{{org_field_logo}}
{{org_field_name}}
Access to Social Care Records — People Receiving Care (England) Policy
Policy Statement
This policy sets out the values, principles and procedures underpinning this care provider’s approach to enabling people receiving care to have access to their records, and other information held by the service about them, and when third parties can have authorised access to a person’s records.
It is written in line with Regulation 17: Good Governance of the Health and Social Care Act 2008 (Regulated Activities 2014) which requires care providers to have secure record keeping systems with policies on authorised access and sharing.
Policies are needed that enable people receiving care to exercise their legal and moral rights to have access to the information about them held by {{org_field_name}}.
{{org_field_name}} has no authority over records kept by other agencies involved with the person receiving care, but it assumes that these agencies, eg health services, will have their own policies and procedures, which the person receiving care would follow if they wished to have access to these records.
Principles of Access
People receiving care should have access to their own records in line with data protection requirements.
Any access to records must always be considered in terms of {{org_field_name}}’s confidentiality policy. This means that such information must not be made available to other people and anyone else mentioned in the records should have their identity protected. Data protection law does not give the user the right of access to information about other people.
The implication of the legislation is that records are shared with the individuals concerned as they are made. This allows for openness, agreement between worker and person receiving care and the potential for greater accuracy. Only in rare circumstances should access be refused. The person seeking access to information should have {{org_field_name}}’s policy carefully explained to them.
Any request from people receiving care for access to their personal file must be discussed with the registered manager, who takes the decision as to what may or may not be shared.
Specific Guidelines
- {{org_field_name}} is accountable to the person for all information it holds about them; staff are responsible for recording on personal files and any information sharing in line with the provider’s policies.
- Authorised people external to {{org_field_name}} do not normally have access to people’s files but may request it for specific purposes such as part of a quality review, conducting an investigation or following up a complaint. The person’s consent would usually be sought but this is not always required, such as during inspections by the Care Quality Commission (CQC).
- Any information in the file that is in a restricted information section cannot be accessed. The marking of information in the file should be supported by a reason for it being regarded as confidential. Where the request for information is concerned with legal action, the matter should be referred to {{org_field_name}}’s legal advisors, who can decide whether access to the information can be given.
- Information should not be accessed where it might result in the risk of serious harm, of any form, to the person or someone else, including a staff member.
- Information should not be accessed if it is concerned with the prevention or detection of crime or apprehension or prosecution of offenders, if it would prejudice one of these purposes.
- Personal health information can only be accessed following consultation with the health professional concerned. However, health information which arises from information within {{org_field_name}}’s experience of working with the individual, but not from health professionals, may be accessed.
- Where the information concerns health matters, the health professional must be contacted and their opinion given as to whether the giving of the health information would pose any risk to the individual seeking the information or to any third party. Where such risk is indicated, the information should be edited.
- Legal advice is privileged information and should not be disclosed, as are court reports. The person seeking access may nominate, giving their permission in writing, an agent to acquire the information for them.
- Where the person concerned is a young person under 14 years of age, it would be expected that their parent or guardian would be nominated to have access on their behalf.
- People who are unable to manage their own affairs because of mental illness or mental disability may be represented by a person nominated under the Court of Protection, or who has power of attorney, or is an authorised agent.
- The person should give notice in writing that they wish to have access to their records when these records are not held within {{org_field_name}}. Staff should discuss any request for access with the service manager.
- Relatives, friends and third parties have no automatic right of access to a person’s confidential records and will need to obtain the consent of the person receiving care or follow the corresponding procedures if the person lacks mental capacity to give their consent before they can have access to them. (See section on Third Party Access.)
- There is a separate policy in the case of relatives or representatives who seek to have access to the records of a person who has died. (See the policy on Applications for Access to a Deceased Person’s Care Records.)
- At the end of service {{org_field_name}} will keep the records in line with its retention policy. People receiving care can apply to access (or retain copies) of their records subject to data protection requirements in relation to any personal data found of third parties, which should then be edited.
Third Party Access to Records of a Person Receiving Care (Subject Access Request (SAR))
It is permissible in some instances to allow requests from a third party to have access to an individual’s records. Where the person has mental capacity, their consent will always be needed. Where the person might lack the capacity to give their consent, the request might be allowed under certain circumstances.
{{org_field_name}} accepts that it is reasonable for someone with Lasting Power of Attorney (LPA) for Health and Welfare, which has been registered with the Court of Protection, to access a person’s records and information to which a person has right of access; that is where the information contained will help or enable the LPA to carry out their lawful duties. The information requested should be relevant to the best interest decisions that the LPA must make on behalf of the person they are representing.
The LPA should make any request in writing (see Resources for a letter template). Where it is reasonable and lawful for the LPA to access the information, a formal agreement will then be reached on the means of access, which will also follow confidentiality and data protection principles and procedures.
Training
All staff receive training in the people receiving care’s access to records policy at induction and whenever changes need to be made to it.
Note:
{{org_field_name}}’s policy on access to records can be included as part of its general policy on Records and Record Keeping or as a separate policy. It should be used with reference to the Data Protection and Compliance with the General Data Protection Regulation (England, Scotland, Wales) Policy.
Responsible Person: {{org_field_registered_manager_first_name}} {{org_field_registered_manager_last_name}}
Reviewed on: {{last_update_date}}
Next Review Date: {{next_review_date}}
Copyright ©2024 {{org_field_name}}. All rights reserved