Active discussions

Meet the Other Phone. Only the apps you allow.

Meet the Other Phone.
Only the apps you allow.

Buy now

Please or to access all these features

Talk
Work

Chat with other users about all things related to working life on our Work forum.

Original poster

Confidentiality / GDPR questions

11 replies

AXCS · 19/04/2023 19:15

Hi
I have a band 3 admin interview coming up for the nhs and I have a feeling there will be a question about confidentiality and/or GDPR. How would you best answer a question like this?

also any other questions you think will prjsblt be asked please feel free to share!

thanks in advance

OP posts:
Foreversearch · 20/04/2023 00:45

@It depends on the question. Just remember “data” can mean a lot of things and should only be “processed” (used) for the intended purpose it was collected for. Sharing is a big no no unless set out in privacy policy e.g. HR system to payroll system.

carriedout · 20/04/2023 00:49

Also paper records, notes, letters are covered by gdpr rules, it is not just electronic data.

Original poster
AXCS · 20/04/2023 05:03

Thank you 🙂

OP posts:
Lou573 · 20/04/2023 05:43

If you Google I'm sure there'll be a useful overview of the principles behind it which would be good to know, but a key principle is consent. Unless there's a legitimate interest you should process (which means doing anything, including reading on a screen) someone's data without their consent.

Original poster
AXCS · 21/04/2023 06:23

Thanks all

OP posts:
FatAgainItsLettuceTime · 21/04/2023 07:00

Be sure to say that you'll follow the NHS policy and ask for guidance if you are ever unsure.

GDPR is all about Personal Data - anything that can identify an individual. So Name, address, email address etc are the obvious ones.

Within the context of your job you will also have access to special category/sensitive personal data - medical history, sexuality, ethnicity.

The general principles are:

  • that you should only do with that data what you have permission to do
  • you should only share that data with people who have authority to have it
  • people have the right to request to see/have amended their own data but there will be an NHS process that they will need to follow to invoke that right
  • if you ever think that data has been compromised - left where it shouldn't have been, given to someone it shouldnt have been.... you need to report it as a potential breach. You would follow the NHS process to do that
chocolateisavegetable · 21/04/2023 07:06

They may want to know that you understand things like locking your computer before leaving your desk, not leaving forms on your desk that have personal information etc. as well

DustyLee123 · 21/04/2023 07:09

Read up about Caldicott guidelines. It’s basically about only giving the basic information needed, and to someone who has the right to that information.
Every hospital will have a Caldicott guardian, to manage it.

Original poster
AXCS · 22/04/2023 08:08

Thanks all - I had the interview and I got the job :) confidentiality did come up so thanks for the refresher!!

OP posts:
Foreversearch · 22/04/2023 09:42

Congratulations.

lidlbrownjug · 22/04/2023 09:45

Lou573 · 20/04/2023 05:43

If you Google I'm sure there'll be a useful overview of the principles behind it which would be good to know, but a key principle is consent. Unless there's a legitimate interest you should process (which means doing anything, including reading on a screen) someone's data without their consent.

This is wrong.

You must have a lawful basis for processing. There are 6. If you are processing special category data (eg data relating to health) you need a lawful basis plus an additional condition for processing.

New posts on this thread. Refresh page
Swipe left for the next trending thread