Abstract
The article considers the issues which can arise for the NHS in sharing information, looking at the common occasions when information will be shared and providing a checklist to ensure compliance with the Data Protection Act 1998 and the common law duty of confidentiality. It also considers potential legal proceedings should the DPA or common law duty be breached and looks at how the Information Commissioner has used his increased ability to fine organisations for breaching the DPA. Finally consideration is given to some recent developments, such as the draft Data Sharing Code of Practice which the IC has issued and some supplementary guidance from the DH on confidentiality with regard to public interest disclosures.
The conclusion is that now represents an opportune moment for the NHS and other organisations to review their data sharing protocols and ensure they comply with the new Code from the IC and guidance from the DH. Given the fines which the IC has recently imposed, any failure to have a policy on information sharing which is fit for purpose could lead to a significant monetary penalty and damage to reputation.
Get full access to this article
View all access options for this article.