Disclaimer: These notes are for guidance only. We cannot be held responsible for any action taken as a direct result of information contained herewith. we would always recommend that expert legal advice is sought. Please see our introduction page for more information.

Checklist

1. What kind of information or data is to be shared? Is this data confidential? Is it simple statistics or aggregated data that is anonymous and therefore can usually be disclosed or is it personal or sensitive personal data that requires consideration under the Data Protection Principles?
2. When the data in question was obtained, for what purposes was the data subject advised it would be used for? Is it proposed to use it for alternative purposes and if so has new consent been obtained?

3. Has the organisation a standard format for advising patients/clients what their personal data will be used for?

4. Has the data subject given consent to this instance of sharing of his personal data or express consent in the case of sensitive personal data?

5. Is the data subject considered to be competent to give or withhold that consent?

6. If the data subject is not felt to have capacity to decide on giving consent to that particular disclosure has the health team considered agreeing to disclosure in the patient’s best interests?

7. If personal information is to be shared, has one of the conditions in Schedule 2 being met?

8. If sensitive personal information is to be shared, have one of the conditions in Schedule 2 and one in Schedule 3 been met?

9. If confidential information is to be disclosed, is the common law of confidentiality satisfied?

   Schedule 2 Conditions

   Schedule 3 Conditions

   + Consent of the data subject + Necessary for the performance of a contract with the data subject + Legal obligation + To protect vital interests of the data subject + To carry out public functions, in the public interest + To pursue legitimate interests of the controller unless prejudicial to interests of the data subject

   + Explicit consent of the data subject + To comply with employers legal duty + To protect vital interests of data subject or another person + Carried out by certain non-profit bodies + The information has been made public by the data subject + In legal proceedings + Exercising legal rights + To carry out public functions + For medical purposes + For equal opportunities monitoring + As specified by order

10. If consent has not been given, are there any reasons why disclosure should proceed anyway i.e.:

    + The interests of national security
    + Public safety or the economic well-being of the country
    + For the prevention of disorder or crime
    + For the protection of health or morals or
    + For the protection of the rights and freedoms of others

11. Is the organisation/individual legally empowered to disclose the information being sought?

12. If sensitive and personal information is being disclosed without explicit consent, is this being kept to the minimum required for the purposes the information is being shared?

13. If confidential information is involved and the patient has not consented is there a legal obligation or overriding public interest to disclose?

14. Where there are no good reasons for not informing the data subject that sensitive personal information is being disclosed on him/her, has every effort been taken to obtain the data subjects consent prior to disclosure.

15. If a member of staff covered by a code of professional standards is considering breaching patient/client confidentiality, have they considered the professional implications as well as the legal ones? Have they sought advice from a senior colleague and/or their professional body?

16. Have the reasons for disclosure of sensitive personal information (or for non-disclosure) being clearly recorded in the appropriate record? Does this include what was and was not disclosed?

Model Data Sharing Protocol for Depersonalised, Personal and Sensitive Personal information

1. Anonymised or de-personalised data

1. We accept that anonymised data is useful for uni or multi-agency planning purposes, as management teams and consultants do not require personal data. Depersonalised data is excellent for profiling local areas, and in calculating the scale, scope and cost of proposed plans.
2. We understand that depersonalised data encompasses any information that does not and cannot be used to establish the identity of a living individual and has had all personal identifiers removed. This may not be the case with coded or pseudo-anonymised data which could possibly be cross referenced by the encoder and where the principles surrounding sharing of personal or sensitive or confidential personal information may still need to be applied.
3. We accept there are no legal restrictions on the exchange within this Protocol of depersonalised data, although a duty of confidence may apply in certain situations, or a copyright, contractual or other legal restriction may prevent the information being disclosed to partners.
4. We appreciate that if several sets of depersonalised data were merged or compared to each other, there is a risk that an individual could be identified. Although we believe this to be unlikely, we will always hold depersonalised data securely and destroy it, when no longer required.
5. It is good practice where possible to give subjects information about how anonymised data about them may be used (particularly for sample healthcare patients.)
6. We undertake to share depersonalised data with our partners within the constraints listed above.

