Last updated 18th October 2021, by Peter Huang.
- Introduction
- Purpose
- Scope
- Data accuracy procedures
- Procedures for the correction of errors
- Responsibilities
Introduction
- This Data Quality Policy is
Healthtech 1's
(hereafter referred to as "us", "we", or "our") policy for the ensuring accuracy of information which we store and process.
Purpose
- The availability of accurate and timely data is vital for the safety of the people we care for and the safe and responsible running of our organisation. This policy outlines the following procedures:
- Procedures for ensuring data accuracy;
- Procedures for correcting errors.
Scope
- This policy includes in its scope all data which we process either in hardcopy or digital copy, this includes special categories of data;
- This policy applies to all staff, including temporary staff and contractors.
Data accuracy procedures
- We commit to ensuring that we comply with the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014: Regulation 17 that we will “maintain securely an accurate, complete and contemporaneous record in respect of each service user, including a record of the care and treatment provided to the service user and of decisions taken in relation to the care and treatment provided”;
- We ensure accuracy in our data in both hardcopy and digital records by making sure all data has the following characteristics:
- Authentic – i.e. the data is what is claims to be, has been created or sent by the person who said that they created or sent it, and that this was done at the time claimed;
- Reliable – i.e. the data is complete, accurate, has been created close to the time of the activity it records, and has been created by individuals with direct knowledge of the event it records;
- Integrity – i.e. the data is complete and unaltered, it is also protected from being changed or altered by unauthorised persons, any alterations are clearly marked and the person who made them can be identified;
- Useable – i.e. the data can be located when it is required for use and its context is clear in a contemporaneous record.
- The principal purpose of service user records is to record and communicate information about the individual and their care. The principal purpose of staff records is to record employment details for payroll and business planning purposes.
- To fulfil these purposes, we:
- Use standardised structures and layouts for the contents of records (please see templates and guidance stored within our Notion space)
- Ensure documentation reflects the continuum of care, that all care is person centred and that care records are viewable in chronological order;
- Provide a clearly written care plan when care is being delivered by several members of the team, and we ensure that records are maintained and updated, and shared with everyone involved;
- Train staff on the creation and use of records (see staff onboarding process and read the whole Healthtech 1 DSPT) and provide annual training on good record keeping;
- Have implemented a procedure that enables service users and staff to have easy access to their records where appropriate. This is outlined in the Record Keeping Policy and our Privacy Notice.
- All staff who record information - whether hardcopy or electronic - have a contractual responsibility to ensure that the data is accurate and as complete as possible. This responsibility extends to any system the staff member has access to.
Procedures for the correction of errors
- In-line with national legislation, individuals have the right to have access to their personal data which we process and store. Citizens have the right to the rectification of said records in the instance that their records are inaccurate or incomplete.
- Where at all possible, in the instance that we have appropriately shared that individual’s records with any third-party we will inform this third-party of the rectification if appropriate.
- In all cases we will respond to a request for rectification within one month. Should the request be complex this may be extended to two months, however, we will inform the individual in writing of the extension and the reasons why it is required within one month.
- To request for their records to be rectified service users or staff should contact us with the request for rectification either verbally or in writing.
- While we are assessing the request to rectify records, we will restrict processing of the data in question. This will be done in line with our Right to Restrict Processing Procedure as outlined in our Record Keeping Policy.
- In the instance where the rectification request is refused, the reason will be explained in full and in writing within one month of the original request having been received.
- A record of all rectification requests and outcomes will be kept by the Data Security and Protection Lead in line with timeframes outlined in the Information Governance Alliance’s Appendix 3 of the Record Management Code of Conduct for Health and Social Care 2016 (https://digital.nhs.uk/article/1202/Records-Management-Code-of-Practice-for-Health-and-Social-Care-2016). Please see our Retention timescales
- All individuals who have their rectification request refused will be informed of their legal rights to complain to the ICO and to seek a judicial remedy;
- All staff will be informed of this policy in the staff handbook.
- All service users, or their legal representative, will be informed of this policy, as well as their other rights as regards their personal data, when they sign initial contracts with us.
- In order to process your request for rectification, you might be asked to provide identifying documents so that we can authenticate that it is appropriate for you to update your data.
You should note that individuals can ask anyone in your organisation to request this, so staff should know their responsibilities to pass on requests to the Data Security and Protection Lead in a timely manner.
If the rectification is due to the record being incomplete, then the individual should also provide the supplementary information to update the record.
Responsibilities
- The Data Security and Protection Lead (Peter Huang) has overall responsibility for Data Quality policies and procedures being reviewed annually and for staff training in data quality and for monitoring data quality throughout the organisation. They also are responsible for responding to rectification requests and recording the outcome of any request.
- Managers are responsible for the quality of records and making sure that staff understand their commitments in ensuring data quality.
- Every member of staff is individually responsible for the quality of data they personally record – whether on paper or electronically. Additionally, they are responsible for reporting any mistakes they do notice to the Data Security and Protection Lead.
- Staff are aware that data accuracy and security is a contractual and legislative requirement and that breach of this policy might result in disciplinary action.