CONFIDENTIALITY POLICY AND PROCEDURE

Owner: Liz Fenton, Strategic Services Development Manager

Approver: Management Team

Date Document Draft / Distribution Comment

Version Final

12/09 Revised 1.0 Final All staff & volunteers

07/10 Revised 1.1 Final All staff & volunteers Update contact details

10/10 Updated 2.0 Final All staff & volunteers Update contact details

5/11 Revised 2.1 Final All staff & volunteers

Updated policies list
6/13 Updated 3.0 Final All staff & volunteers
No changes
11/14 Reviewed 3.1 Final All staff & volunteers

8/15 Revised 4.1 Final All staff & volunteers Information Sharing detailed
1/16 Revised 5 Final All Staff & Volunteers MCA Referenced

2/16 Reviewed 5.1 Final All Staff & Volunteers

6/17 Reviewed 6 Final All Staff & Volunteers

7/18 6.1 Final All Staff & Volunteers Amended for data protection changes

3/19 Reviewed 6.2 Final All Staff & Volunteers Minor amendments. Manager
contacts removed.
INTRODUCTION

seAp is an independent charity which manages a number of advocacy and related services
working with adults and young people. The organisation provides both instructed and non-
instructed advocacy.

All people who use the services provided by seAp have the right to expect that our service
will hold information about them in confidence. Confidentiality is central to trust between
clients and service providers and is one of the key principles underpinning independent
advocacy. It is essential that all advocates, other workers and people who use seAp
services are aware of this policy and of its limitations:

1. GENERAL PRINCIPLES
1.1 People who use seAp’s services have the right to believe, and be assured, that
information given in confidence will only be used for the purposes for which it was
given and will not be released to any person outside seAp without their consent,
unless conditions for breaching confidentiality are met.

1.2 Every effort will be made to explain this policy to all clients using seAp’s services and,
where appropriate, the policy will be provided in writing or read to them, before they
discuss the reasons for approaching the organisation. This includes explaining
seAp’s policy on confidentiality and consent clearly to the client when any third-party
language (or sign language) interpreter, family member or carer is involved in
enabling communication and client understanding.

1.3 Clients should be periodically reminded of the contents of the confidentiality policy
throughout their contact with the organisation.

1.4 This policy shall be explained to seAp’s funders, local Safeguarding Boards when
relevant, local agencies and, where appropriate to parents or carers. Clarification
must be sought with other statutory agencies that seAp services come into contact
with during the course of their work to establish their routine procedures when people
disclose information which is of concern.

1.5 seAp’s handling of confidential personal information will:

• Promote, support and protect the privacy, dignity and rights of seAp
clients
• Be understood by clients who have capacity, staff, volunteers and partner
services
• Conform with best practice
• Comply with the law (including all relevant provisions within current Data
Protection legislation, GDPR and the Mental Capacity Act)
• Promote the care, welfare and safeguarding of clients and the effective operation
of seAp services.

Confidentiality Policy v. 6.2 Page 2 of 6 Mar 19

2. BREACHING CONFIDENTIALITY
2.1 The limits to confidentiality must be explained to the client before gathering
information from them.

2.2 Confidentiality can only be breached:

a) In exceptional circumstances, if this is necessary in order to protect a person, if
they tell the service something which leads seAp to believe they or someone else
may be at risk of serious harm, suicide or abuse, or assisting a serious criminal
offence.

b) In exceptional circumstances, if the service, having made every effort to do so, still
lacks the ability to interpret the person’s method of communication, and is
therefore unable to consult them in such a way as to elicit their views or involve
them in a potential breach. (Advocates should refer to seAp’s Non-Instructed
Advocacy Policy on making every effort to determine whether a person has
capacity to consent to their information being shared)

c) If there is intent to break security rules (in secure hospitals and prisons)

d) If people working within the service would otherwise be assisting a criminal

offence.

e) If there is a court order for disclosure.

