Standards, Confidentiality & Consent

Question 1

GPhC = General Pharmaceutical Council

Answer 1

• Pharmacy profession is regulated by the GPhC
• Register & publicly list pharmacy professionals (pharmacists & pharmacy techs) & pharmacies
• Codes of practice ‘standards’ Are not legislation but support pharmacy professional to comply with/ legislation.(support legislation)
• Don’t reach the standards - likely to breach legislation
• Found to have breached legislation & not followed the relevant code- highly likely to be found guilty of a criminal offence.

Question 2

GPhC standards

Answer 2

• Standards for registered Pharmacies
• Standards for pharmacy professionals
• They call their codes standards

Question 3

Standards for registered pharmacies (GPhC 2018)
5 PRINCIPLES

Answer 3

1- GOVERNACE
2- EMPOWERED & COMPETENT STAFF(Making sure that your staff feel freedom to be able to act to make their own decisions & that they are competent to do what they are trained to do in what you need them to do).
3- ENVIRONMENT & PREMISES (in which you conduct your services)
4- DELIVERY OF PHARMACY SERVICES
5- EQUIPMENT & FACILITIES (that are used to deliver those services)
W/O these we loose the respect of our patients and people loose trust in us.

Question 4

1= GOVERNANCE

Answer 4

• Procedures & measures put in place to safeguard the health, safety & wellbeing of patients & public.
• Standards 1.7 = Information is managed to protect the privacy, dignity & confidentiality of patients & the public (the procedures are regularly reviewed).

Question 5

3= PREMISES

Answer 5

• standard 3.2 - Protect the privacy, dignity & confidentiality of patients & the public.

Question 6

5= EQUIPMENT & FACILITIES

Answer 6

• standard 5.3 - Used in a way that protects the privacy & dignity of patients and the public.

Question 7

PRIVACY

Answer 7

• Concerns people
• e.g a private room when being examined

Question 8

CONFIDENTIALITY

Answer 8

• Concerns information
• e.g who has access to persona; health info.
• Data about a person and who has access to that data.

Question 9

DIGNITY

Answer 9

• Concerns the right of a person to be treated w/ respect.

Question 10

Pharmacy professionals must
(APPLIES TO REGISTERED PHARMACISTS, STUDENTS, TEAMS, PHARM TECHS ETC). PWCMUBRSD

Answer 10

1) Provide person-centred care
2) Work in partnership with/ others
3) Communicate effectively
4) Maintain, develop & use their professional knowledge & skills
5) Use their professional judgement
6) Behave in a professional manner
7) Respect & maintain a person’s confidentiality & privacy
8) Speak up when they have concerns or when things go wrong
9) Demonstrate leadership

Question 11

STANDARD 7= RESPECT & MAINTAIN A PERSON’S CONFIDENTIALITY & PRIVACY

Answer 11

• Manage information responsibility & securely
• Maintaining a person’s privacy & respecting confidentiality helps to maintain a person’s dignity & builds trust
• Look at the environment around you = can you be overheard or seen by people not involved in a person’s care. Where are you positioned in the environment around you.
• Never disclose confidential info w/o consent unless required by law or exceptional circumstances
• Only use info for the purpose it was given or in accordance with the law
• After a person’s death, confidentiality principles still apply
• links to standard 6 = Professional behaviour = Treat people w/ respect & safeguard their dignity.

Question 12

Pseuodonymised data

Answer 12

• Using a false name or pseudonym to protect data.
• This is not full protection as it can be linked to the person.
• Pseudonyms =e.g a hospital number, NHS number, student ID number.
• Used to protect data= personal data as the individual can still be identified ( re- identified when combined w/ other info)

Question 13

Anonymised

Answer 13

• Cannot identify or re-identify an individual when combined with/ other information.
• Truly anonymised information is NOT personal data.
• V/ rare exceptions = looking at rare disease in a a particular place/ area, where there are only 1 or 2 patients in that area , then you can’t anonymise the data as the people involved are identifiable.
• Truly anonymous data = you can’t link info back to the individual
• Truly anonymous data = is not confidential

Question 14

What is confidential information?

Answer 14

• All information that you gain about a person during the course of your practice is confidential (everyone, whatever their age & continues to apply after a person’s death - as it falls under common law duty of confidentiality which continues after a persons death).

Question 15

Common law duty of confidentiality

Answer 15

• When a patient /service user shares info in confidence it must not be disclosed w/o some form of legal authority or justification.
• In practice, this means info cannot be disclosed w/o that person’s consent.
• W/o confidentiality, the trust & effectiveness of services is lost.

