Unit 4222 Good Practice

318 Words2 Pages
Unit 4222-307 There are numerous acts of legislation and codes of practice that relate to the handling of information in health and social care, theses included the following: * The data protection act 1998 * The Health and Social Care Act 2008 * Freedom of Information Act 2000 * Your employers' Policies & Procedures The main points of the legal requirements and codes of practice for handling information in health and social care included: The data protection contains 8 principles: Personal data must be: * Processed fairly and lawfully. * Processed only for one or more specified and lawful purpose. * Adequate, relevant and not excessive for those purposes. * Accurate and kept up to date - data subjects have the right to have inaccurate personal data corrected or destroyed if the personal information is inaccurate to any matter of fact. * Kept for no longer than is necessary for the purposes it is being processed. * Processed in line with the rights of individuals - this includes the right to be informed of all the information held about them, to prevent processing of their personal information for marketing purposes, and to compensation if they can prove they have been damaged by a data controller's non-compliance with the Act. * Secured against accidental loss, destruction or damage and against unauthorised or unlawful processing - this applies to you even if your business uses a third party to process personal information on your behalf. * Not transferred to countries outside the European Economic Area - the EU plus Norway, Iceland and Liechtenstein - that does not have adequate protection for individuals' personal information, unless a condition from Schedule four of the Act can be met. There are a number of features of manual and electronic information storage systems that help ensure security, theses
Open Document