Introduction

The purpose of this document is to provide guidance to all Sexual Minorities Africa (SEMA) staff and volunteers on Confidentiality. It details both statutory requirements and good practice on how to manage confidential information within the working environment.

Sexual Minorities Africa (SEMA) is committed to the delivery of a first class confidential service. This means ensuring that all client information is processed fairly, lawfully and as transparently as possible so that the public:

• understand the reasons for processing personal information;

• give their consent for the disclosure and use of their personal information;

• gain trust in the way Sexual Minorities Africa (SEMA)  handles information and;

• understand their rights to access information held about them.

Glossary of Terms

Breaking Confidentiality

This is when confidential information is intentionally shared with a third party, in line with LGBT policies and procedures (such as Child Protection Policy). Third parties may include the emergency services, Social Services and GPs.

Confidential Within the System

In some circumstances, Sexual Minorities Africa (SEMA) staff and volunteers will need to share confidential information with colleagues or external supervisors (who are bound by ethical and confidentiality codes of practice) as part of their practice. This may be in individual or group supervision, or when there are concerns or questions about a client or their situation. For example, a staff member may share concerns with their line manager if a client they are working with is at low to medium risk of harming themselves. Sharing this information ‘within the system’ ensures the client’s information remains confidential and assists Sexual Minorities Africa (SEMA) in the effective management and safeguarding of the client.

Client Identifiable Information

Key identifiable information includes:

• client’s name, address, full post code, date of birth;

• pictures, photographs, videos, audio-tapes or other images of clients;

Anonymised Information

This is information which does not identify an individual directly, and which cannot reasonably be used to determine identity. Anonymisation requires the removal of name, address, full post code and any other detail or combination of details that might support identification.

Pseudonymised Information

This is like anonymised information in that in the possession of the holder it cannot reasonably be used by the holder to identify an individual. However it differs in that the original provider of the information may retain a means of identifying individuals. This will often be achieved by attaching codes or other unique references to information so that the data will only be identifiable to those who have access to the key or index, for example the Sexual Minorities Africa (SEMA) client code. Pseudonymisation allows information about the same individual to be linked in a way that true anonymisation does not.

Explicit or Expressed Consent

This means articulated client agreement. The terms are interchangeable and relate to a clear and voluntary indication of preference or choice, usually given orally or in writing and freely given in circumstances where the available options and the consequences have been made clear. For example, when the Confidentiality Statement is provided verbally and/or a client signs the Client Agreement.

Freedom of Information

This refers to the right to request, in writing, information from public authorities/organisations. It is intended to promote a culture of openness and accountability amongst public and third sector bodies, and therefore facilitate better public understanding of how duties are carried out, why they make the decisions they do, and how they spend public money.

Implied Consent

This means client agreement that has been signalled by behaviour of an informed client.

Disclosure

The sharing of information that could be deemed as sensitive and confidential. For example, service user may disclose something to someone on our Helpline.

Public Interest

Exceptional circumstances that justify overruling the right of an individual to confidentiality in order to serve a broader societal interest. Decisions about the public interest are complex and must take account of both the potential harm that disclosure may cause and the interest of society in the continued provision of confidential services.

Serious Harm

Harm that could lead to:

Potentially life-threatening injury. Or;

Serious and/or likely long-term impairment of physical or mental health or physical, intellectual, emotional or behavioural functioning.

Information Governance

A set of guidelines that set out what is required to ensure that fair and equal access to information can be provided and is supported by a range of procedure.

Policy Statement

This document outlines the circumstances in which information must remain confidential and when disclosure of information is allowed.Where the word confidentiality is used it means “Confidential within the system”. SEMA does not guarantee staff, volunteers or service users absolute confidentiality, as it may be necessary to pass information on to other SEMA staff or third parties (for example, if the person poses an risk to themselves or others) in order to take appropriate action or seek advice on decisions. For information on the organisational policy and protocol of Information Sharing, please reference the Information Sharing Policy.

Scope

This policy applies to all staff and volunteers.Each staff member or volunteer is responsible for providing SEMA with such information as is necessary for the organisation to fulfil it’s purpose as well as for complying with reasonable requests for information, i.e. timesheets, performance management etc.You should ensure that you understand this policy, in particular for understanding the glossary of terms so that you understand the information and practice guidelines outlined in this document.

