Caldicott Guardian

A Caldicott Guardian is a senior person responsible for protecting the confidentiality of people’s health and care information, and making sure it is used properly.

All NHS organisations and local authorities which provide social services must have a Caldicott Guardian.

The Caldicott Guardian for this surgery is Dr. G.P. Hopkinson and the deputy is Dr B Qureshi.

When making decisions or giving guidance, the Caldicott Guardian refers to the Caldicott Principles,
which are outlined below;

1. Justify the purpose. Every proposed use or transfer of personal confidential data within or
from an organisation should be clearly defined, scrutinised and documented, with
continuing uses regularly reviewed, by an appropriate guardian.
2. Don’t use personal confidential data unless it is absolutely necessary. Personal confidential
data items should not be included unless it is essential for the specified purpose of that flow.
The need for patients to be identified should be considered at each stage of satisfying the
purpose.
3. Use the minimum necessary personal confidential data. Where the use of personal
confidential data is considered to be essential, the inclusion of each individual item of data
should be considered and justified so that the minimum amount of personal confidential is
transferred or accessible as is necessary for a given function to be carried out.
4. Access to personal confidential data should be on a strict need-to-know basis. Only those
individuals who need access to personal confidential data should have access to it, and they
should only have access to the data items they need to see. This may mean introducing
access controls or splitting data flows where one data flow is used for several purposes.
5. Everyone with access to personal confidential data should be aware of their responsibilities.
Action should be taken to ensure that all staff-clinical and non clinical--are made fully aware
of their responsibilities and obligations to respect patient confidentiality.
6. Comply with the law. Every use of personal confidential data must be lawful
7. The duty to share information can be as important as the duty to protect patient
confidentiality. Health and social care professionals should have the confidence to share
information in the best interests of their patients within the framework set out by these
principles. They should be supported by the policies of their employers, regulators and
professional bodies.