‍

Many of us at Thrive Tribe operate in a privileged position where clients share personal or private data with us as their service provider. It’s important that we maintain client confidentiality when communicating with our Thrive Tribe colleagues or external stakeholders around our service users, in particular when sharing their data.

‍

On top of the full Data Security Awareness training provided by e-Learning for Healthcare and following our professional responsibilities, over the next few weeks we will be sharing weekly practical, simple tips and reminders to ensure we look after our service user data.

What data is sensitive?

‍

We hold lots of different data on our service users and or people and the length of time we hold most data for is determined to us by law.

‍

A huge variety of the data we hold on service users is personal and this can be identifiable in nature. We also hold significant amount of special category data (Ethnicity or health condition information) on our service users, which again, adds another layer of security considerations.

‍

Why does it matter?

For a number of reasons, showing care for a client’s data builds trust between us and our service users, as does being transparent about how their data is being used. It’s expected, both by our commissioners and by our service users themselves. Most significantly though, it’s a legal requirement and there are significant fines possible to organisations that shirk their data security responsibilities.

‍

In most cases we rely on consent as the legal basis for holding and processing our service user’s data, it’s why we always ask around consent and record consent being given, but there are a few exceptions.