Confidentiality policy

Home-Start in Suffolk Confidentiality policy

Home-Start in Suffolk recognises that the legitimate use of information underpins our service.


Confidentiality Principles:

  • Those who share sensitive personal information with Home-Start in Suffolk have a right to expect that it will be treated as confidential
  • Personal and confidential information in any form obtained by Home-Start in Suffolk will be handled in compliance with data protection law and only in the ways relevant to the purpose of providing support as set out in our privacy notice
  • Access to the information we hold is limited to those who have a genuine need to see and use it in order to fulfil their roles in delivering our service
  • Everyone who works for or with Home-Start in Suffolk understands their duty to maintain the confidentiality and relevance of information that is shared with or by them and the consequences of breaching that confidentiality


Responsibilities for the Principles in Practice

For Trustees that means:

  • fully committing to the principles of confidentiality and the management and security of information they receive in the course of their duties
  • being responsible for ensuring that everyone in Home-Start in Suffolk understands and is committed to maintaining confidentiality
  • ensuring that dated and signed records are kept of all access to sensitive information along with the reasons for that access
  • ensuring that procedures are in place that mean that the information collected is only what is needed to deliver the service, that it is kept securely in whichever form it takes and is only available to those who need to know
  • ensuring that procedures are in place for sharing information securely and in line with the privacy notice
  • being responsible for dealing with any breach of confidentiality including, if necessary, ending an individual’s association with Home-Start in Suffolk, reporting breaches to the relevant authority and cooperating with any investigation/prosecution

For Staff that means:

  • following the principles set out in the policy and the associated Privacy Notice in all their work
  • maintaining the confidentiality and security of all their records
  • ensuring that information they hold about others and information they provide about themselves is accurate, up to date and only what is needed to provide the service
  • recognising that everyone involved with Home-Start in Suffolk has a right to confidentiality
  • following the systems and procedures to maintain confidentiality including when sharing with other agencies
  • knowing that where there are concerns about the safety or wellbeing of a child or vulnerable adult, the families, or individual members within the family, need not be informed that their information is being passed on to the relevant authorities if telling them has the potential to cause further harm, or may jeopardise any investigation by Police, Social Care services or other agencies with legal investigatory powers
  • knowing and following the procedures for dealing with a request for information from the police, courts or other agencies with legal powers to collect information
  • being aware that breaches of confidentiality are serious matters and could result in being fired and even prosecution

For Volunteers that means:

  • making sure they understand and follow the principles of confidentiality and understand the limits around what information is collected and shared (set out in the privacy notice) and follow the procedures put in place by Home-Start in Suffolk to maintain that confidentiality
  • being careful not to discuss families they support in ways that would identify them to others making sure that any information they record about their families is held securely and is destroyed as soon as support is ended
  • knowing that breaches of confidentiality are serious and could result in ending their volunteering role and even make them liable to prosecution

For Families that means:

  • knowing how and why Home-Start in Suffolk will collect information from and about them and in what circumstances it could be shared (set out in the Privacy Notice)
  • having confidence that Home-Start in Suffolk will respect their right to confidentiality and will let them know wherever possible before sharing information about them
  • being aware that if Home-Start in Suffolk believes that telling them that we will share their information might put them or a child at risk of harm we will not tell them first
  • knowing that Home-Start in Suffolk will keep accurate and up to date records and that there are clear limits to how long information is kept in an identifiable form

Appendix 1 attached to this policy gives guidance and examples of the kind of procedures which should be in place in schemes.

Appendix 2 gives the details on the reporting of breaches of confidentiality.

This policy should be read alongside the Data Protection policy.

This policy adopted: 28th October 2021

Date policy to be reviewed:October 2022


Appendix 1

These are the kind of procedures you must have in place.

1. Induction and training
For trustees, staff and volunteers
During induction or the Volunteer Course of Preparation everyone should be made aware of and asked to commit to the Home-Starts Confidentiality principles and procedures by signing the Safeguarding Code of Conduct

For families
During the initial visit the coordinator will go through the Privacy Notice, explaining and trying to ensure understanding. They will also do their best to make any partner not present at the meeting aware of the privacy notice

2. Safeguarding
There are times when trustees, staff and volunteers may need to break confidentiality. If there are concerns about the safety or wellbeing of a child, or a vulnerable adult, data protection law allows the sharing of relevant personal information. In fact, there is a legal and moral obligation to report safety or wellbeing concerns to the relevant authorities. Information shared in these circumstances must be shared in a secure manner and only the minimum personal information necessary for the purpose must be shared. The parties involved should not be informed that information about them has been shared if doing so would jeopardise an investigation by police, social care or other agency with investigatory powers.

3. Sharing information
3.1 Trustees
Trustees may have access to confidential information.

Where the board has to discuss confidential personnel matters or operationally sensitive items the minutes are taken separately from the normal minutes and their circulation restricted to only those who need to know.

Generally, however, reports to the board about operational matters, services, needs, case studies, etc, will be in an anonymised form.

Trustees are responsible for monitoring how the Home-Start handles confidential information and for ensuring there are appropriately secure storage arrangements maintained.

3.2 Staff
When staff to share information with other agencies they will need to ensure such agencies have a legitimate interest in knowing the information and that they have appropriate confidentiality, data protection and privacy notices in place which conform with the law.

When discussing families with other staff or volunteers confidentiality should be maintained at all times – in line with this policy and the Data Protection policy. Such discussions should take place in a confidential setting.

When formal requests from courts or police for information are made to Home-Start the trustees should be informed* and the material supplied in the form of a witness statement drawn up from actual dated and signed records.

3.3 Volunteers
When meeting for peer support, or training events, volunteers should not discuss the families that they are supporting/have supported in a way which would identify them to others and breach that family’s right to confidentiality.

Diary sheets, and any information held by the volunteer that might identify families, should be stored securely.

3.4 Other agencies and external contractors
Confidential information may be shared with relevant agencies who have a legitimate interest in supporting the families in line with the consent given when accepting support.

Families are informed of when such sharing takes place unless to do so would put anyone at risk (see point 2)

Statistical information and case studies for funders or other stakeholders are provided in an anonymous form.

Any third party contractor (e.g. an IT engineer) accessing personal, sensitive information incidental to their work will sign an undertaking ensuring strict confidentiality will be maintained and be under contract to protect the confidentiality and security of the information.

4. Record Keeping
All records are kept securely

Access to records is monitored and restricted to those who have a need to know or a particular role to fulfil (including QA and external auditors) Trustee, Staff, Volunteer and Family files have a record of access form which is signed and dated by anyone accessing them.

Information in files is the minimum necessary to provide effective support

Publicly accessible displays/notice boards etc should not contain identifiable information about families

Statistical information about families and the service may be shared in an anonymous form

Trustees, staff and volunteers are made aware of their rights under data protection law to access what information Home-Start holds about them.

* Report to Board as at Oct 2021


Appendix 2 – Breach Flow chart

  • A decision will be taken by the Data Protection Trustee on whether to report a breach
  • If a breach may result in adversely affecting individuals’ rights you must also inform those individuals without undue delay.
  • You must keep a record of any personal data breaches regardless of whether you are required to notify.
  • Failing to notify a breach can result in a significant fine.