2. Personal data

1. We understand that personal data relates to a living individual who can be identified from the data, or from the data and other information, which is in the possession of, or is likely to come into the possession of, the data controller. We undertake to formally record all grounds for disclosure of personal or sensitive information. We will process information fairly and objectively for each case. We agree that we will only disclose sufficient information to enable our partners to carry out the relevant purpose for which the data is intended. This we will determine on a case-by-case basis.
2. Personal information will only be shared in a particular case when we, as the disclosing partner, are satisfied that; i) We are legally empowered to do so. ii) We are complying with at least one condition of schedule 2 of the Data Protection Act 1998, when processing personal data iii) The proposed disclosure of personal information can be done in accordance with the principles of the Data Protection Act 1998; iv) We can disclose personal information reflecting the Common Law of Confidentiality and the principles of the Human Rights Act 1998.
3. Section 115 of the Crime and Disorder Act 1998 provides us with lawful power for disclosure where this is for the purpose of implementing the provisions of the Act. However, although the Act creates a situation where the disclosure of information may be lawful, it does not impose an obligation to do so, and the presumption of confidentiality will still apply.
4. We will only disclose personal data relating to a patient, suspect or offender with the consent of the data subject, (unless there is an overriding public interest in disclosure). This will be to [name staff or posts in receiving organisation] to enable them to carry out their duties in the exercise of a public function. Practitioners who are bound to be registered with the Nursing and Midwifery Council, the General Teaching Council, the General Social Work Council, the General Medical Council, the Health Professions Council and other professional bodies are expected to take into account the guidance on confidentiality by their regulatory organisations.
5. We can also disclose on a case by case basis provided there is a lawful basis for disclosure, where there is a substantial chance that one of the following purposes would be prejudiced
   i) to prevent or detect serious crime
   ii) to apprehend or prosecute offenders
6. When disclosure is required, we agree to ensure that:
   i) the information is being processed lawfully: the information is being processed fairly
   ii) the public interest is of sufficient weight to over-ride the presumption of confidentiality and to justify any interference with the right to privacy etc. in Article 8 of the European Convention of Human Rights
   iii) disclosure is necessary to support action under the Crime and Disorder Act
   iv) any disclosure has regard to specific statutory restrictions on disclosure.
7. We understand the Public Interest criteria, to include:
   i) the administration of justice
   ii) maintaining public safety
   iii) the apprehension of offenders
   iv) the prevention of crime and disorder
   v) the detection of crime
   vi) the protection of vulnerable members of the community.
   However, DCA legal guidance emphasises that "the more sensitive and damaging the information, the stronger the public interest in disclosure will need to be".
8. NON-DISCLOSURE EXEMPTIONS: We agree any request for information by a partner must specify as clearly as possible, how disclosure of the information would be in the public interest. It must also be stated what the effects would be if the information was not disclosed without this information.
9. HUMAN RIGHTS ACT 1998: Article 8 of the Human Rights Act 1998 states that everyone has the right to respect for his private and family life, home, and his correspondence and that there shall be no interference by a public authority with this right except as in accordance with the law and is necessary in a democratic society in the interests of:
   i) National Security
   ii) Public Safety
   iii) Economic well being of the country
   iv) The prevention of crime and disorder
   v) The protection of health or morals
   vi) The protection of the rights or freedoms of others
10. PROPORTIONALITY: If the disclosure of information will in some way restrict the rights of the data subject, we will consider the rule of proportionality. This is to ensure that a fair balance must be achieved between the protection of the individual’s rights, with the general interests of society.
11. CONFIDENTIALITY: We undertake that information will only be used for the purpose for which it was requested, and will securely store it and destroy it when no longer required. We understand that outside agencies wishing to be part of the information sharing process, will upon signing this protocol, be bound to comply with its terms.
12. We undertake to share personal data with our partners within the constraints outlined above.

3. Sensitive Personal Data

1. We understand that sensitive personal data relates to:
   + the racial or ethnic origin of the data subject,
   + his political opinions,
   + his religious beliefs or other beliefs of a similar nature,
   + whether he is a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992),
   + his physical or mental health or condition,
   + his sexual life,
   + the commission or alleged commission by him of any offence, or
   any proceedings for any offence committed or alleged to have been committed by him, the disposal of such proceedings or the sentence of any court in such proceedings.
2. This includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual. This data will be clearly marked as sensitive personal data and kept securely within a pass-worded computer system or otherwise physically secure with appropriate levels of staff access. We undertake to destroy all personal and sensitive information when no longer required for the purpose for which it was provided
3. We undertake that where we process the above sensitive personal data, we will need to satisfy a condition in both schedule 2 and schedule 3 of the Data Protection Act 1998 and where confidential information is involved, the common law.
4. CONSENT: Where appropriate and possible, explicit consent should be obtained from the data subject for the disclosure to take place, in accordance with the Data Protection Act 1998. This consent must be freely given and obtained free from any form of duress, threat or fraud and fully informed.
5. For any purposes expedient to the provisions of that Act participants in this Information Sharing Protocol participants may process sensitive personal information lawfully using section 115 of the Crime and Disorder Act 1998. However, participants need to be aware of other legal obligations under other Acts and guidance.
6. If we must disclose sensitive data held under a duty of confidence, we will consider whether we can obtain the data subject's consent. If we cannot, then we must consider the grounds on which we can over-ride the consent issue. We will still be able to disclose sensitive information if this is in the defined category of public interest.
7. PUBLIC INTEREST: We must decide after consent has been refused, withheld or cannot be obtained in the time available, if there is an over-riding public interest to justify the disclosure. We agree to consider the following:
   i. Is the intended disclosure proportionate to the intended aim?
   ii. What is the vulnerability of those who are at risk?
   iii. What is the impact of disclosure likely to be on the offender/patient?
   iv. Is there another equally effective means of achieving the same aim?
   v. Is the disclosure necessary to prevent or detect crime and uphold the rights and freedoms of the public? Is serious crime involved?
   vi. What is the impact on other people of not disclosing e.g. will anyone be harmed? Is there any impact on vulnerable people? If so what?
8. Any disclosure of any information by the partner should be restricted to the minimum necessary to achieve the purpose.
9. We will share sensitive personal information with partners within the constraints listed above.