Dr D L Boone – Avon Vasectomy Service


Last reviewed 24 March 2018


This policy contains sections:

1. Introduction 

2. Purpose of code of conduct 

3. Basic principle of confidentiality 

4. Patient Information 

5. When information may be passed on 

6. Responsibility for passing on information 

7. Non identifiable information 

8. General 

9. Contact 

  1. Glossary 


Staff Code of Conduct for the Protection and Use of Patient Information

1      Introduction 

This Code is intended as an overview of the issues that staff need to be aware of when using patient information within General Practice. It has been designed on advice from the Department of Health. It aims to give a brief, easy to understand advice on a very complex issue. Everyone in the Practice needs to be aware of the importance of confidentiality. This Code should help you be aware of what is required of you from the Practice. 

2      Purpose of the Code 

All staff need to be aware of their responsibilities for safeguarding confidentiality and preserving information security. The principle behind this code is that no employee shall misuse any information or allow others to do so. 
This Code of Conduct has been written to meet the following legal requirements and best practice Guidance:

.     Data Protection Act 1998

.    Computer Misuse Act 1990

.    Copyright, Designs and Patents Act 1988

.    The Protection and Use of Patient Information (HSG 96 18)

.    Caldicott Report on the Use of Patient Identifiable Information (1997) 

.    This policy will be updated as reguired by new legislation coming into effect.


3      Basic Principle 

Any personal information given or received in confidence for one purpose may not be used for a different purpose or passed to anyone else without the consent of the provider of the information. This is usually the patient but sometimes another person may be the source (e.g. relative or carer). All NHS Staff are under a duty of confidence and this has long been established as common law. With the correct safeguards it need not be interpreted so strictly that, when applied there is a risk of it operating to a patients disadvantage 


4      Patient Information 

In this guidance, the term “patient information” applies to all personal information about members of the public held by the service. This includes medical records as well as “non health” information. 


5      When Information may be passed on 

Information may be passed to someone else:

                        With the patient’s consent or 

                        On a “need to know” basis if the following circumstances apply: 

a) If the recipient needs the information because they are concerned with the patients’ care or the use can be justified for the purposes described below:

  • Assuring and improving the quality of care and treatment

  • Monitoring and protecting public health

  • Co-ordinating NHS care with other agencies (e.g. local authority)
  • Effective healthcare administration (e.g. managing and planning services)
  • Contracting for NHS services (e.g. payment of staff)
  • Auditing NHS accounts (auditors)

  • Risk Management (e.g. health and safety)

  • Investigating complaints and legal claims
  • Teaching

  • Statistical analysis or research*
  • Whistle blowing

.    b)  Statute or court order requires the information. 

.    c)  Passing on information can be justified for other reasons (protection of the public). 

*Specific consent should be sought to any activity relating to teaching or research that will involve people personally.

.    6  Responsibility for Passing on Information 

.        Individuals are responsible for their decision to pass on information. If unsure whether to pass on information ask the health professional responsible for the patients‘ care.
The unauthorised passing on of patient information by any member of staff is a serious matter and may result in disciplinary action and possible legal action. 

.    7  Non-identifiable Information (Anonymised) 
Where anonymised information would be sufficient, identifiable information should be omitted where possible. Do not use patient identifiable information unless it is essential for the purpose. 

8 General 

If you require an explanation concerning the interpretation or relevance of this discuss this matter with Dr Boone.

9 Contact

Non-compliance with this code of conduct by any person employed by the Practice may result in disciplinary action being taken.

If you have any queries or concerns please contact Dr Boone

10 Glossary

This defines the terms used within this document.

Anonymised data:

Data from which the recipient of the information cannot identify the patient.



Any freely given specific and informed indication of wishes by which the patient signifies their agreement to personal data relating to them being used.


Identifiable data:



Data from which the patient can be identified by using any one of the following data items:

Date of Birth
Other dates (i.e. death, diagnosis) NHS/N.I or GP Practice Number Sex

Ethnic Group
All items should be treated as patient identifiers to a greater or lesser extent.

Need to Know:

Only those individuals who need access to the information should have acces