Initiatives such as the single assessment process (SAP) for older people, and the developing common assessment framework for adults, increasingly require health and social care services to share personal information about individuals receiving joined-up care, both as part of the commissioning process and to ensure that needs are addressed and that effort is not duplicated.
A patient’s records may be disclosed to social workers working as part of a multidisciplinary care team where they need to have them to provide effective joined-up care, providing the patient has been informed that this may occur and has given express consent, or has not objected or expressed concern. Registered social workers are subject to a code of practice that requires them to respect a person’s confidential information. Breaching the code can lead to their removal from the Social Care Register.
The practice expected of national health service organisations in facilitating these arrangements is set out in the document “Confidentiality: NHS Code of Practice” published in November 2003. The code recognises that social workers are frequently involved in providing care for national health service patients and that sharing health information with them should be an essential part of providing joined-up services for patients.
Arrangements for sharing personal information with social care staff have included the development of local information sharing protocols. These are agreements between an individual NHS body and a council with social services responsibilities on how an individual’s data may be shared between them. These agreements are based on well known data protection principles and make clear under what conditions or circumstances a person’s data may be shared. All care employers are subject to the provisions of the Data Protection Act 1998.
Where the NHS care records service is supporting SAP as an initial step in establishing joint services that contribute to the patient record, information sharing will be possible on the basis of implied consent subject to the requirements outlined above. Where SAP is supported by other systems, whether paper or electronic, explicit consent will normally be required and it will additionally be necessary to ensure that there are appropriate safeguards in place to protect patient confidentiality.
These arrangements are currently being supported by some 46 electronic SAP systems, and over 50 community patient record systems that have been delivered through the national programme for information technology, accessible by an estimated 114,000 authorised NHS users. These figures are continuing to grow rapidly.