Current Page:Home > Confidentiality
About NCEPOD | Contact Us | Staff Login 
Menu
Home
Current Studies
Reports
Events
Confidentiality
Information for Local Reporters
News
Discussion Forum
Job Vacancies
Useful Links

How do NCEPOD comply with the Data Protection Act, Confidentiality and Ethical Approval?


There are essentially two Government Acts, related to confidentiality, that NCEPOD are requested to comply with. The first is the Data Protection Act 1998. The second is the Health and Social Care Act 2001.

The Data Protection Act 1998
NCEPOD is committed to maintaining a recognised level of best practice for its information security procedures. In 2004 we undertook an external audit of our information security procedures. Recommendations included in this report were acted upon and our information security procedures were formulated in conjunction with the International Standard ISO/IEC 17799:2000 “Information technology – Code of practice for information security management”; this is often referred to as the UK standard BS7799.

All NCEPOD staff manage data according to the information security procedures as a means of ensuring integrity and confidentiality of data submitted to NCEPOD. The procedures apply to both physical and electronic data formats.

Although it is understood that the DPA 1998 does not apply to deceased patients NCEPOD will apply its standards to all data regardless of patient outcome.

The Health and Social Care Act 2001
Whilst the Government has stated that consent is the fundamental principle governing the use of patient identifiable information by any part of the NHS or research community they have recognised that in some instances that this approach may be difficult. Section 60 of this Act therefore provides the Secretary of State for Health with a power to authorise that patient identifiable data can be used whilst alternative methods of data collection/obtaining consent are being implemented. Section 60 approval has been granted to NCEPOD whist we consider alternative methods. The Patient Information Advisory Group (PIAG) has reviewed our work programme and we submit an annual report to them.

NRES – Ethical Approval
At the present time NRES (COREC) have agreed that it is not necessary for NCEPOD to obtain ethical approval for our work, the reasons are listed below:

  1. Our work is a ‘confidential enquiry’ and not strictly research or audit – we do not interact directly with patients or have influence in the treatment of an individual.
  2. We have approval from PIAG to continue without consent whilst we identify alternative methods.
  3. Many of the cases we investigate are deceased patients.
  4. Our work is mandated by the Department of Health and the GMC
Accessibility | Sitemap | Copyright | Disclaimer