L05: Standards, Consent & Confidentiality
Cards (49)
- General Pharmaceutical Council (GPhC)Regulates the pharmacy profession
- GPhC
- Registers and publicly lists pharmacy professionals (pharmacists and pharmacy technicians) and pharmacies
- Codes of practice 'standards' are not legislation but support pharmacy professionals to comply with legislation
- If pharmacy professionals don't reach standards, they are likely to breach legislation
- If pharmacy professionals are found to have breached legislation and not followed the relevant code, they are highly likely to be found guilty of a criminal offence
- GPhC standards are for
- Registered pharmacies
- Pharmacy professionals
- 5 principles of GPhC standards for registered pharmacies
- Governance - procedures and measures put in place to safeguard and wellbeing of patient and public
- Empowered and competent staff
- Environment and premises
- Delivery of pharmacy services
- Equipment and facilities
- Privacy concernsRelates to people (e.g. a private room when being examined)
- Confidentiality concernsRelates to information (e.g. who has access to personal health information)
- DignityThe right of a person to be treated with respect
- Standards for Pharmacy Professionals (GPhC 2017)
- Provide person-centred care
- Work in partnership with others
- Communicate effectively
- Maintain, develop & use their professional knowledge & skills
- Use their professional judgement
- Behave in a professional manner
- Respect & maintain a person's confidentiality & privacy
- Speak up when they have concerns or when things go wrong
- Demonstrate leadership
- The standards for pharmacy professionals are relevant to all pharmacy students
- Standard 7 - Respect & maintain a person's confidentiality & privacy
- Manage information responsibly & securely
- Maintaining a person's privacy & respecting confidentiality helps to maintain a person's dignity & builds trust
- Standard 6 - Professional behaviourTreat people with respect & safeguard their dignity
- Assessing the environment1. Can you be overheard by people not involved in a person's care?2. Can you be seen by people not involved in a person's care?
- ConfidentialityRelates to information
- PrivacyRelates to people
- Pseudonymised dataPseudonyms (e.g., a hospital number, NHS number, student ID number) used to protect data = personal data as the individual can still be identified (re-identified when combined with other information)
- Anonymous data
- Cannot identify or re-identify an individual when combined with other information
- Truly anonymised information is NOT personal data
- All information that you gain about a person during the course of your practice is confidential
- Confidentiality continues to apply after a person's death
- Common law duty of confidentiality
- When a patient/service user shares information in confidence it must not be disclosed without some form of legal authority or justification
- In practice, this means information cannot be disclosed without that person's consent
- Without confidentiality, the trust & effectiveness of services is lost
- Common lawDetermined by case law
- Statutory lawDetermined by Acts of Parliament
- Two types of consent
- Explicit 'express' consent
- Implied consent
- Explicit 'express' consent
- May be spoken or written
- When a person gives you explicit permission to do something
- Implied consent
- When consent is indicated indirectly (e.g., by a person's actions)
- Where the circumstances would lead a reasonable person to believe that the person was consenting (e.g., a person bringing a prescription into a pharmacy to be dispensed)
- Valid consent
- Have capacity – must be able to understand & use the information provided to make a decision
- Be acting voluntarily – not under undue pressure
- Informed decision – have sufficient information (risks, benefits, alternatives, consequences of not consenting)
- Opportunity to ask questions
- Ongoing process – consent needed on each occasion - people may change their mind & can withdraw consent at any time
- Mental Capacity Act 2005 (England & Wales)"A person lacks capacity if at the time the decision needs to be made, they are unable to make or communicate the decision, because of an impairment or disturbance that affects the way their mind or brain works"
- Assessing capacity1. Understand the information2. Remember the information3. Use & weigh up the information4. Communicate their decision (by any means)
- Capacity may change & can be affected by other factors (e.g., fatigue, alcohol, drugs, panic)
- Assessments & outcomes of capacity must be recorded
- Adults with capacity
- Can refuse to consent
- Consequences of refusal must be explained (non-judgmentally, without undue pressure)
- Detailed records kept
- Adults without capacity
- Work with people close to the person
- Mental Capacity Act 2005 & associated codes of practice set out who can make decisions on a person's behalf
- Young people (16-17 years)
- Capacity depends on ability to understand
- Young people presumed to have capacity (unless evidence otherwise)
- As with anyone, still need to assess capacity
- Encourage them to involve parents, but respect confidentiality
- Children (under 16 years)
- Capacity depends on ability to understand
- Children are NOT presumed to have capacity
- Children without capacity consent required from person with parental responsibility
- Advance decisionsPeople with capacity, who understand the implications of their choices can say in advance how they want to be treated if the later lose capacity and this may be superseded
- Emergencies
- Urgent treatment where capacity cannot be assessed & consent not obtained
- Act in the person's best interests
- Provide treatment if needed to save life or prevent deterioration (unless an advance decision is known)
- UK General Data Protection Regulation (UK GDPR) & Data Protection Act 2018
- Legal framework for data protection
- Everyone is responsible for protecting personal data
- Regulated & enforced by the Information Commissioner's Office (ICO)
- Types of data
- Personal – anything relating to a living person who can be identified by that data
- Special category – potentially 'sensitive' e.g., political opinions, religious beliefs, genetic information
- Confidential – all information collected for provision of health & social care services where people can be identified
- GDPR & Data Protection Act no longer applies to identifiable data that relate to a person once they have died. However, any duty of confidence established before death extends beyond death
- 7 key principles of personal data processing
- Processed fairly & lawfully & transparently
- Purpose limitation - collected for specific purposes
- Data minimisation - adequate, relevant & limited to that necessary
- Accuracy - accurate & up-to-date, erased if inaccurate
- Storage - kept in a form which permits identification for no longer than is necessary
- Security, integrity & confidentially - processed on a need-to-know basis
- Accountability – a data controller must be appointed & responsible and able to demonstrate compliance
- NHS Trusts must have a Data Protection Officer (DPO) who monitors compliance with Data protection law and they work closely with the Caldicott Guardian