Get documents about "pathology sop template mb91p202_1_
Document Sample
File name : SOP/GBM/004.01 Page 1 of 4
Date printed 24/09/10
STANDARD OPERATING PROCEDURE (SOP)
Title: Data Confidentiality Policy
Area of application Leeds GIFT Tissue Bank.
Index code/version number SOP/GBM/04
Reason for change New Procedure
Date of implementation 23rd March,2010
Review interval Annual
Authorised by
Author Aidan Hindley, Tissue Bank Nurse.
This copy issued to Master Copy: Laboratory Manager, LIMM Wellcome
Wing, St James Hospital
Tissue Bank Nurse, LIMM Wellcome Wing
Document review history – completed when no changes required
Review date Reviewed by Signature
This is a controlled document, dates of review and locations of authorised copies are recorded in the Pathology and Tumour Biology
Quality Management System. It is forbidden to photocopy or write on SOPs.
Department of Pathology and Tumour Biology Page 2 of 4
SOP/GBM/04.01
1. CLINICAL RELEVANCE/PURPOSE OF PROCEDURE
To maintain donor and donor families confidentiality in compliance with Government,
HTA, TRUST and GIFT policies/procedures.
2. PRINCIPLE OF PROCEDURE
Ensure all staff aware of policies and related issues and comply with them at all times to
maintain confidentiality.
3. PERSONNEL / TRAINING REQUIREMENTS
, GIFT Bank staff
4. SPECIMEN REQUIREMENTS
N/A
5. EQUIPMENT
Current Standard Operating Procedures, access to online computer
6. HEALTH AND SAFETY
N/A
7. REAGENTS
N/A
8. QUALITY CONTROL
9. COMPUTER / TELEPATH CODES
N/A
10. PROCEDURE OR METHODOLOGY
Purpose and Scope
The GIFT Tissue Bank (GTB) staff work with both identifiable and unidentifiable data.
The current GTB structure uses employees that are experienced medical staff who have
extensive experience of working within the NHS and Trusts. This means that the GTB
personnel that use identifiable donor/relative data are NHS staff working within the NHS
Trusts or University employees with NHS trust honorary contracts. All these staff are
already under a legal obligation to the NHS Trusts and their data protection policies and
procedures.
The GTB is highly committed to donor/relative data protection, confidentiality and has in
place its own data confidentiality policy as a second tier to the NHS Trust/University.
Policy
From the outset of the GTB project it was decided not to store in the GTB database
system any identifiable information. When donor/relative information is stored in the
GTB all identifiable information is removed and a GTB number is assigned. The GTB
number does not hold any identifying key.
This is a controlled document, dates of review and locations of authorised copies are recorded in the Pathology and Tumour Biology
Quality Management System. It is forbidden to photocopy or write on SOPs.
Department of Pathology and Tumour Biology Page 3 of 4
SOP/GBM/04.01
GTB workers, however, have to deal with identifiable data in paper format when
obtaining donor relative consent and using TRUST pathology systems. Pathology
laboratory workers also handle identifiable data as part of their working routine.
All GTB workers have a legal duty of confidence to protect patient information. The Data
Protection Act (1998) extends this to protecting the confidentiality of all person-
identifiable information. Personal information is defined as any details that can identify a
person.
The Data Protection and Confidentiality Policy relates to the obtaining, use and storage of
all person-identifiable information and includes both manual and computer files. The
policy covers the principles of the Caldecott Report in the use of confidential information
and the Data Protection Act.
The following are the key elements of the Data Protection and Confidentiality Policy:
The Caldecott Report Principles
1) Justify the purpose for which information is required.
2) Don‟t use person-identifiable information unless it is absolutely necessary.
3) Use the minimum necessary person-identifiable information to satisfy the
purpose.
4) Access to person-identifiable information should be on a strict „need-to–know‟
basis.
5) Everyone with access to person-identifiable information should be aware of
his/her responsibilities.
6) Understand and comply with the law.
The Data Protection Act (1998)
1) All personal information shall be obtained and processed fairly and lawfully
. i.e. notify individuals of the purposes for which their details will be used.
2) Personal information should be not be used for any purpose(s) incompatible
. with that for which it was obtained
3) Personal information should be adequate but not excessive.
4) Personal information should be accurate and kept up–to-date.
5) Personal information should not be kept for longer than necessary.
6) The rights of the data subjects should be respected (including right of access to
records).
7) Personal information should be stored securely and protected against
. unauthorised or unlawful processing, and loss, damage or destruction of the
data
8) Personal information should not be transferred overseas without reference to
the policy .
Strategy/Implementation
The GTB data confidentiality policy should be communicated effectively to all GTB staff by:
Introducing data confidentiality to GTB induction;
Restricting access to identifiable data to senior GIFT bank staff only
Keeping a signed copy of the TRUST/University Confidentiality Contract document for
each worker in his/her personnel file
This is a controlled document, dates of review and locations of authorised copies are recorded in the Pathology and Tumour Biology
Quality Management System. It is forbidden to photocopy or write on SOPs.
Department of Pathology and Tumour Biology Page 4 of 4
SOP/GBM/04.01
Making sure that every employee with access to confidential data has a contract with
the local NHS Trust, University Medical Department or Institute of Molecular
Medicine.
Undertaking regular training to include data confidentiality policy
Making the policy available in printed-paper format and electronically.
Staff Responsibilities
Locations where records are held should be kept secure, e.g. doors locked.
Access to information held on computer should be controlled by a password. Sharing of
passwords is forbidden.
Do not leave identifiable material in places where unauthorised personnel may gain
access.
Person-identifiable information must not be recorded on home computers.
All members of staff must report any suspected or actual breach of confidentiality to
their line manager.
All staff have a responsibility to ensure confidentiality and should be aware that
breaches of confidence may amount to gross misconduct and could result in
disciplinary action/dismissal.
Staff members must co-operate in training programmes provided and maintain an
awareness of confidentiality/data protection issues at all times.
In conjunction with this policy document, staff are advised to familiarize themselves with the
NHS Confidentiality Code of Practice (1998) Department of Health publication, Leeds
TRUST policy on Confidentiality/Data Protection and it is recommended to read the Welsh
Cancer Bank (WCB) document “WCB & NHS Trust Legislation/Guidance”, which
incorporates the recommendations of the Caldecott Report, the principles of the Data
Protection Act (1998) and identifies other key legislation (e.g. Access to Health Records
Act).
11. REFERENCE RANGE / ACTION LIMITS
N/A
12. REFERENCES
GIFT SOP‟s
Welsh Cancer Bank SOP‟s
Leeds TRUST policies
Leeds University policies
NHS / Department of Health policies
This is a controlled document, dates of review and locations of authorised copies are recorded in the Pathology and Tumour Biology
Quality Management System. It is forbidden to photocopy or write on SOPs.
