Duty of Confidentiality
General Practices should also note that they should ensure they meet their obligations under the common law Duty of Confidentiality as owed, for example, by doctors to patients. The General Medical Council UK ("GMC") advise that "Doctors are under both ethical and legal duties to protect patients' personal information from improper disclosure. But appropriate information sharing is an essential part of the provision of safe and effective care. Patients may be put at risk if those who are providing their care do not have access to relevant, accurate and up-to-date information about them."
The GMC publish further information on this topic in their guidance at Confidentiality: good practice in handling patient information. There is also detailed information available in the Manual for Caldicott Guardians.
The multi-agency approach to ASP means that, where it is lawful and ethical to do so, the appropriate information should be shared between relevant agencies to ensure that support and protection that is right for the individual can be provided. A case by case approach should be taken to identify the lawful basis to be relied upon in terms of UK GDPR. Given the inherent power imbalance, the ICO has advised that it may be difficult to demonstrate that consent was freely given to a public authority.
GPs should take a proportionate approach to make balanced decisions about whether to share information without consent. However, having decided to refer it is best practice to advise the patient of this unless you feel it will increase the risk of harm to them or others.
It is also highly recommended that General Practices should be represented on Adult Protection Committees (APCs) or, where this is not possible, committees should ensure that there are clear lines of communication established with local GPs. GP participation is invaluable when developing or refining local adult protection policy, procedure and strategy. APCs can act as a further source of guidance in terms of local frameworks and protocols for information sharing, and thus working with your local APC is highly recommended, ensuring you are aware of protocols before you may need to use them.
There is a problem
Thanks for your feedback