National Data Guardian for health and care announces new Caldicott principle

In December, the National Data Guardian (NDG)1 for health and care in England, Dame Fiona Caldicott, published the outcomes of a public consultation about the Caldicott Principles and the role of Caldicott Guardians.1

The Caldicott Principles are good practice guidelines which have been used by health and social care organisations in the UK since 1997 to ensure that people’s data are kept safe and used in an ethical way.2 The role of the Caldicott Guardian is well-established in the UK. Caldicott Guardians are senior people (usually clinicians) which support the upholding of the Caldicott Principles within organisations.

In response to views expressed during the consultation the NDG has added an eighth Caldicott Principle to the existing seven and will use her statutory powers to issue guidance about the appointment of Caldicott Guardians for health and adult social care organisations. The new eighth Caldicott Principle is:

‘Inform patients and service users about how their confidential information is used’.

It provides that:

A range of steps should be taken to ensure no surprises for patients and service users, so they can have clear expectations about how and why their confidential information is used, and what choices they have about this. These steps will vary depending on the use: as a minimum, this should include providing accessible, relevant and appropriate information - in some cases, greater engagement will be required.

The NDG explains that the introduction of the new principle was prompted by consideration of the role that the legal concept of ‘reasonable expectations’ should play in shaping the circumstances under which health and care data may be legitimately shared. The NDG does not envisage that this principle will establish reasonable expectations as a legal basis in its own right …