In particular, staff and volunteers must understand the concept of information being “confidential within the system” before you disclose sensitive information.You are responsible for the disciplinary consequences that may accrue to you if you:

  • withhold essential information;
  • deliberately fail to disclose information that may put individuals or the public at risk of serious harm, or have a significant negative impact on the  SEMA; and
  • breach this policy.

Roles and Responsibilities

When applying this policy, it is the responsibility of the staff member or volunteer to identify the appropriate course of action. Support and advice can be sought from their line manager or a more senior member of staff where the appropriate course of action is still unclear.

It is also the responsibility of the staff member or volunteer to refer to and apply other relevant policies, should the circumstances warrant it (for example, Child Protection).

If a volunteer or member of staff has a duty of confidentiality, it means that they must not disclose any client identifiable information unless:

  • breaking of confidentiality, which must be made in line with this or another policy (for example, Safeguarding Policy);
  • if the case is being discussed in supervision; or
  • with another member of SEMA staff in order to seek advice or guidance; and
  • the use of client identifiable information is necessary to the discussion.

Situations where a disclosure may be made under safeguarding or other legislation, under which there may be a duty to disclose information in certain circumstances, are:

  • If we are concerned about the safety of a child (someone under the age of 18, they may or may not be a service user of SEMA);
  • If we are concerned about the safety of a vulnerable adult (A person aged 18+ whose physical or mental condition makes them particularly vulnerable. They may or not be a service user of SEMA);
  • The client is acting, or likely to act, in a way that could cause serious harm to themselves, or put others at risk of serious harm;
  • There is the possibility of serious risk to a particular person or persons, or to the public in general;
  • Information relating to an act of terrorism or money laundering is disclosed.

If a service user shares information which leads the staff member or volunteer to believe that they may need to make a disclosure, we will always endeavour to inform the service user, unless:

  • Doing so may increase the risk to the individual;
  • Doing so may increase the risk to others or the public;
  • The staff member/volunteer feels unsafe to do so.

Rampton/Outreach Clinics/Training

Workers and volunteers undertaking detached work / training must not reveal confidential information (please see Client Identifiable Information definition in Glossary for information) pertaining to service users, which has been gathered during these sessions, outside the line management and support structures of SEMA, unless it falls into one of the areas of exclusion listed in the policy statement.

When referring service users to external organisations, information concerning service users may only be disclosed with the service user’s explicit consent and the means of making the referral must be in line with the Information Governance Policy.

Volunteer/Staff Details

Volunteer and staff personal details are to be kept confidential in accordance with the Data Protection and Information Governance Policies.

Monitoring and Management

SEMA will strive to ensure that monitoring and performance management information respects service user confidentiality.

How we share information

As part of our funding arrangements, we are frequently required to shared anonymised data on all aspects of our work, with funders and commissioners. All reports will use anonymised data except where service users have given their permission i.e. the use of personal testimonies and photographs.

We will also use anonymised data for SEMA publications such as our annual Impact Report.

For further details on how we collect and store data, please refer to the Data Protection Policy.

Breaking Confidentiality

If confidentiality needs to be broken, then the process followed must be in line with the relevant policy (e.g. Child Protection Policy). However, it is important for staff and volunteers to be consistent when faced with a situation where they need to break confidentiality, the following recommendations ensure that good practice is followed in all circumstances:

  • Staff and volunteers must have an excellent understanding of confidentiality and their responsibilities before entering into a service delivery role;
  • If a staff member/volunteer is unsure about a situation or confidentiality needs to be broken needs to be broken they must, without delay, seek the advice of a senior colleague or contracted external supervisor;
  • If confidentiality can be retained but there are concerns about a service user, or others, then this information must be shared with a line manager or supervisor to ensure the situation is managed;
  • Accurate and detailed records must be maintained; documenting factual statements and explicitly detailing concerns and any action taken;
  • An Incident Form must be completed, in line with the Incident Reporting Procedure, if confidentiality is broken and a disclosure is made;
  • Staff and volunteers who have had to break confidentiality must be offered support by their line manager or other senior member of staff.