1.1 identify legislation and codes of practice that relate to handling information in health and social care.
The data protection act 1998
Carers code of practice
Human rights act 1998
Freedom of information act 2000
Caldecott principles
Care standards act
1.2 summarise the main points of legal requirements and codes of practice for handling information in health and social care
All information, however it is stored is subject to the data protection act 1998. This covers medical records, social services records, credit information and anything else that is recorded about a person whether it is a fact or opinion is personal data. All data must comply with the 8 principles of good practice in the data protection act 1998. These state that data must be processed fairly and lawfully , personal data should be accurate, adequate, relevant and not excessive. Personal data processed for any purpose should not be kept longer than is necessary. Personal data should be processed in accordance with the rights of data subjects under this act. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss, destruction or damage. Personal data will not be transferred to countries without adequate protection.
2.1 describe features of manual and electronic information storage systems that help security.
Ensure computer files are password protected.
Ensure written documents are stored in locked cabinets.
Care plans are stored in secured areas.
Electronic databases should be protected by adequate spy and virus software.
Information about individuals should only be shared on a need to know basis.