32226
32239
GP/C9-6
Data Protection & Caldicott Coordinator
Data Protection & Coordinator; eHealth Security Manager
18 April 2013
01 January 0001
18 April 2014
1

1. FUNCTION

This procedure will ensure that NHS Fife has the appropriate arrangements in place to allow the secure use, transfer and storage of all data, (including written, audio and video) made for clinical and educational purposes to be transferred by removable devices. This data forms an integral part of the assessment and treatment process for a range of patients.
NHS Fife undertakes to move towards the purchase of Audio and Video recording equipment that supports encryption as these become more affordable and the current equipment becomes redundant.  In particular, the current cost of encrypted camcorders is prohibitive. 
This procedure is deemed to incorporate any device capable of holding data;  the term CD used in this document is deemed to include DVDs;   This procedure will be reviewed in line with eHealth developments.

2 WHERE THE PROCEDURE APPLIES

NHS Fife sites, Fife Council premises and patients’ residences.

3 RESPONSIBILITY

3.1 Staff & Agents

All staff and agents who use removable devices to hold data or who use audio and video equipment must abide by this procedure and other related NHS Fife policies and procedures, as well as guidelines set by Professional Bodies etc.
 

3.2  Department Managers
Department managers are responsible for implementing the procedure in their area of responsibility and ensuring all staff are made aware and follow the procedure.

4.  OPERATIONAL SYSTEM

  • Personal mobile telephones- See GP/E7 Non-NHS Fife Equipment Policy
  • No audio or video recordings will be taken without the signed consent of the patient or the patient’s representative, in line with NHS Fife Guidance on Obtaining Informed Consent to Treatment (C2).  Consent forms are attached see Appendix A; for adults with a learning disability see Appendix B.  Consent forms must be filed in the patient’s health care record.
  • Data may only be held temporarily on a removable device, and must be downloaded and/or deleted within 24 hours; if this is not possible the device must be held in locked storage with the disc/tape or memory card removed and stored separately under locked conditions.
  • Media or devices containing patient data or recordings must be stored securely in a locked cabinet when not in use. When travelling to different locations, they will be stored out of sight to deter opportunistic theft.
  • Removable data storage such as memory sticks, cards, CDs, minidisks or analogue tapes will be stored separately from cameras and other recording equipment.
  • All devices that connect to a computer will be registered with the eHealth Department under the member of staff’s personal logon.
  • All files must be stored on an appropriate NHS Fife network drive.
  • File names will not include identifiable patient names. The name of the file will be coded and recorded in the patient’s health record.
  • All files must remain on the network as part of the patient health record.
  • No data will be uploaded to or stored on a computer’s internal memory (C: drive).
  • Audio and video data files must be deleted from voice recorders and networked drives at the first opportunity, unless the patient has consented to their further use. Such use will be specified on the signed consent form.
  • A request may be raised with eHealth Service Desk for CD burner to be purchased for the department.
  • Once the CD burner is installed, staff will be given a training video and written instruction by eHealth.
  • A request must be raised with eHealth Service Desk each time a CD is to be burned so that Data Loss Prevention unlock code may be supplied.  This code is valid for a short time to allow the disk to be burned. 
  • Only encrypted voice recorders will be purchased.
  • All audio files to be burned to CD in an encrypted format using PGP, WinZip or similar
  • Where a device is to be transferred elsewhere, the department will keep a record of the data involved, postal date and addressee along with the expected destruction date. 
  • Password Generator must be used each time a password is required.  The password may then be emailed to the recipient.
  • Device must be sent to a named recipient using a tracked Royal Mail service (i.e. Recorded Signed For or Special Delivery).
  • The recipient will provide a security statement which will include what they intend to do with the device and the data.
  • The recipient must not copy the device or its contents to their network or any other form of removable storage.
  • When the device is no longer required, recipient must return it to the originating department who will then pass it to the eHealth Security Manager for destruction. 
  • If a device is lost or missing, Reporting Procedure – Breach of confidence or loss/theft of NHS Fife data and equipment procedure (GP-D3-15) will be followed. 

5.  RISK MANAGEMENT 

This procedure is an integral part of NHS Fife’s approach to quality, safety and governance.  The key risks involved in implementation of this procedure are:

  • Lack of staff awareness of this procedure resulting in non-compliance
  • Lack of robust organisational arrangements around policy implementation
  • Failure to observe guidelines, particularly around informed consent resulting in loss of data and breach of confidence.

6.  RELATED DOCUMENTS

NHS Fife Guidance on Obtaining Informed Consent to Treatment (C2)
NHS Fife Data Protection Policy (GP/D3)
NHS Fife Confidentiality Policy (GP/C9)
NHS Fife Non-NHS Fife Equipment Policy (GP/E7)

7.  REFERENCES
 

Data Protection Act (1998)
Caldicott Report (1997)

EQIA has been carried out and approved