Earlier this week, Dame Fiona Caldicott published the outcomes from a public consultation that she ran to seek views on her intention to revise the existing seven Caldicott Principles.
The consultation response resulted in an expanded and revised set of eight Caldicott Principles, as well as a commitment to issue guidance about Caldicott Guardians in 2021.
WHY IT MATTERS
First introduced in 1997, the Caldicott Principles are guidelines applied across the field of health and social care information governance to ensure that people’s data is kept safe and used ethically.
Commissioned by the Chief Medical Officer of England, the focus of the report was to review how patient information is used in the NHS.
The revised principle’s purpose is to ensure that patient and service user expectations must be considered and informed when confidential information is used, to guarantee ‘no surprises’ about the handling or sharing of their confidential information.
Following feedback from the consultation, the new, eighth principle is: ‘Inform patients and service users about how their confidential information is used.’
“A range of steps should be taken to ensure no surprises for patients and service users, so they can have clear expectations about how and why their confidential information is used, and what choices they have about this. These steps will vary depending on the use: as a minimum, this should include providing accessible, relevant and appropriate information – in some cases, greater engagement will be required,” the review reads.
The consultation response also confirms the NDG’s intention to issue guidance using her statutory powers in 2021 about the appointment of Caldicott Guardians for all public bodies within the health and social care sector in England.
THE LARGER CONTEXT
Dame Caldicott was appointed the first national data guardian (NDG) in 2014. In 2019, she was appointed as the first statutory NDG for health and social care, nearly five years after the role was created.
Following her second review of information governance, she introduced a seventh principle in April 2013.
In August 2020, the UK government announced it was in a search of a new healthcare data guardian to replace Dame Caldicott, and to be chosen by a panel including NHSX chief Matthew Gould and deputy director of data and information governance policy, Simon Madden.
ON THE RECORD
In an accompanying blog, Dame Caldicott said: “There has been much change since the role was first established, and we wanted to obtain a clear understanding of people’s current views on its value. In particular, the introduction of additional information governance (IG) roles into health and care settings, such as data protection officers (DPOs) and senior information risk owners (SIROs) has changed the landscape.
“Considering this, we wanted to ‘test the temperature’: did people on the ground still feel the role was as helpful? And did people feel that patients and service users across a broader range of settings would benefit from the services of Caldicott Guardians?
“What we heard was a resounding ‘yes’. This reinforced my firm belief that where health and care data is being used, Caldicott Guardians can bring something nuanced and very specific to discussions and decision-making. Their deep understanding of how health and care data is different to other data (in many cases because they are clinicians and care providers themselves) positions them as knowledgeable advocates for patients.”