Credit: Medill DC/CC BY 2.0

The independent watchdog for the use of data across the NHS and social services has called for the enshrinement of a rule that there be “no surprises” for citizens in how their data is used.
 
The National Data Guardian for Health and Social Care (NDG) Dame Fiona Caldicott has opened a public consultation on plans to add an eighth tenet to the existing total of seven Caldicott Principles that govern how patient information should be handled and used.
 
The new rule would, she said, “emphasise the importance of there being no surprises for patients and service users with regard to how their confidential health and care data is used”.
 
Caldicott – whose role does not possess a regulatory function, but has statutory powers to formally guide and challenge the health and social care system – developed the principles that bear her name in 1997, having conducted a review of NHS information-handling practices.

Related content

• Hancock issues six-month order for NHS to share confidential patient data
• Data-protection regime relaxed for coronavirus response as ICO pledges no GDPR action
• Test and trace scheme to keep citizens’ personal data for 20 years 

They were launched as a set of six principles which all health-service organisations were asked to adopt: justify the purposes for using confidential information; don't use personal confidential data unless it is absolutely necessary; use the minimum necessary personal confidential data; access to personal confidential data should be on a strict need-to-know basis; everyone with access to personal confidential data should be aware of their responsibilities; and comply with the law.

 
Following the completion of a second review in 2013, a seventh principle was added: the duty to share information can be as important as the duty to protect patient confidentiality.
 
The proposed eighth rule is: “Inform the expectations of patients and service users about how their confidential information is to be used”
 
If this ‘no surprises’ rule is added, it would be the first new addition to the guidance in seven years.
 
Before it is adopted, Caldicott is asking citizens to respond online to a public consultation launched today and running until 3 September.
 
In addition to feedback on the proposed addition of an eighth principle, the consultation is also interested in hearing any suggested amendments to the existing seven.
 
Furthermore, the NDG wishes to receive views about the role of so-called Caldicott Guardians, whose remit is to “help their organisations to ensure that information is used legally, ethically and wisely in accordance with the principles”. There are currently 18,000 Caldicott Guardians working across bodies in health, social care, and related sectors.
 
Caldicott is asking the public to provide their “views on whether, under her statutory power to issue guidance, she should issue guidance proposing that all health and adult social care organisations in England should appoint a Caldicott Guardian”. The data watchdog also wishes to hear ideas for how such a proposal could be implemented “appropriately and proportionately” – particularly for smaller organisations.
 
Caldicott said: “I have long emphasised the importance of dialogue with the public about how confidential information is used by the health and care system. This is essential to ensure that people can trust that what they tell their doctor, social worker, nurse or other care professional is treated with appropriate respect and used beneficially. All those working in health and care have a part to play in that dialogue. I hope that our proposals will support this and look forward to hearing how they are received.”

Anyone wishing to take part in the consultation can do so here.