1. Principles, Law and Confidentiality

Want to watch this video? Sign up for the course here. Or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.



Sign Up

Maintaining Confidentiality in the Workplace: A British Overview

While employed, you'll encounter sensitive data. Grasping the legal and ethical dimensions of handling this data is paramount.

The Nature of Confidential Information

Throughout your employment, you'll interact with confidential data in various forms, such as:

  • Named Individual Details: Information specifically about persons.
  • Organisational Information: Data pertaining to an organisation's operations.
  • Information Medium: This can be digital (on computers) or physical (paper records).
  • Communication: Information relayed to you or breaches of confidentiality you become privy to.

Your Duty of Confidentiality

Your responsibility is to safeguard all confidential information. Notably, this duty persists even after your employment ends. Confidential data should only be disclosed under proper authority and in alignment with your organisation's policies.

Unauthorised Disclosures

Any unwarranted disclosure or effort to access confidential information without the right authority is deemed a serious confidentiality breach. Such actions can lead to:

  • Termination of Employment
  • Legal Proceedings

Legal Frameworks & Confidentiality

Common Law & Consent

Under common law, confidential personal data should only be used for its intended purpose and with the individual's consent. Exceptions include when disclosure is in the public interest or mandated by law.

Deceased Individuals & Confidentiality

Even posthumously, a person's data is protected under a variety of regulations including a Confidentiality Code of Practice, contractual obligations, and professional codes. The Access to Health Records Act 1990 specifically addresses deceased individuals' health records.

Data Protection Act 1998

This act governs the management of personal information about living individuals, including data collection, retention, modification, and deletion. Misuse or unlawful disclosure might lead to prosecution or civil damage claims under this act.

Preventing Breaches & Ensuring Information Security

Confidentiality breaches often stem from simple oversights:

  • Public discussions about private matters.
  • Leaving personal data unattended.
  • Misplaced notes or correspondences.
  • Sending data without proper security measures.

To avoid these pitfalls:

  • Always log out of systems when unattended.
  • Don't share passwords or sensitive access credentials.
  • Ensure all sensitive mail is properly sealed and marked as confidential.

Your Role & Organisational Responsibilities

Your employer must keep you informed about your data handling responsibilities. If you identify potential security risks, it's imperative to notify your organisation, either through your line manager or the designated information manager.