- General principles
- I.M.S. recognises that its staff (employees, volunteers, trustees, secondees and students) gain information about individuals and organisations during the course of their work or activities. In most cases such information will not be stated as confidential and colleagues may have to exercise common sense and discretion in identifying whether information is expected to be confidential. This policy aims to give guidance, but if in doubt seek advice from your line manager.
- Colleagues are able to share information with their line manager in order to discuss issues and seek advice.
- Colleagues should avoid exchanging personal information or comments (gossip) about individuals with whom they have a professional relationship.
- It is not appropriate to discuss a person’s sexuality (i.e. ‘outing’ a gay person) without their prior consent.
- Colleagues should avoid talking about organisations or individuals in social settings.
- Colleagues will not disclose to anyone, other than their line manager, any information considered sensitive, personal, financial or private without the knowledge or consent of the individual, or an officer, in the case of an organisation.
- There may be circumstance where colleagues would want to discuss difficult situations with each other to gain a wider perspective on how to approach a problem. The organisation’s consent must be sought before discussing the situation, unless the colleague is convinced beyond doubt that the organisation would not object to this. Alternatively, a discussion may take place with names or identifying information remaining confidential.
- Where there is a legal duty on A.I.M.S. to disclose information, the person to whom the confidentiality is owed will be informed that disclosure has or will be made.
- Why information is held
- Most information held by A.I.M.S. relates to voluntary and community organisations, self-help groups, volunteers, students, employees, trustees or services which support or fund them.
- Information is kept to enable A.I.M.S. colleagues to understand the history and activities of organisations in order to deliver the most appropriate services.
- I.M.S. has a role in putting people in touch with voluntary and community organisations and keeps contact details which are passed on to any enquirer, except where the group or organisation expressly requests that the details remain confidential.
- Information about volunteers is given to known groups or statutory agencies which request volunteers, but is not disclosed to anyone else.
- Information about students is given to the training organisation and the college, but to no one else.
- Information about ethnicity and disability of users is kept for the purposes of monitoring our equal opportunities policy and also for reporting back to funders.
- Access to information
- Information is confidential to A.I.M.S. as an organisation and may be passed to colleagues, line managers or trustees to ensure the best quality service for users.
- Where information is sensitive, i.e. it involves disputes or legal issues, it will be confidential to the employee dealing with the case and their line manager. Such information should be clearly labelled ‘Confidential’ and should state the names of the colleagues entitled to access the information and the name of the individual or group who may request access to the information.
- Colleagues will not withhold information from their line manager unless it is purely personal.
- Users may have sight of A.I.M.S. records held in their name or that of their organisation. The request must be in writing to the Lead Worker giving 14 days’ notice and be signed by the individual, or in the case of an organisation’s records, by the Chair or Executive Officer. Sensitive information as outlined in para 3.2 will only be made available to the person or organisation named on the file.
- Employees may have sight of their personnel records by giving 14 days’ notice in writing to the Lead Worker.
- When photocopying or working on confidential documents, colleagues must ensure they are not seen by people in passing. This also applies to information on computer screens.
- Storing information
- General non-confidential information about organisations is kept in unlocked filing cabinets with open access to all A.I.M.S. colleagues.
- Information about volunteers, students and other individuals will be kept in filing cabinets by the colleague directly responsible. These colleagues must ensure line managers know how to gain access.
- Employees’ personnel information will be kept in lockable filing cabinets by line managers and will be accessible to the Lead Worker.
- Files or filing cabinet drawers bearing confidential information should be labelled ‘confidential’.
- In an emergency situation, the Lead Worker may authorise access to files by other people.
- Duty to disclose information
- There is a legal duty to disclose some information including:
- Child abuse will be reported to the Multi Agency Safeguarding Hub (MASH).
- Drug trafficking, money laundering, acts of terrorism or treason will be disclosed to the police.
- In addition colleagues believing an illegal act has taken place, or that a user is at risk of harming themselves or others, must report this to the Lead Worker who will report it to the appropriate authorities.
- Users should be informed of this disclosure.
- There is a legal duty to disclose some information including:
6.1 A.I.M.S. complies fully with the DBS Code of practice (E File) regarding the correct handling, use, storage, retention and disposal of Disclosures and Disclosure information.
6.2 Disclosure information is always kept separately from an applicant’s personnel file in secure storage with access limited to those who are entitled to see it as part of their duties. It is a criminal offence to pass this information to anyone who is not entitled to receive it.
6.3 Documents will be kept for a year and then destroyed by secure means. Photocopies will not be kept. However, A.I.M.S. may keep a record of the date of issue of a Disclosure, the name of the subject, the type of Disclosure requested, the position for which the Disclosure was requested, the unique reference number of the Disclosure and the details of the recruitment decision taken.
7. Data Protection Act
7.1. Information about individuals, whether on computer or on paper, falls within the scope of the Data Protection Act and must comply with the data protection principles. These are that personal data must be:
- Obtained and processed fairly and lawfully.
- Held only for specified purposes.
- Adequate, relevant and not excessive.
- Accurate and up to date.
- Not kept longer than necessary.
- Processed in accordance with the Act.
- Kept secure and protected.
- Not transferred out of Europe.
8. Breach of confidentiality
8.1. Employees who are dissatisfied with the conduct or actions of other colleagues or A.I.M.S. should raise this with their line manager using the grievance procedure, if necessary, and not discuss their dissatisfaction outside of A.I.M.S.
8.2. Colleagues accessing unauthorised files or breaching confidentially may face disciplinary action. Ex-employees breaching confidentiality may face legal action.
9.1. Where any member of staff (paid/unpaid) has concerns about the use of A.I.M.S. funds, he or she may refer directly to the Chair or Treasurer outside the usual grievance procedure.