Information Governance covers all information held, created or accessed by all staff or any other party, performing activities in their roles within BrisDoc.

It applies to ALL information relating to patients, staff and the BrisDoc organisation, regardless of how the information is used, held (paper or electronic) or transmitted (fax, email, post & telephone).

BrisDoc is responsible for:

• Monitoring, maintaining and improving compliance to policies, legal and regulatory requirements;
• Developing, maintaining and monitoring the integrity of information to ensure that it is of sufficient quality for use within the purposes it was collected;
• Ensuring information is available, safe and secure;
• Educating and continually raising staff awareness of their responsibilities in managing information appropriately

Staff are responsible for:

• Maintaining secure access to buildings and information whilst on duty;
• Maintaining security of patient/ staff /corporate identifiable information at all times;
• Ensuring they understand Caldicott and Data Protection principles;
• Attending training and induction sessions;
• Being aware of and behaving in accordance with policy;
• Reporting incidents and near misses to their line managers or IG / Caldicott Leads immediately.
• Only accessing the records (EMIS or Adastra) of the patient they are caring for.

Confidentiality

At BrisDoc, it is vital for all staff to uphold confidentiality standards in accordance with the Data Protection Act 2018 and the Freedom of Information Act 2000.

You are responsible for maintaining the confidentiality of patient and colleague information at all times. Any information obtained during your work at BrisDoc should only be shared within the recognised course of duty. Unauthorised disclosure of confidential information may lead to disciplinary action, including dismissal.

Patients trust us with sensitive information about their health and personal matters. We must respect their privacy and act accordingly.

As part of your duties, you may access confidential information about patients, carers, healthcare workers, and BrisDoc as a business organisation. All such information, from any source, must be treated as strictly confidential.

Information regarding patients, carers, colleagues, healthcare workers, or BrisDoc’s business should only be disclosed to authorised individuals following BrisDoc’s policies and procedures on confidentiality and data protection.

It is completely unacceptable to view the healthcare records of colleagues, family members, or friends without a legitimate reason related to your role. Accessing your own healthcare records is also not allowed. Unauthorised access to health records will result in disciplinary action as per BrisDoc’s policy. Co-owners’ records should be marked as “sensitive” within the Adastra / Emis system to ensure that only clinical staff can view the clinical information.

Remember – Walls have ears!

It is essential to remember that any information relating to a patient is strictly confidential. If you need to discuss any details relating to a patient you must ensure that you cannot be overheard.

In particular be aware of the care to be taken when dealing with patients you may know personally. Even apparently harmless remarks like “Are you feeling better now?” could breach patient confidentiality.

Social networking sites such as Facebook or Twitter must never be used to comment on patients, staff or other confidential work-related matters.

Inappropriate access of patient records

The use of patient record systems such as EMIS and Connecting Care can greatly enhance patient care, but please be mindful that these platformsare for professional use only, and purely in relation to the patients being seen. Accessing your own records is an IG breach, as is accessing anyone else’s records for personal purposes, such as those of your spouse, child, friend or neighbour. Random audits are undertaken to check access. If either platform has been used to access records for personal purposes then disciplinary action will be taken.

For more details, please refer to BrisDoc’s Information Governance Handbook, Data Protection, Confidentiality & Disclosure Policy on Radar.

Our Internet / Email Usage

At BrisDoc, individuals are required to use computers for their roles. Computer usage must comply with BrisDoc’s Information Governance Framework and social media Policy.

Internet use during company time is authorised for conducting BrisDoc business. However, personal internet use should be limited during “quiet” moments or break times. Excessive personal use may result in disciplinary action.

Prioritise job duties and patient care over personal internet use. Consider the impact of personal internet use on network performance and patient care. Avoid accessing offensive or inappropriate sites on BrisDoc computers. Violation can lead to disciplinary action, including termination.

Exercise caution on social media. Do not post comments that could bring BrisDoc into disrepute or breach confidentiality. Staff are responsible for their online comments about BrisDoc.

Avoid posting sensitive or identifiable patient information. Refrain from offensive, discriminatory, or bullying comments or images. Obtain explicit consent before posting pictures of staff or patients. Report work-related grievances using the Grievance Policy.

Offensive/inappropriate material includes abusive, threatening, discriminatory, or indecent content. Do not breach copyright or engage in illegal activities online.

Streamlining guidance on internet use and social media will ensure adherence to policies and protect company interests.