All information no matter how it is stored is subject to the Data Protection Act 1998, which covers medical records, social service records, credit information and local authority information. The Act covers holding, obtaining, recording, using and disclosing information held in all forms of electronic and paper format. It covers all service user information, staff information and gives people rights to see their records.
Anyone processing personal data must comply with the eight enforceable principles of good practice laid down in the Data Protection Act 1998. Data must be fairly and lawfully processed, processed for limited purposes, adequate, relevant and not excessive. Data must be accurate, not kept for longer than necessary, processed in accordance with the data subjects rights, kept secure and not transferred to countries without adequate protection.
According to the act, you can only gather as much information as you need, you can only use it for the purpose you collected it, you must store it securely and you cannot keep it after you have finished using it.
Information can be stored on paper or electronically on files/discs/memory sticks. Information must be secure to prevent getting lost, stolen, damaged or mixed up with someone else’s. It must be stored securely to ensure confidentiality therefore be locked in a cupboard or filing cabinet which has restricted access. Case notes/ files should not be left unattended again to ensure they do not get into the wrong hands or misplaced causing problems for staff.
Processing information within my workplace:
If I am unsure about what to do with information or uncertain about how to process or record something I would first look for guidance from my supervisor or senior colleagues. They would be ideal people to ask for advice with regard to information in the workplace.
For more general information and advice about handling information I could go online to the information