03.3   Confidentiality

In the course of performing my duties, I am privy to confidential information concerning, residents private affairs. In processing personal data in connection with the service users and other employees, I comply with the UK Data Protection Act 1998, which implements within the UK the requirements of the EC Data Directive [EC/95/46]
The basic requirement is that the processing, both automated and manual, shall comply with the following data protection principles which require that personal data shall:
- B e processed fairly and lawfully.
- Be obtained only for specified and lawful purposes, and not to be processed in any incompatible manner
- Be accurate, and where necessary, kept up to date.
- Be adequate, relevant and not excessive
- Not to be kept longer than necessary.
- Shall be processed in accordance with the rights of Data Subjects.
- Be protected by appropriate security measures.
- Not to be transferred outside the EEA unless adequate level of data protection exist.

In performing my duties, i ensure that service users confidential information are not disclosed to any unauthorised third party without the express consent of the service user, or if the service user is unable to judge, the service user immediate family or advocate.
Also I do not sought out from the service user unless expressly in the interests of that service user, i.e. to enable a better Care Plan to be developed.
The service user is kept informed at all times of the outcome of confidential discussions concerning them.

Also, I ensure all service users and staff confidential information are kept safe. Information held on the computer is password controlled, only designated senior members of staff are allowed access. Any information transferred to a disc is held in a locked cabinet.
Written employment information is filed in a locked cabinet in the office, I and my manager are the only staff allowed access to this information. However, senior members...