Question 16

STANDARD 1= PROVIDE PERSON-CENTRED CARE

Answer 16

• Obtain consent to provide care & pharmacy services.
• Involving the person, listening to them & informing them shows respect & helps to maintain a person’s dignity.
• Links to standard 6 = Treat people w/ respect & safeguard their dignity. & Standard 1 = Respect & safeguard the person’s dignity.
• Consent is a person’s basic right = Human Rights Act 1998 (HRA) -statute law.
  You have a professional & legal duty to obtain consent for:
• Professional services
• Treatment or care
• Using ‘processing’ a person’s info:
  UK General Data Protection Regulation (UK GDPR) & Data Protection Act 2018
  Sharing a person’s info w/ a 3rd party (unless there is legal basis for doing so)
  Consent must be explicit ( Can not be implied)

Question 17

What are the 2 types of consent?

Answer 17

• Explicit ‘expression’ consent = clear consent
• Implied consent

Question 18

Explicit ‘Express’ Consent = Clear consent

Answer 18

• May be spoken or written
• When a person gives you explicit permission to do something

Question 19

Implied Consent

Answer 19

• When consent is indicated indirectly (e.g by a persons actions).
• Where the circumstances would lead a reasonable person to believe that a the person was consenting (e.g a person bringing a prescription into a pharmacy to be dispensed).
• If you are not sure that you have implied consent, then you should get explicit consent - ask them directly.

Question 20

CONSENT

Answer 20

• To consent is to ‘give permission’
• Consent is only valid if the person understands what they are consenting to.

Question 21

What is needed to have Valid Consent?

Answer 21

• Have capacity
• Be acting voluntarily
• Informed decision
• Opportunity to ask questions
• Ongoing process
• When appropriate, explicit consent & what it is given for should be recorded ( professional judgement)

Question 22

Have capacity

Answer 22

• Must be able to understand & use the info provided to make a decision

Question 23

Be acting voluntarily

Answer 23

• Not under undue pressure

Question 24

Informed decision

Answer 24

• Have sufficient information ( risks, benefits, alternatives, consequences of not consenting) .

Question 25

Opportunity to ask questions & Ongoing to ask questions

Answer 25

• Obtaining consent every time they have to make a decision.
• Consent needed on each occasion.
• People may change their mind & can withdraw consent at any time.

Question 26

Situations where you obtain recorded consent

Answer 26

• Invasive procedures
• Vaccinations
• DNR (Do Not Resuscitate)

Question 27

Capacity to consent

Answer 27

-Defined in Mental Capacity Act 2005 (England & Wales)
- “A person lacks capacity if at the time the decision needs to be made, they are unable to make or communicate the decision, because of an impairment or disturbance that affects the way their mind or brain works”.

Question 28

Capacity to consent ——>Assessing capacity

Answer 28

At the time (every time) a decision needs to be made….
- Understand the info
- Remember the info (in the short term
- Use & weight upon the info
- Communicate their decision (by any means) (i.e writing or verbally)

Question 29

Capacity to consent ——> Changing capacity

Answer 29

• Capacity may change & can be affected by other factors (e.g fatigue, alcohol, drugs,panic).
• Assessments & outcomes must be recorded.

Question 30

Capacity to consent ——> Adults w/ capacity

Answer 30

• Can refuse to consent
• Consequences of refusal must be explained ( non-judgementally, w/o undue pressure) . In cases where you think that it’s in the patients best interests that they undergo some of the things.
• Detailed records kept = Documents that you have warned the patient and that they are fully aware.
• ALWAYS DOCUMENT

Question 31

Capacity to consent ——> Adults W/O Capacity

Answer 31

• S/ adults may not have capacity
• Work w/ people close to this person i.e family members or carers.
• Mental Capacity Act 2005 & associated codes of practice set out who can make decisions on a person’s behalf.

Question 32

Capacity to consent ——> Young people (16-17 years)

Answer 32

• Capacity depends on ability to understand.
• Young people presumed to have capacity (unless evidence otherwise).
• As w/ anyone, still need to assess capacity.
• Encourage them to involve parents(In decisions about their healthcare) , but respect confidentiality.

Question 33

Capacity to consent ——> Children (under 16 years old)

Answer 33

• Capacity depends on ability to understand.
• Children are NOT presumed to have capacity.
• Children w/o capacity consent required from person w/ parental responsibility.
• In most cases you can ask for a child’s assent = Their agreement to continue w/ overarching consent given by parents.
• S/ 16 year olds in s/ sensitive situations can have the capacity to make decisions on their own.

Question 34

Capacity to consent ——> Advance decisions

Answer 34

• People w/ capacity, who understand the implications of their choices can say in advance how they want to be treated if they later loose capacity. (I.e DNR- Do Not Resuscitate).
• They can change their decisions along the way.
• This may be superseded ( changed ,over rided, replaced).

Question 35

Capacity to consent ——> Emergencies

Answer 35

• When a patient can not give consent (i.e unconscious) or they don’t have advanced decision in place.
• Urgent treatment where capacity cannot be assessed & consent not obtained.
• Act in the person’s / patients best interests.
• Provide treatment if needed to save life or prevent deterioration (unless an advance decision is known).

