2.3 Caldicott Guardian
Caldicott Guardians were introduced in 1997 following concerns about the use of patient identifiable information in health agencies. In particular, the government felt that despite the introduction of the Data Protection Act in 1984, patient information was not sufficiently secure. Caldicott Guardians have responsibility to ensure that patient identifiable information is safeguarded. Given the increasing partnership working between health and social care, the Caldicott Guardian arrangements were also implemented in local authorities with social care responsibilities, several years later.
A Caldicott Guardian is therefore appointed in each NHS or social care organisation and has specific responsibilities to oversee information sharing in the organisation in relation to patient and service user identifiable information - to ensure that it takes place in accordance with the data protection principles as set out in this chapter.
The six Caldicott principles are:
The Caldicott Guardian is not there to prevent information sharing between health and social care organisations, but is there to make sure that this is done in a way which safeguards people's rights to privacy and confidentiality, and in accordance with data protection principles.