Website of the Department of Health
Please note that this website has a UK government access keys system.
Page menu
You are here:
Useful links, publications and legislation
-
Last modified date:22 September 2008
Additional information about patient confidentiality covering areas of legislation, regulation and guidance.
NHS Connecting for Health has developed an Information Governance (IG) toolkit, which will provide information on standards in information governance, guidance, awareness and educational materials, performance measurement tools and support for implementing the standards. Key areas will include confidentiality and the Data Protection Act, information governance management, security, records management and social care.
The Information Commissioner is the independent authority responsible for overseeing and governing the Data Protection Act 1998 and the Freedom of Information Act 2000. He has a range of duties including promotion of good information handling and encouragement of codes of practice for data controllers (those who decide how and why personal data are processed). His web site provides guidance on general issues relating to data protection and freedom of information, but also provides a large amount of health-specific guidance.
Relevant legislation
- Data Protection Act 1998. This Act governs processing of personal data about all living people in the UK. It sets out principles for information handling which all data controllers must comply with. Its remit includes access to health records of living people, and patients' rights to have inaccurate information corrected.
- Access to Health Records Act 1990. This Act has mostly been superseded by the Data Protection Act 1998, and now only governs access to the health records of deceased people.
- Access to Medical Reports Act 1988. This Act governs access to medical reports produced about patients, by the clinician normally concerned with their care, for employment and insurance purposes.
- The Access to Health Records Act 1990 (opens new window)
- The Access to Medical Reports Act 1988 (opens new window)
- Data Protection Act 1998 (opens new window)
- Health and Social Care (Community Health and Standards) Bill (opens new window)
- The Data Protection (Notification and Notification Fees) Regulations 2000 (opens new window)
- The Data Protection (Fees under section 19(7)) Regulations 2000 (opens new window)
- The Data Protection (Processing of Sensitive Personal Data) Order 2000 (opens new window)
- The Data Protection (Subject Access) (Fees and Miscellaneous Provisions) Regulations 2000 (opens new window)
Health Service Circulars
Health Service Circulars are guidance documents issued by the Department of Health which NHS staff must comply with. They include guidance on Records Management, implementing the Data Protection Act.
- HSC 1998/089: Implementing the recommendations of the Caldicott report consultation paper on "Caldicott guardians" and NHS strategic tracing service
- HSC 1998/203: Health records requests for access by patients and their representatives
- HSC 2000/009: Data Protection Act 1998: protection and use of patient information
- HSC 2002/003: Implementing the Caldicott standard in social care: appointment of Caldicott guardians
- HSC 1999/001: The provision of patient information by NHS Trusts to the Department of Social Security requests for information used for benefit assessment purposes
Additional links
The NHS Confidentiality Code of Practice
Guidelines on the use and protection of patient information, November 2003.
NHS Care Record Guarantee
The NHS will use records about you in ways that respect your rights and promote your health and wellbeing.
Access keys
