Describe and Demonstrate Security of Manual and Electronic Records When Storing and Accessing Information

This page is designed to answer the following questions:

Data security is essential in health and social care because we record sensitive information and must ensure the confidentiality of the individuals that we care for and the colleagues that we work with.

To meet these assessment criteria, you must be able to describe the features and demonstrate the practices that ensure data security.

Manual Information Storage (Hard-Copies)

Paper documentation should be stored in a secure place according to your organisation’s policies and procedures.

This may be in a filing cabinet, drawer or folder that is only accessible by authorised persons. To restrict access, the filing cabinet may have a lock on it or the room that the paperwork resides in may only be entered using a key/electronic code/ID badge. Records should ideally not be removed from the secure storage location, or if they are then procedures must be followed to ensure that they are not left in an insecure area.

When discussing information contained in secure records, it is important that precautions are taken to ensure that nobody is able to overhear the conversation to protect confidentiality.

Electronic Storage

Records may be kept on computer systems and access restricted to personnel on a need-to-know basis. To comply with data protection legislation, these records may only be accessed using a password. It is important that a staff member’s password is not shared with others and that they log out (or lock) their computer when they leave their desk to ensure that others with access to their computer are not able to access unauthorised information whilst they are away.

The records may be stored on the hard drive of the local computer or on a secure network area, such as a server, in another location.

It may be your organisation’s policy to encrypt files when they are transferred to other devices for extra layers of security. Software such as antivirus and firewalls may be used to ensure the integrity of the computers and networks being used.