Confidentiality affects everyone.
The Trust collects, stores and uses large amounts of personal and special category personal data every day, such as medical records, personal records and computerised information. This data is used by many people in the course of their work.
We take our duty to protect personal information and confidentiality very seriously and we are committed to comply with all relevant legislation and to take all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper.
The Trust must have procedures in place to make sure that the DPO is consulted on all data protection matters at an early stage (as part of privacy by design and default).
The Trust must ensure that the DPO role is independent, free from conflict of interest and reports directly to the highest management level of the organisation – there are specific roles that the DPO cannot perform in conjunction with this new role.
The DPO must have expert knowledge of data protection law and practices and the ability to acquire detailed understanding of the organisation’s business, the purposes for which it processes, or intends to process personal data. The DPO’s responsibilities include:
The Trust’s Data Protection Officer is Sharon Katema, Associate Director of Corporate Governance and Data Protection Officer, email firstname.lastname@example.org.
The Senior Information Risk Owner should be an executive director or other senior member of the board (or equivalent senior management group/committee).
The SIRO may also be the Chief Information Officer (CIO) if the latter is on the board but should not be the Caldicott Guardian, as the SIRO should be part of the organisation’s management hierarchy rather than being in an advisory role. The key responsibilities of the SIRO are to:
The Trust’s Senior Information Risk Owner Steve Shanahan, Director of Finance.
The Caldicott Guardian is a senior person within a health or social care organisation who makes sure that the personal information about those who use its services is used legally, ethically and appropriately, and that confidentiality is maintained.
Caldicott Guardians provide leadership and informed guidance on complex matters involving confidentiality and information sharing.
The Trust’s Caldicott Guardian is Terry Hankin.
Translate this page: