Caldicott Guardian Principles

Caldicott Guardian Principles

Acting as the "conscience" of an organisation, the Caldicott Guardian supports work to facilitate and enable information sharing, advising on options for lawful and ethical processing of information as required. Local issues will inevitably arise for Caldicott Guardians to resolve.

RBWM's Caldicott Guardian works as part of the Information Management Team with support staff and close ties with information security specialists.

Principle 1: Justify the purpose(s)
Every proposed use or transfer of personal-identifiable information within or from an organisation should be clearly defined and scrutinised, with continuing uses regularly reviewed by an appropriate guardian.

Principle 2: Don't use patient-identifiable information unless it is absolutely necessary
Personal-identifiable information items should not be used unless there is no alternative.

Principle 3: Use the minimum necessary patient-identifiable information
Where use of personal-identifiable information is considered to be essential, each individual item of information should be justified with the aim of reducing identifiability.

Principle 4: Access to patient-identifiable information should be on a strict need to know basis
Only those individuals who need access to personal information should have access to it, and they should only have access to the information items that they need to see.

Principle 5: Everyone should be aware of their responsibilities
Action should be taken to ensure that those handling personal information are aware of their responsibilities and obligations under the Data Protection Act 1998

Principle 6: Understand and comply with the law
Every use of personal information must be lawful.

How do you rate this information/service?