Guidance on standards
Use of patient information
Some national clinical audits need access to patient identifiable information. This enables the tracking of the patient experience, from the initial GP visit through to recovery and rehabilitation. More importantly, it enables the identification of changes or improvements to the system that will have a real impact on patient care.
Patient identifiable information cannot be used for any other purpose than the direct care of the patient unless either:
- the patient has given their explicit consent
- the Patient Information Advisory Group (PIAG) has granted authority under Section 60 of the Health and Social Care Act 2001
Regulations on patient confidentiality
The legislation for the protection of personal information is contained in the Data Protection Act 1998 and the Health and Social Care Act 2001. The Department of Health has incorporated this legislation into guidance in the NHS confidentiality code of practice, which has been endorsed by the British Medical Association, the General Medical Council (GMC) and the Office of the Information Commissioner. This is to be implemented right across the NHS, ensuring a common approach.
In addition, clinicians are bound by the regulations of the GMC and the Nursing and Midwifery Council.
Data Protection Act 1998 (opens new window)
Health and Social Care Act 2001 (opens new window)
NHS information governance - guidance on legal and professional obligations (opens new window)
