Volunteer Confidentiality Policy

Document Status

This is a controlled document. Whilst this document may be printed, the electronic version stored within the organisational network is the controlled copy. Printed copies are available to all staff and volunteers of the LGBT Foundation and are stored in accordance with the Data Protection Act (1998).

Introduction

The purpose of this document is to provide guidance to all LGBT Foundation staff and volunteers on Confidentiality. This is an evolving document because the standards and practice covered continue to change.

This policy is based on good practice guidance outlined by the Health and Social Care Information Centre (HSCIC) and associated legislation. It details both statutory requirements and good practice on how to manage confidential information within the working environment.

LGBT Foundation is committed to the delivery of a first class confidential service. This means ensuring that all client information is processed fairly, lawfully and as transparently as possible so that the public:

• understand the reasons for processing personal information; 

• give their consent for the disclosure and use of their personal information; 

• gain trust in the way LGBT Foundation handles information and; 

• understand their rights to access information held about them.

Glossary of Terms

Breaking Confidentiality

This is when confidential information is intentionally shared with a third party, in line with LGBT policies and procedures (such as Child Protection Policy). Third parties may include the emergency services, Social Services and GPs. 

Confidential Within the System

In some circumstances, LGBT Foundation staff and volunteers will need to share confidential information with colleagues or external supervisors (who are bound by ethical and confidentiality codes of practice) as part of their practice. This may be in individual or group supervision, or when there are concerns or questions about a client or their situation. For example, a staff member may share concerns with their line manager if a client they are working with is at low to medium risk of harming themselves. Sharing this information ‘within the system’ ensures the client’s information remains confidential and assists LGBT Foundation in the effective management and safeguarding of the client. 

Client Identifiable Information

Key identifiable information includes: 

• client’s name, address, full post code, date of birth; 

• pictures, photographs, videos, audio-tapes or other images of clients; 

• NHS number;

• anything else that may be used to identify a client directly or indirectly. For example, distinguishable features, rare diseases, or statistical analyses which have very small numbers within a small population may allow individuals to be identified.

Anonymised Information

This is information which does not identify an individual directly, and which cannot reasonably be used to determine identity. Anonymisation requires the removal of name, address, full post code and any other detail or combination of details that might support identification.

Pseudonymised Information

This is like anonymised information in that in the possession of the holder it cannot reasonably be used by the holder to identify an individual. However it differs in that the original provider of the information may retain a means of identifying individuals. This will often be achieved by attaching codes or other unique references to information so that the data will only be identifiable to those who have access to the key or index, for example the LGBT Foundation client code. Pseudonymisation allows information about the same individual to be linked in a way that true anonymisation does not.

Explicit or Expressed Consent

This means articulated client agreement. The terms are interchangeable and relate to a clear and voluntary indication of preference or choice, usually given orally or in writing and freely given in circumstances where the available options and the consequences have been made clear. For example, when the Confidentiality Statement is provided verbally and/or a client signs the Client Agreement.

Freedom of Information

This refers to the right to request, in writing, information from public authorities/organisations. It is intended to promote a culture of openness and accountability amongst public and third sector bodies, and therefore facilitate better public understanding of how duties are carried out, why they make the decisions they do, and how they spend public money.

Implied Consent

This means client agreement that has been signalled by behaviour of an informed client.

Disclosure

The sharing of information that could be deemed as sensitive and confidential. For example, service user may disclosesomething to someone on our Helpline. 

Public Interest

Exceptional circumstances that justify overruling the right of an individual to confidentiality in order to serve a broader societal interest. Decisions about the public interest are complex and must take account of both the potential harm that disclosure may cause and the interest of society in the continued provision of confidential services.

Serious Harm

Harm that could lead to:

Potentially life-threatening injury. Or;

Serious and/or likely long-term impairment of physical or mental health or physical, intellectual, emotional or behavioural functioning.

Information Governance

A set of guidelines that set out what is required to ensure that fair and equal access to information can be provided and is supported by a range of procedure.

Policy Statement

This document outlines the circumstances in which information must remain confidential and when disclosure of information is allowed.Where the word confidentiality is used it means “Confidential within the system”. LGBT Foundation does not guarantee staff, volunteers or service users absolute confidentiality, as it may be necessary to pass information on to other LGBT Foundation staff or third parties (for example, if the person poses an risk to themselves or others) in order to take appropriate action or seek advice on decisions. 

All information is treated in accordance with principles of the Data Protection Act 1998. For information on the organisational policy and protocol of Information Sharing, please reference the Information Sharing Policy. 

Scope

This policy applies to all staff and volunteers.Each staff member or volunteer is responsible for providing LGBT Foundation with such information as is necessary for the organisation to fulfil it’s purpose as well as for complying with reasonable requests for information, i.e. timesheets, performance management etc.You should ensure that you understand this policy, in particular for understanding the glossary of terms so that you understand the information and practice guidelines outlined in this document. 

In particular, staff and volunteers must understand the concept of information being “confidential within the system” before you disclose sensitive information.You are responsible for the disciplinary consequences that may accrue to you if you:

• withhold essential information;
• deliberately fail to disclose information that may put individuals or the public at risk of serious harm, or have a significant negative impact on the LGBT Foundation; and
• breach this policy.

Roles and Responsibilities

When applying this policy, it is the responsibility of the staff member or volunteer to identify the appropriate course of action.Support and advice can be sought from their line manager or a more senior member of staff where the appropriate course of action is still unclear.

