News
    Quick Links

Staff at RedbridgeCVS

 

 

 

 

 

Our Funders

Children's Fund

London Borough of Redbridge

Redbridge Primary Care Trust

 
News
Training from RedbridgeCVS
Development work with groups
Children's Network
Training Network
Change Up
Database of community organisations
Compact
Voluntary Sector Network
Links to other sites
 
Investor in People logo
 

RedbridgeCVS Confidentiality Policy

General Statement
RedbridgeCVS recognises that a guarantee of confidentiality in the services it provides is an important factor in determining the level of trust and security its service users hold in the organisation. The purpose of this policy document is to establish a clear and agreed understanding of what confidentiality means within RedbridgeCVS, to encourage uniformity in practice and ensure that service users know what they can expect from the organisation. The term service user refers not only to individuals who use CVS services, but also groups and organisations, which consult RedbridgeCVS and share with it confidential information about their agency. The policy applies to all staff, volunteers, and trustees of RedbridgeCVS and continues to apply after their service or involvement with RedbridgeCVS has ended.

Responsibilities and Arrangements for Confidentiality.

The Board of Trustees
The Board of Trustees as the employer has overall and final responsibility for ensuring that RedbridgeCVS meets its legal responsibilities regarding confidentiality in relation to criminal record checks, the Data Protection Act and any current or subsequent human rights legislation, which guarantees a right of privacy. The Board of Trustees will review the operation of this confidentiality policy annually.

The Chief Officer
The Chief Officer has overall responsibility for ensuring that the confidentiality policy is put into practice. In particular the Chief Executive will ensure that:

  • line managers are aware of their responsibilities to their staff and volunteers
  • arrangements are in place to monitor and implement this policy

General Principles
Information belongs to the person or agency entrusting it to a member of staff or volunteer of RedbridgeCVS. Information remains personal and in the control of the giver. Once received by RedbridgeCVS, it may not be used for any purpose other than that for which it was given; nor may it be passed on to any person or agency outside RedbridgeCVS without the express permission of the giver.

Operational Practice
RedbridgeCVS keeps extensive record systems, using paper files and computers. Where necessary, personal details of CVS Staff and users of a RedbridgeCVS service are recorded in these systems.

  • Each staff member and individual user of RedbridgeCVS services has the right to see any information that RedbridgeCVS keeps on them in paper or computer files and to change that information where it is inaccurate. Confidential information that has been provided by a third party may be removed from a file prior to its examination.
  • RedbridgeCVS will maintain an appropriate level of security, in accordance with the Data Protection Act and this policy, that will adequately protect information about individuals that is held in the systems. Paper files will be kept in a locked area and computer-based files will be password protected.
  • The use of information for reports, monitoring and funding applications will scrupulously avoid any specific detail about service users that might lead to their identification unless they have given their permission for it to be so used. The data provided by RedbridgeCVS should not include information that could easily lead to the identification of service users
  • The purpose of information gathered from organisations which is intended to be made public in a directory, either printed on paper or electronically, must be made clear to those organisations. They must check the accuracy of the information and their consent to its distribution obtained before publication.
  • Constructive liaison with other local agencies is sometimes essential if individuals and groups are to be offered an effective service by RedbridgeCVS. However, users of RedbridgeCVS services must have given their permission before any information that is held by the CVS about them can be passed on to a third party where that information specifically identifies them or might lead to their identification.

Occasions when the policy may be broken
RedbridgeCVS acknowledges that, on rare occasions, it may be necessary to break the basic rules of confidentiality. These may broadly be defined as situations where the safety, rights and liberties of other people or the person giving information may be seriously at risk. Also, legal reports may have to be made regardless of the consent of a service user. In such cases, staff should discuss the matter with their Line Manager and where necessary, the Chief Executive. Decisions that are made, and the reasons for them, must be properly recorded. 3 When confidential information is divulged without consent, except where it might result in more harm to other people, the individual concerned should be informed and an explanation of the action given.

Children and Young People
The confidential nature of work with children and young people is compromised by the need to keep parents and guardians informed of issues which arise during work with their children. Confidentiality may also be broken if a child or young person discloses information which indicates that he/she is or has been sexually, physically or emotionally, abused. Staff should then refer to the procedure set out in the CVS Child Protection Policy. If a worker has any cause for concern about an issue which a child has disclosed or discussed then, in the first instance, the worker should speak to their Manager or if not available, the CVS Chief Executive as soon as possible. The incident and all actions should be meticulously recorded.

