We previously highlighted the ICO's consultation on draft guidance on transparency in the health and social care sector. In response to feedback from health and social care organisations across the UK, the ICO has updated the guidance:
- to reflect a wider audience, making it clear that the guidance applies to anyone engaging with health and care services and also those who process health and care information;
- by including practical examples of what might be an appropriate and proportionate level of transparency, based on the activities and size of an organisation - e.g. ‘road testing’ a new privacy policy with care home residents;
- by including more and shorter case studies to explain what would be considered good practice;
- by including specific reference to the indirect collection of information, making clear that the transparency requirement still applies and how to approach the delivery of this information;
- by explaining layering to assist people in using this process to provide privacy and transparency information;
- by including a new glossary to explain the technical language used throughout the guidance;
- by providing further detail about the potential types of harm to both individuals and wider society so that readers can more easily identify harm arising from a lack of transparency; and
- by including alternative forms of transparency information as a means to demonstrate openness and honesty.
The newly published guidance should be considered by anyone who delivers a health or social care service or uses health and social care information. The guidance says what organisations must, should and could do to comply with data protection legislation.
If you have worked through the transparency checklist and would like support with implementing any parts of the guidance, contact Emma Watt who would be happy to discuss your information governance strategy.