NHSScotland Caldicott Guardians: Principles into Practice

Foundation manual for NHS Scotland Cadicott Guardians

2. Who should be the Caldicott Guardian?

The Caldicott Guardian will be in priority order:

  • an existing member of the management board of the organisation
  • a senior health professional
  • an individual with responsibility for promoting clinical governance within the organisation

Please see: NHS Scotland Information Governance Standard 7.001

2.1 It is particularly important that the Guardian has the seniority and authority to exercise the necessary influence on policy and strategic planning and carry the confidence of his or her colleagues.

All GP or Dental Practices, Opticians and Pharmacists must meet their information governance obligations. The Medical Director of the aforementioned may take up the role of Caldicott Guardian. All patients have a right to expect that information relating to them will be properly created and managed; that it will be handled in confidence and that patient-identifiable information will only be shared with those whose justification for receiving such information has been rigorously tested

2.2 Responsibility for ensuring that patient-identifiable information remains confidential is both an organisational and individual one. It is the responsibility of the Caldicott Guardian to facilitate understanding and awareness of that responsibility and to ensure that all such activities within an organisation are lawful.

Please see: NHS Scotland Information Governance Standards - 7.005

2.3 The specialist area of Information Governance is an integral part of activity within the NHS. It is here that most of the day-to-day actions governed by expectations of confidentiality and the protection of patient-identifiable information take place and here that responsibility usually lies for the appropriate polices and procedures which should operate throughout the NHS body. Each organisation must put in place an Information Governance Strategy and supporting policies which will enable the organisation to meet its legislative requirements and ensure operational and management information is timely, robust and reliable.

Back to top