Sharing information within the CVS
In order to give the best possible service to users of CVS services, it is sometimes desirable to share information with other colleagues in the CVS. Similarly, it is important that in supervision meetings, staff and volunteers should feel able to talk freely about their experiences. Information given to staff members or volunteers acting on behalf of RedbridgeCVS is, in these circumstance, considered to be given to RedbridgeCVS as an agency rather than to the individual staff member or volunteer. However, it should be absolutely clear to all attending such meetings that they are bound by the agency's rules of confidentiality and that confidential matters must not be discussed outside RedbridgeCVS. Casual or social discussion about service users that is conducted amongst RedbridgeCVS staff and especially outside RedbridgeCVS premises is strictly prohibited.

Access to files
Whilst everyone has right of access to their own files under the Data Protection Act, parents have a right to see their children’s files up to the age of 16, and in some cases 18. Where a young person is over the age of 16 and a 4 parent requests to see their file you will need to ask the young person if they are happy for them to do so. A parent with this right is either the mother or the father if he was married to the mother at the time of the birth or has acquired parental rights through the courts. It should never be assumed that a father automatically has got these rights. After the age of 18 then only the person their self has the right to access their file, or someone who has been nominated by the Court because the person their self lacks capacity.

Data Protection Act
The Data Protection Act 1998 requires organisations to register the information they hold about people, and what they do with it. It is the responsibility of the Information and Development Manager to ensure that this legal requirement is met. RedbridgeCVS recognise that the Data Protection Act now applies not only to computer systems but also to manual (paper) filing systems that are structured by reference to individuals (e.g. in a card index or filing system) and CCTV.

Where information relating to racial or ethnic origin, political opinions, religious or other beliefs, trade union membership, health, sexuality, criminal proceedings and convictions are collected and processed, the individual concerned should give explicit consent, although there are some exceptions under which the information can be collected without explicit consent. A significant exception is where information is being collected for the sole purpose of monitoring aimed at promoting equal opportunities. In such cases RedbridgeCVS will inform the person about the purposes for which information will be used. Information held by RedbridgeCVS will not be used or supplied for the purpose of direct commercial marketing. In the case of directories or similar publications, RedbridgeCVS will seek consent from organisations or individuals before releasing their details into the public domain.

Electronic Information

INTERNAL NETWORK
Each member of staff is responsible for securing (or limiting access to) documents and folders, which can be accessed via the network. On no account should confidential work be stored in shared folders. Personal folders should not be shared and confidential work should be password protected.

INDIVIDUAL WORKSTATIONS
Where possible, workstations which contain sensitive or confidential data should be password protected. Where this is not possible, individual files 5 should be password protected. Staff should not disclose passwords or security details to others except when required to do so by a manager.

INTERNET AND E-MAIL
RedbridgeCVS is aware of the various issues raised in relation to the disclosure of personal information via the Internet and by email.

EMAIL ADDRESSES RedbridgeCVS will not electronically store the email addresses of people making general enquiries. Only regular contacts should be stored in email address books and consent should be sought prior to any group postings. Staff should treat personal email addresses in the same manner as private telephone numbers. Where individuals or organisations subscribe anonymously to email network systems, an acceptance confirmation should be posted to the subscription address. RedbridgeCVS staff should use standard signatures, which refer to confidentiality when posting email externally. Standard signatures are outlined in the RedbridgeCVS ITC policy.

WEBSITE
RedbridgeCVS does not uses “cookies” in order to identify or market to specific users of our internet service. Any online information collected will only be used for statistical analyses as an aggregate. If personal information is sought directly then details of privacy will be published online and will include details of the processing related to the collection, registration, preparation, storage or destruction of that information.

Members of The Board of Trustees and its Sub- Committees
Members of RedbridgeCVS's Board of Trustees and its Sub-Committees include individuals from various backgrounds, some of whom are there in a formal capacity on behalf of other agencies, some of which have statutory duties. Such representatives should normally regard information that they learn as members of a Committee of RedbridgeCVS as confidential to themselves and to the Committee. If, however, as a result of their membership of the Committee, they become aware of information that they feel they cannot ignore as a member of a statutory or other body, they should bring this to the attention of the Committee so that the statutory or other implications can be formally acknowledged.

Agreed by the Board of Trustees of RedbridgeCVS