Stack of papers and two stamps labelled as 'Rules' and 'Regulations'

Identify the legislation that relates to the recording, storage and sharing of information in care settings

This page is designed to answer the following questions:

The Data Protection Act

The main piece of legislation relating to the recording, storage and sharing of information is the Data Protection Act 2018 (including GDPR).

The DPA was originally introduced in 1984 and has been updated regularly as technology has advanced. The latest incarnation came into force in 2018 and includes GDPR, which brings UK legislation in line with EU legislation.

The DPA balances an individual’s right to privacy and an organisation’s right to hold their data by ensuring that personal information is kept securely, can only be used for what it was originally intended when collected, be accurate and up-to-date and should be removed when no longer needed.

The Freedom of Information Act

The Freedom of Information Act 2000 allows individuals to request certain information held by public authorities, including the government, local authorities, the police force, hospitals and GP surgeries.

This does not cover private companies and organisations.

In addition, it gives individuals the right to look at anything written about them so if you work for a public authority you must be aware that anything you write about an individual may be viewed by them in the future. Therefore you must ensure that everything you record is accurate.

Agreed ways of working

Your employer’s agreed ways of working include their policies and procedures but can also include emails and verbal instructions. These are the ways that your employer requires you to work and should always be followed as they are designed to ensure that your work is within the law and meets best practices.

Some agreed ways of working that your employer may have relating to handling information can include:

  • Information handling policy and procedure
  • ICT policy including password policy
  • How you record information
  • How you store information
  • How information should be shared
  • Guidelines for ensuring confidentiality

Example questions and answers

1. Identify four key pieces of Legislation or Codes of Practice relating to handling information in social care settings.

Legislation or Codes of Practice relating to handling information in social care settings  include:

  • The Data Protection Act 1998
  • The Freedom of Information Act 2000
  • The Health & Social Care Act 2008 (specifically, Essential Standards)
  • ICO Data Sharing Code of Practice

2. Explain how legal requirements and codes of practice affect the day to day work of a social care worker in relation to handling information.

Legal requirements and codes of practice ensure that social care workers handle information in the correct way and without breaking the law.

This means that personal and sensitive data is stored securely and is only accessible by those that are authorised to do so. Social care workers may only share information if it is absolutely necessary. They must respect the rights of the person that they have information about by obtaining their consent before sharing information about them and ensuring they keep this information confidential. Information must be kept up-to-date.