Confidentiality means protecting personal information. This information might include details of a service user’s lifestyle, family, or health which they want to be kept private. Service users expect GMD staff and volunteers to protect their confidentiality at all times.
Your responsibility to respect and protect the confidentiality of service users applies within your role, outside of the role, and after you stop working with us. It applies to all aspects of communication within your personal life, online, in person, in writing and over the phone. A person’s right to privacy and confidentiality continues after they have died.
Information about a service user can be ‘identifiable’ or ‘anonymised’.
By identifiable information we mean any information you hold about a service user that could identify them. You must treat this information as confidential.
Identifiable information can include:
− personal details, such as names and addresses
− information about a service user’s health that could identify them
− photos, videos or other images; and
− other information that a service user shares with you that is not strictly related to the support or services you provide.
Anonymised information is information about a service user that has had all identifiable information removed from it and where there is little or no risk of a service user being identified from the information available. You may be able to share anonymised information more openly in some circumstances. However, you should always consider carefully what you are sharing and who you are sharing it with.
You must make sure any personal data you are processing is:
− adequate (to enable you to discharge the intended purpose);
− relevant (has an appropriate link to that purpose); and
− limited (you don’t hold any more information than you absolutely need for that purpose).
Identifiable information is disclosed for a number of reasons. It can happen when you refer a service user elsewhere or when a service user asks for information to be given to a third party. It is important that you get the service user’s permission, or consent, before you share or disclose their information or use it for reasons which are not related to your role as volunteer.
It is important that you take action if you become aware that information about a service user has been lost, damaged or inappropriately accessed, or if there might be a risk of this happening. You should tell a GMD director at the earliest opportunity, and take steps to try to make sure that the problem does not happen again.