« Previous | Contents | Next »
Listen
CHAPTER 10: SAFEGUARDS
INTRODUCTION
10.1 Certain health protection powers may reduce an individual's freedom ( e.g. quarantine, exclusion from activities, mass screening and detention). The justification for these actions must be that there is positive benefit to the rest of the population. Equally, there require to be appropriate safeguards for the individual.
CURRENT PROBLEMS
10.2 At present, transfer of personal data occurs between general practice and the NHS Board for notifiable diseases, e.g. possible measles, mumps and rubella cases, and between hospital clinicians and the NHS Board in the case of tuberculosis. This type of transfer is permitted, provided the data relate to someone with a notifiable disease included in the Public Health (Notification of Infectious Diseases) (Scotland) Regulations 1889.
10.3 What is not clear under current legislation is how far outwith the immediate circle of the NHS team, the data can be transferred. Wider transfer of data may be necessary if, for example, a tenement block were to be quarantined and the names of individuals inside the block were required by the local authority. Scottish legislation has no equivalent to Regulation 12 of the Public Health (Infectious Diseases) Regulations (England and Wales) 1988. This provides exclusions to the requirement for confidentiality for the purpose of complying with legislation or preventing the spread of disease. In particular, the "proper officer" may divulge information for the purpose of such action as the officer considers reasonably necessary for preventing the spread of disease.
DATA PROTECTION, CONFIDENTIALITY AND HUMAN RIGHTS
10.4 "The Data Protection Act ( DPA) provides a framework that governs the processing of information that identifies living individuals" ( NHSScotland Code of Practice 2003). The DPA requires that patients are aware of the data controller who:
- uses the minimum amount of patient identifiable information on a need-to-know basis;
- retains such information only for as long as required and only for the purpose it was originally collected.
The DPA aims to protect the public interest and ensure the accuracy of information held on individuals.
10.5 Additionally, the use of information about patients is covered by the following:
- guidance from the General Medical Council ( GMC) on the duty of doctors to ensure confidentiality and obtain consent for release of any data, unless there are exceptional circumstances or statutory obligations to disclose;
- the work of Caldicott Guardians;
- recommendations were also made by the Confidentiality and Security Advisory Group for Scotland ( CSAGS) (April 2002).
10.6 The Human Rights Act 1998 ( HRA) became law in the UK on 1 October 2000. It gives "further effect to rights and freedoms guaranteed under the European Convention on Human Rights ( ECHR)" as agreed by the Council of Europe in Rome on 4 November 1950. The Scotland Act 1998 further provides that any Act of the Scottish Parliament will be outwith its competence, and therefore not law, if it is incompatible with any of the Convention rights. Similarly, the Scottish Ministers are required under the Scotland Act, to act in accordance with Convention rights.
10.7 Key EHCR articles with respect to public health are:
- Article 5: right to individual liberty and security. However, the lawful detention of a person can occur in accordance with a procedure prescribed by law for the prevention of the spreading of infectious diseases;
- Article 8: right to respect for private and family life. This can be over-written by a public authority for the protection of health or morals;
- Article 11: freedom of assembly and association. This can be restricted, if for the protection of health or morals.
10.8 Interference with or restrictions under articles must be in accordance with law and necessary under a democratic society.
ISSUES FOR CONSIDERATION
Legislative change
10.9 Any future legislation must be compliant with both the DPA and the ECHR. The subject matter of DPA is reserved to Westminster and legislation to amend it would be outwith the competence of the Scottish Parliament. In England and Wales, there are supplementary regulations to address some perceived difficulties including consent for disease registries and the use of personal data processed for the consideration of a complaint. A potential change to public health legislation in Scotland could be the introduction of a provision similar to Regulation 12 of the 1988 Regulations in England and set out the right of a competent person to pass on information if necessary for health protection. The advantage of this is that it would mean consistency in UK law and would give statutory basis for current practice. The disadvantage could be the potential for erosion in trust of patient confidentiality.
Addressing possible conflicts of interest when action is linked to the employing agency
10.10 There is a potential conflict of interest where there is a public health risk linked to a service offered by any public sector agency, which would normally have a role in investigating an incident or outbreak and taking action, including enforcement, against its own organisation.
10.11 The currently accepted model suggests that when a risk to the public health associated with a service provided by a public sector organisation has been identified, an outbreak control team/incident management team ( OCT/ IMT) lead by the NHS should investigate. Public health protection staff from NHS boards are unlikely to be linked to an outbreak or incident occurring in any public sector, including local authority premises, in their areas, and it seems reasonable that they should retain leadership in the investigative process. However, there are potentially other models such as the use of a team from another area or the establishment of an independent body or forum to investigate any such incidents.
10.12 Once a complaint or concern within an organisation has been investigated, there will usually be actions or referral to an independent authority. There are examples from other public bodies of how action against one's own organisation is handled. The police force will refer the investigation and control of an internal complaint to a different force. Alternatively, the Nicholson Committee's report on the Review of Liquor Licensing Law in Scotland recommended the separation of the local authority tasks of licensing and enforcement.
10.13 After an outbreak/incident, the OCT/ IMT is expected to report on the event's processes and outcomes. These reports can be used if there are legal concerns and to support the surveillance of new and emerging disease occurrences. The reports are usually sent to a limited audience.
Question 8
Safeguards
Views are invited on whether:
8.1 legislation should contain provisions similar to Regulation 12 in England and Wales, allowing the passing on of information beyond the health protection team by a competent person in specific circumstances
8.2 issues of enforcement against one's own organisation should be handled by:
a) a separate health board or local authority
b) a newly-created public health forum or board
c) another arbitrator
d) robust internal procedures that protect and separate conflicts of interest
8.3 outbreak and incident reports should be circulated to a defined audience.
« Previous | Contents | Next »