2.3 When confidentiality has to be breached without permission, wherever possible

the advocate shall inform the client at the earliest opportunity of the reasons for doing
so, giving them opportunities to discuss other alternatives and to plan for likely
outcomes. Every effort should be made to ensure the client is given the maximum
control possible over the process of breaching confidentiality, and to keep them
informed at every stage of any action that seAp intends to take.

2.4 Advocates/other service staff are not authorised to make the final decision about
whether confidentiality is to be breached, unless in an emergency, or in exceptional
circumstances if they are unable to contact any senior manager within the service or
within the wider organisation.

2.5 When working in a children’s unit or a secure unit, there may be a statutory
requirement that the unit’s confidentiality policy will over-ride seAp’s policy.

3. PROCEDURE FOR BREACHING CONFIDENTIALITY WITHIN OFFICE HOURS

3.1 Any information from any source which gives rise to concern for the safety or
wellbeing of a person or people, directly or indirectly, should be made known to the
worker’s Line Manager immediately.

3.2 Managers should ensure that their staff are aware of how to contact them, or a
colleague at a management level, in an emergency during the working day and out
of hours, including ways of interrupting meetings.

3.3 If an immediate Line Manager is unavailable, the concern should be escalated by the
member of staff in possession of the information. Contact details for Team and Senior
Managers are provided in the seAp Policies & Procedures ‘Operations’ sub-folder on
the Infostore.

Confidentiality Policy v. 6.2 Page 3 of 6 Mar 19

3.4 Any decision to take further action will be made by the relevant Manager. This may be
following discussion with seAp’s Chief Executive Officer (CEO) or other
Management Team members.

3.5 In circumstances where information has been received, or actions observed, which
indicates that people other than clients of the organisation are at risk of harm, this
information may be passed by a senior manager to relevant agencies, without
identifying the source of information.

4. PROCEDURE FOR BREACHING CONFIDENTIALITY OUTSIDE OF NORMAL

OFFICE HOURS

4.1 Staff should note which Team or Senior Manager is on Out of Hours duty at the start
of each week by checking their Outlook Calendar which shows who is on duty and
provides their contact number. The managers’ rota operates 5pm-7pm, Monday to
Friday. Staff must make specific alternative arrangements with their line manager if
needing to work outside these hours.

4.2 Emergency contact numbers for Team and Senior Managers can also be found in
the seAp Policies & Procedures ‘Operations’ sub-folder on the Infostore.

4.3 These numbers are only to be used in circumstances where information has been
received/observed which may require disclosure of information to relevant
authorities.

5. INFORMATION SHARING EXTERNALLY

5.1 When taking decisions about what information to share, you should consider how much
information you need to release. Data Protection legislation requires you to consider the
legality of disclosing information on the information subject and any third parties. Any
information shared must be proportionate to the need and level of risk.

5.2 Only information that is relevant to the purposes should be shared with those who need
it. This allows others to do their job effectively and make sound decisions.

5.3 Information should be adequate for its purpose. Information should be of the right
quality to ensure that it can be understood and relied upon.

5.4 Information should be accurate and up to date and should clearly distinguish between
fact and opinion. If the information is historical, then this should be explained.

5.5 Information should be shared in a timely fashion to reduce the risk of harm. Timeliness
is key in emergency situations and it may not be appropriate to seek consent for
information sharing if this could cause delays and therefore harm to a vulnerable adult
or a child. Practitioners should ensure that sufficient information is shared, as well as
consider the urgency with which to share it.

5.6 Where a Safeguarding investigation is being undertaken, seAp may be asked to

provide confidential information. Such information will not be routinely provided without
client consent unless the situation is life threatening or a criminal offence has been

Confidentiality Policy v. 6.2 Page 4 of 6 Mar 19

 committed. If the client lacks capacity to agree to the disclosure of information, this will
only be provided if a Police Force requests this via a formal process.

5.7 Information should always be shared in an appropriate, secure way. Staff must always
follow their organisation’s Data Protection, Information Security and Privacy policies on
handling personal information.

