Unit of comp 2- professional conduct Flashcards
What do you need to do?
Comp 2.1.2
Includes all anonymised patient episodes presented at the visit. They must all have
‘vcg’ recorded.
What is the purpose of the Data Protection Act (1998)?
2.12
o This act was designed to store and protect personal data on computers + manual records
o It allows individuals to legally control information about themselves.
o This act is defined using 8 principles
The DPA (1998) is defined by 8 principles- what are they?
2.1.2
Data must be obtained
1. obtained and processed fairly, lawfully.
2. processed for specific use
3.** adequate, relevant** and not excessive.
4. accurate and up-to-date.
5. **not kept for longer **than necessary.
6. processed in line with the individual’s rights.
7. secure.
8. not transferred to other countries without adequate protection.
What is the purpose of GDPR ? (2016)
(General data protection regulations)
2.12
to prevent patients’ details from being shared, viewed or accessed by
unauthorised personnel.
How do I maintain confidentiality in practice?
2.1.2
o Inform patient how their data will be used and obtain consent.
o Never leave patient details lying around.
o Verify patient name, D.O.B and address.
o Patient can request for test records (SAR) – this is done by the specialist data protection legal team
and can take up to 30days.
o Prescription requests must be done in store.
o Patients can request for data to be erased completely – can delete patient account via consent
app but clinical and financial records cannot be deleted due to legislation.
o Duty of confidentiality is absolute but can be breached if risk of injury or death.
Individuals can put in a ‘subject access request’ (SNR). What will happen?
an optical practice must respond to
by telling the individual whether you are processing that personal data and provide them with it free
of charge
■ In specsavers this is done via the GDPR question asked when someone comes for an
appointment and also by providing them their prescription
What is the retention period for patient records?
2.1.2
■ Should be kept for minimum 10 years after sight test (Coo)
■ AOP says adult records - 12 years after finished treatment or after a patient has died
■ NHS says 10 years after treatment or death
■ Children records should be kept until 25th birthday or 26th if record made when 17 years
old
Why is the retention period so long?
2.1.2
● Claims of negligence - up to 3 years from time patient made aware of injury
● Personal injury of child - have up to 3years from turning 18years old to claim
What do you do if a patient refuses consent to use their record?
2.1.2
You should not state consent was obtained and this record must not be shown to your examiner/used for exams.
What do you do if another practice calls requesting for a copy of a patient’s prescription?
2.1.2
You should ask to speak to the patient and obtain their consent. 1. Confirm their details 2.
Write consent obtained when prescription is forwarded.
What would you do if a patient refuses to give consent to keep any record of the sight test
you were about to conduct?
2.1.2
You would let them know that legally you cannot carry out the sight test as without keeping records you cannot protect yourself or the company from any legal allegation.
