out.
Principle 4. Access to personal confidential data should
be on a strict need-to-know basis
Only those individuals who need access to personal confidential
data should have access to it, and they should only have access to
the data items that they need to see. This may mean introducing
access controls or splitting data flows where one data flow is used
for several purposes.
Principle 5. Everyone with access to personal confidential
data should be aware of their responsibilities
Action should be taken to ensure that those handling personal
confidential data - both clinical and non-clinical staff - are made
fully aware of their responsibilities and obligations to respect
Principle 6. Comply with the law
Every use of personal confidential data must be lawful. Someone
in each organisation handling personal confidential data should be
responsible for ensuring that the organisation complies with legal
Principle 7. The duty to share information can be as
important as the duty to protect patient confidentiality
Health and social care professionals should have the confidence
to share information in the best interests of their patients within
the framework set out by these principles. They should be supported
by the policies of their employers, regulators and professional