5.8 Information sharing, and respecting confidentiality, falls within guidance set out in the
Mental Capacity Act Code of Practice (5.56 – 5.57) for people assessed as lacking
capacity to give consent. This provides a clear framework for staff to work to, along with
seAp’s Non-Instructed Advocacy Policy which provides guidance on determining if a
person has capacity to agree to their information being shared.

5.9 Advocates must remain respectful of the confidentiality of people who lack capacity to
give consent. They must balance the duty to consult other people with the client’s right
to confidentiality. Any information requested or shared must be proportionate to the
need, and should be shared in an appropriate, secure way, in the same manner as
when working with clients who are able to consent.

5.10 If, when delivering non-instructed advocacy, confidential personal information about a
client (e.g. concerning their medical condition) needs to be discussed, and the client is
unable to give their consent, advocates should only share this with other people who
are appropriate to consult, and where any further information those people may be able
to provide would be helpful and relevant to the specific circumstances and issues
relating to the client’s case. A decision must therefore be taken on whether it is in the
client’s best interests for personal information to be shared.

6. SHARING INFORMATION INTERNALLY

6.1 Information about people is confidential to seAp as an organisation and not to

individuals working in the name of seAp. Information outside of internal meetings or
supervision should only be shared with other seAp workers/advocates if it is
considered essential for the wellbeing of the person concerned.

7. RECORDING INFORMATION

7.1 All manual and electronic information will be held securely and confidentially.
For further detail, please see seAp’s Data Protection Policy, Information Security
Policy, Privacy Policy, Safeguarding Adults Policy and Safeguarding Children
Policy. Homeworkers must also consult the seAp Homeworking Policy.

7.2 At the first contact with a client, a record should be made on the seAp CRM
system that the confidentiality policy and its limits were explained to the client, and
that, with the exception of clients who lack capacity, the client accepted the policy
and consented to work with seAp (see 1.2 above).

7.3 A record should be made on the CRM system of all subsequent reminders to clients
of the confidentiality policy; these should be dated and timed.

7.4 All decisions on whether or not to share information, where the client has not given
consent or is unable to give consent, must be recorded on the seAp CRM system. If
the decision is to share, reasons should be cited including what information has been

Confidentiality Policy v. 6.2 Page 5 of 6 Mar 19

 shared and with whom. If the decision is not to share, the reasons should be
recorded, and it is good practice to discuss these with the person requesting the
information.

7.5 All information received/actions observed which may indicate cause for concern,
including potential breaches of confidentiality, should be recorded in writing by the
member of staff. Detailed reports should be written which include a chronology of
events which are dated and timed, people involved/present, details of the
issue(s)/concern(s); recording of exact wording used by client/other wherever
possible, and actions taken by member of staff. All reports should be signed by the
author.

7.6 Managers should further record all action taken by them from the point at which
they are alerted to a potential concern, issue and/or potential breach of confidentiality
by a member of staff, including steps taken to contact senior manager(s); time of
contacting a senior manager; action agreed to be taken and by whom; and progress
on such action. All records should be dated, timed and signed.

8. RELATED POLICIES
• Advocates Code of Practice
• Data Protection
• Information Security
• Privacy
• Non-Instructed Advocacy
• Safeguarding Adults
• Safeguarding Children
• Whistleblowing

9. REVIEW

It is the intention of seAp that policies and procedures remain current and ‘fit for purpose’ to
reflect changes in legislative, organisational, operational and management arrangements. It is
our intention that this Confidentiality Policy will be reviewed at least every 12 months. If an
employee has any concerns about this policy or wishes to provide feedback on the process,
this can be addressed either through their SCC representative or via e-mail to the Area
Manager or Resources Manager.

10. QUERIES

Employees should address any enquiries relating to this policy to their Line Manager. If a Line
Manager is unable to resolve a query, a response should be sought from the Area Manager.

Confidentiality Policy v. 6.2 Page 6 of 6 Mar 19