London NHS Practitioner Health Programme (PHP)Confidentiality Policy


Nov 18, 2013 (4 years and 5 months ago)


Reviewed April 2011

London NHS Practitioner Health Programme (PHP)
Confidentiality Policy

Commitment to confidentiality for practitioners using the PHP

1. Doctors and dentists should be assured that the Practitioner Health
Programme (PHP) is a confidential service and that those being treated
in the programme can expect the same level of confidentiality as all
other patients. This means that the PHP will not disclose information to
any third party without the consent of the practitioner, unless required
by a legal obligation. Medical and dental practitioners will not be
subject to a more or less stringent interpretation of the law than the
general population.

2. This document sets out the commitment of the Practitioner Health
Programme to confidentiality and the necessary limits to confidentiality.
More information is provided in the Memoranda of Understanding with
the General Medical Council and the General Dental Council which are
available on the PHP website,

Security of patient records

3. All information (paper-based and electronic) about a practitioner will be
kept in the PHP secure clinical system and secured electronic folders
and accessed only by authorised staff. All paper records will be
scanned into a secure electronic record and the paper version

4. Records will not be available through any record sharing arrangements
such as the NHS Spine.

5. Back up data for disaster recovery purposes will be held off site and
the data will be encrypted throughout transport and storage.

6. Information will be shared between PHP1 and PHP2 preferred
providers only through secure systems.

7. Where practitioner patients have requested information be shared with
a third party such as solicitors, GMC or employer this information will
be shared through secure systems unless the practitioner patient
waives this requirement.

Reviewed April 2011
Providing identifying information

8. Where an individual contacts the service to seek information or advice,
this will be provided regardless of whether they provide identifying
information about themselves or the practitioner about whom they call.

9. PHP will neither confirm nor deny to referrers whether a referred
practitioner has taken up treatment without the specific consent of the

10. Where a practitioner needs to be seen by PHP (either PHP1 or PHP2)
for assessment or treatment, identifying information must be provided.

Contact with employers

11. The PHP will seek consent from the practitioner if they wish to make
contact with their employer/contracting organisation to gather
information or where liaison with local health services is required.

12. There will be no requirement on the practitioner to disclose to their
employer (or a prospective employer) that they have attended the PHP
unless they have been referred by the employer. In that case, consent
for information to be disclosed will be sought.

Contact with GP’s and other healthcare professionals

13. The PHP will request consent to liaise with other treating clinicians,
including the patients registered GP.

14. A practitioner’s GP or other relevant healthcare professionals will only
be advised of their treatment with PHP if the practitioner specifically
consents to this. In the case of GP’s this will be in the form of a letter
advising the practitioner has accessed the service. Exceptions to this
would be on the basis of serious concerns over the practitioner’s health
to their own safety or the safety of their patients or the public.

Evaluation of PHP and activity reporting

15. Evaluation of the PHP is vital to assess the continued effectiveness of
the service and to consider how it can be improved. The PHP will be
required to provide high level anonymised information about patterns of
activity, types of cases seen, onward referral and outcomes. As part of
this evaluation the views of practitioners using the service will be
sought. No information that may be attributed to named individuals will
be included in any activity reporting or evaluation.

Reviewed April 2011
Exceptions to the duty of confidentiality

16. PHP asks for all new practitioner patients to provide an In Case of
Emergency (ICE) contact. PHP will contact an ICE only when there is a
serious concern over the safety or well being of a practitioner and
attempts to contact the practitioner have failed.

17. There are exceptions to the duty of confidentiality that may require the
use or disclosure of confidential information. The prototype Practitioner
Health Programme has demonstrated over 2 years that such
exceptions are very rare and should not undermine the trust that the
practitioner can place in the service. Potential exceptions to the duty of
confidentiality are detailed below:

Public interest

18. Rarely, disclosure in the public interest may be required. This will be in
those circumstances where the practitioner’s health raises serious
concerns about their own safety or the safety of their patients or the
public. This will normally be limited to those cases where they are not
complying with assessment, treatment or monitoring, or heeding advice
to remain on sick leave.

19. In these cases PHP will seek consent from the practitioner but where
consent cannot be achieved and the public interest is paramount,
disclosure may be made without consent. In such a case the
practitioner will be informed that disclosure has occurred and the
reasons for doing so. Disclosure will be kept to the minimum required
for the purpose and passed only on a “need to know” basis.

Other requirements for disclosure

20. Other circumstances where disclosure may be required include cases
a. There is a legal requirement to disclose
b. A formal referral has been made to the PHP by an employer or
contracting organisation, the National Clinical Assessment
Service or the regulatory body
c. Where the regulator requires reports from the PHP about a
practitioner’s health.

21. Again, the practitioner’s consent will be sought and disclosure kept to a
minimum to satisfy the requirements.

22. Where a practitioner has given consent to share information with third
parties PHP reserves the right to discuss this with the practitioner and
in exceptional circumstances to over-rule this.