Question 36

UK General Data Protection Regulation (UK GDPR) & Data Protection Act 2018

Answer 36

• ONLY APPLIES TO THE LIVING
• Data Protection Act = statute law
• Legal framework for data protection
• E/O is responsible for protecting personal data
• Regulated and enforced by the Information Commissioner’s Office (ICO)
• You need consent to share a person’s personal data
• GDPR & Data Protection Act no longer applies to identifiable data that relate to a person once they have died
• Any duty of confidence established before death extends beyond death = If applied when they are living it extends beyond their death.

Question 37

3 Types of data identified by UK GDPR & Data Protection Act 2018

Answer 37

• PERSONAL = Anything relating to a living person who can be identified by that data.
• SPECIAL CATEGORY = Potentially‘sensitive’ e.g Political opinions, religious beliefs , genetic info.
• CONFIDENTIAL = All info collected for provision of health & social care services where people can be identified.

Question 38

UK GDPR & Data Protection Act 2018——> PERSONAL DATA - 7 KEY PRINCIPLES

Answer 38

1) Processes fairly & lawfully & transparently.
2) Purpose limitation= Collected for specific purposes (Don’t collect data you don’t need).
3) Data minimisation = Adequate , relevant & limited to that necessary (Don’t keep data you don’t need for longer than you need it).
4) Accuracy = Accurate & up to date, erased if inaccurate. ( Errors in data need to be corrected under the data protection act).
5) Storage = Kept in a form which permits identification for no longer than is necessary (secure data storage- can you maintain the data’s integrity or will it be corrupted when it is moved from one system to another).
6) Security, integrity & confidentiality = Processed on a need-to-know basis.
7) Accountability = A data controller must be appointed & responsible and able to demonstrate compliance w/ the data protection act.

Question 39

NHS TRUSTS REQUIRE

Answer 39

• A Data Protection Officer (DPO) who monitors compliance with/ Data Protection law.
• They work closely with the Caldicott Guardian to ensure that we are adhering closely to the law.

Question 40

CALDICOTT

Answer 40

• Government review of confidentiality issues around the transfer of patient identifiable info (Dame Fiona Caldicott, 1997).
• She reviewed issues of confidentiality because there were confidentiality issues w/i the NHS.

Question 41

Every NHS organisation require a Caldicott Guardian?

Answer 41

• Responsible for safeguarding the confidentiality of patient info
• Info needs to be shared across NHS organisations (health & social care) to ensure the best care for a person.
• Withholding info can s/t be as harmful as sharing it.
• Advise on safe communication among teams & between organisations (health & social care).

Question 42

8 Caldicott Principles for the NHS ( 1-5)

Answer 42

• To advise people w/I organisations about sharing & safe use of data
  1) Justify purpose of sharing confidential info= Only share if there is a valid reason.
  2) Use confidential info only when needed= s/ info does not require individuals to be identified.
  3) Use the minimum necessary confidential info= Not collecting more than you need.
  4) Access to confidential info should be on a strict need-to-know basis.= Only access info on individuals when you are/need to share w/ s/o directly involved in their care.
  5) Everyone w/ access to confidential info should be aware of their responsibilities = All need to be aware of GDPR regulations & the Data Protection Act. Authorised to access as part of your role.
  Never share log-in deals (or use anyone else’s)

Question 43

8 Caldicott Principles for the NHS ( 6-8)

Answer 43

6) Comply w/ the law (statue & common) = Be aware of you legal obligations under the UK GDPR, the DPA & the common law duty of confidentiality.
7) Duty to share is as important as the duty to protect patient confidentiality = Share info in the best interests of your patients & service users (w/ other entities & organisations & social care organisations in the interest of the patient).
8) Inform patient as and service users about how their confidential info is use = Each time you access, use or share info, consider whether the individual concerned would be surprised that you are doing so. If you think they are surprised or concerned, you should seek advice.

Question 44

The Confidential Model PIPI

Answer 44

• 4 Main requirements
• Adapted from the NHS requirements that must be met to provide a confidential service
  1) PROTECT = Look after patient info.
  2) INFORM = Ensure patients are aware of how their info is being used.
  3) PROVIDE CHOICE = Allow patients to decide whether their info can disclosed or used in particular ways.
  4) IMPROVE = Always look for better ways to protect inform & provide choice.

Question 45

When is Disclosure of confidential Information allowed?

Answer 45

• W/ the patient’s explicit consent.
• Valid legal reason / when the law requires (e.g s/o has breached statute law, committed a serious crime, The children’s Act 1989 requires info to be shared in safeguarding cases).
• Vital interest for urgent medical care i.e To save a life.
  In public interest ‘for the greater good’:
• Consider patient interest VS Public interest.
• Serious harm to a 3rd party.
• Serious risk to public health.
• You should ALWAYS be seeking to disclose info & inform patients if you are going to disclose info.

Question 46

Patients w/ capacity who refuse consent

Answer 46

• Only disclose if the law says you must, or it is in the public interest to do so (explain to patient why disclosure is necessary).
• If consent is refused to share info w/ other healthcare professionals, then explain that this may limit care.