It is also the responsibility of the staff member or volunteer to refer to and apply other relevant policies, should the circumstances warrant it (for example, Child Protection).

If a volunteer or member of staff has a duty of confidentiality, it means that they must not disclose any client identifiable information unless:

• breaking of confidentiality, which must be made in line with this or another policy (for example, Safeguarding Policy);
• if the case is being discussed in supervision; or 
• with another member of LGBT Foundation staff in order to seek advice or guidance; and
• the use of client identifiable information is necessary to the discussion. 

Situations where a disclosure may be made under safeguarding or other legislation, under which there may be a duty to disclose information in certain circumstances, are:

• If we are concerned about the safety of a child (someone under the age of 18, they may or may not be a service user of LGBT Foundation);
• If we are concerned about the safety of a vulnerable adult (A person aged 18+ whose physical or mental condition makes them particularly vulnerable. They may or not be a service user of LGBT Foundation);
• The client is acting, or likely to act, in a way that could cause serious harm to themselves, or put others at risk of serious harm;
• There is the possibility of serious risk to a particular person or persons, or to the public in general;
• Information relating to an act of terrorism or money laundering is disclosed.

If a service user shares information which leads the staff member or volunteer to believe that they may need to make a disclosure, we will always endeavour to inform the service user, unless:

• Doing so may increase the risk to the individual;
• Doing so may increase the risk to others or the public;
• The staff member/volunteer feels unsafe to do so.

Talking Therapies

All staff members and volunteers providing talking therapies must subscribe a Code of Ethics as defined by either: the British Association of Counselling and Psychotherapy (BACP), British Association of Behavioural Cognitive Psychotherapies (BABCP) or the UK charter for Psychotherapists (UKCP) or other recognised professional body. Confidentiality within the therapeutic relationship is essential, but not absolute.Prospective service users will be made aware of circumstances in which confidentiality may be broken from the first point of contact. This information is also available in both the application form and Client Agreement.Before any therapeutic work takes place, therapists will ensure that they reiterate this and advise service users of the circumstances in which confidentiality may be breached.

Therapists are responsible for maintaining and storing their own service user records in line with the Data Protection Act (1998) and LGBT Foundation’s Information Governance procedures. All records will be stored securely for seven years and then destroyed, in line with good practice guidelines provided by BACP. 

Records stored on CORE and CRM client data management systems will be kept indefinitely, these are both secure systems with access limited to relevant members of staff. 

Records of sessions will be used to produce statistical and narrative reports on the progress of the service through the CORE and CRM client data management systems. In all cases, client data is stored under a pseudonym and any data shared is amalgamated and anonymised. 

Rampton/Outreach Clinics/Training

Workers and volunteers undertaking detached work / training must not reveal confidential information (please see Client Identifiable Information definition in Glossary for information) pertaining to service users, which has been gathered during these sessions, outside the line management and support structures of LGBT Foundation, unless it falls into one of the areas of exclusion listed in the policy statement.

When referring service users to external organisations, information concerning service users may only be disclosed with the service user’s explicit consent and the means of making the referral must be in line with the Information Governance Policy. 

Volunteer/Staff Details

Volunteer and staff personal details are to be kept confidential in accordance with the Data Protection and Information Governance Policies.

Disclosure and Barring Service (DBS) checks will be kept as confidential as possible with the results only being shown to the individual concerned and those staff and volunteers who would need the information to make a recruitment or operational decision based on the information.The restrictions of this, and use of DBS checks, are laid out in full in the Disclosure and Barring Service Checks Policy and Procedure document.

Monitoring and Management

LGBT Foundation will strive to ensure that monitoring and performance management information respects service user confidentiality.

How we share information

As part of our funding arrangements, we are frequently required to shared anonymised data on all aspects of our work, with funders and commissioners. All reports will use anonymised data except where service users have given their permission i.e. the use of personal testimonies and photographs. 

We will also use anonymised data for LGBT Foundation publications such as our annual Impact Report. 

For further details on how we collect and store data, please refer to the Data Protection Policy.

Breaking Confidentiality

If confidentiality needs to be broken, then the process followed must be in line with the relevant policy (e.g. Child Protection Policy). However, it is important for staff and volunteers to be consistent when faced with a situation where they need to break confidentiality, the following recommendations ensure that good practice is followed in all circumstances:

• Staff and volunteers must have an excellent understanding of confidentiality and their responsibilities before entering into a service delivery role;
• If a staff member/volunteer is unsure about a situation or confidentiality needs to be broken needs to be broken they must, without delay, seek the advice of a senior colleague or contracted external supervisor;
• If confidentiality can be retained but there are concerns about a service user, or others, then this information must be shared with a line manager or supervisor to ensure the situation is managed;
• Accurate and detailed records must be maintained; documenting factual statements and explicitly detailing concerns and any action taken;
• An Incident Form must be completed, in line with the Incident Reporting Procedure, if confidentiality is broken and a disclosure is made;
• Staff and volunteers who have had to break confidentiality must be offered support by their line manager or other senior member of staff.

Distribution, Implementation and Monitoring 

This document will be made available to all staff and volunteers via the organisation’s network. 

The document will be officially presented to all staff during Full Team Meetings on regular basis by the Office Manager. 

The Office Manager is responsible for the dissemination and availability of this Policy for all staff and volunteers, including new starters. 

The Assistant Director of Services is responsible for auditing and reviewing this Policy on an annual basis or in line with best practice recommendations or policy changes.