Confidentiality Policy

Bristol Vasectomy Clinic - Avon Vasectomy Service


Purpose of the Code

All staff need to be aware of their responsibilities for safeguarding confidentiality and preserving information security. The principle behind this code is that no member of the health centre staff shall misuse any information or allow others to do so.

This Code of Conduct has been written to meet the following legal requirements and best practice Guidance:

  • Data Protection Act 1998
  • Computer Misuse Act 1990
  • Copyright, Designs and Patents Act 1988
  • The Protection and Use of Patient Information (HSG 96 18)
  • Caldicott Report on the Use of Patient Identifiable Information (1997)

Basic Principles

  • Any personal information given or received in confidence for one purpose may not be used for a different purpose or passed to anyone else without the consent of the provider of the information.  This is usually the patient but sometimes another person may be the source (e.g. relative or carer). All Staff are under a duty of confidence.  With the correct safeguards this policy need not be interpreted so strictly that, when applied there is a risk of it operating to a patients disadvantage
  • Patient Information

In this guidance, the term “patient information” applies to all personal information about members of the public held by the Service.  This includes medical records as well as “non health” information.

When Information may be passed on:

Information may be passed to someone else: 

  • With the patient’s consent or
  • On a “need to know” basis if the following circumstances apply:
  • If the recipient needs the information because they are concerned with the patients’ care or the use can be justified for the purposes described below:
  • Assuring and improving the quality of care and treatment
  • Monitoring and protecting public health
  • Co-ordinating NHS care with other agencies (e.g. local healthcare providers or CCG)
  • Effective healthcare administration (e.g. managing and planning services)
  • Contracting for NHS services (e.g. payment of staff)
  • Auditing NHS accounts (auditors)
  • Risk Management (e.g. health and safety)
  • Investigating complaints and legal claims
  • Teaching
  • Statistical analysis or research*
  • Whistle blowing 
  • Statute or court order requires the information.
  • Passing on information can be justified for other reasons (protection of the public).

*Specific consent should be sought to any activity relating to teaching or research that will involve people personally.

Responsibility for Passing on Information

Individuals are responsible for their decision to pass on information.  If unsure whether to pass on information ask the health professional responsible for the patients‘ care). 

The unauthorised passing on of patient information by any member of staff is a serious matter and may result in disciplinary action and possible legal action.

Non-identifiable Information (Anonymised)

Where anonymised information would be sufficient, identifiable information should be omitted where possible.  Do not use patient identifiable information unless it is essential for the purpose.



         If you require an explanation concerning the interpretation or relevance of this code, you should discuss this matter with the Clinical Director.


Non-compliance with this code of conduct by any person employed by the Service or the Practice may result in disciplinary action being taken.


If you have any queries or concerns please contact the Clinical Director or the Practice Manager


This defines the terms used within this document. 

Anonymised data: 

Data from which the recipient of the information cannot identify the patient.


Any freely given specific and informed indication of wishes by which the patient signifies their agreement to personal data relating to them being used.

Identifiable data: 

Data from which the patient can be identified by using any one of the following data items:






Date of Birth

Other dates (i.e. death, diagnosis)

NHS/N.I or GP Practice Number


Ethnic Group

All items should be treated as patient identifiers to a greater or lesser extent.

Need to Know:  Only those individuals who need access to the information should have access.