The Caldicott Principles are a set of guidelines for handling patient-identifiable information and arose from the Caldicott Committee report on the review of patient-identifiable information (1997).
The report states that "all items of information which relate to an attribute of an individual should be treated as potentially capable of identifying patients and hence should be appropriately protected as to safeguard confidentiality".
In the United Kingdom, a member of the hospital staff will be named the Caldicott Guardian and is responsible for reviewing protocols for governing the disclosure of patient-identifiable information across organisational boundaries.
There are six Caldicott Principles:
- Justify the purpose. Every proposed use or transfer of patient-identifiable information within or from another organisation should be clearly defined (and reviewed if continuing).
- Do not use patient-identifiable information unless it is absolutely necessary. Patient-identifiable information items should not be used unless there is no alternative.
- Use the minimum necessary patient-identifiable information. Where the use of patient-identifiable information is considered essential, each individual item of information should be justified with the aim of reducing identification.
- Access to patient-identifiable information should be restricted on a need-to-know basis. Only those individuals who need access to patient-identifiable information should have access to it, and they should only have access to the information items they need to see.
- Everyone should be aware of his or her responsibilities. Action should be taken to ensure that all staff are aware of their responsibilities and obligation to protect Patient Confidentiality.
- Understand and comply with the law. Every use of patient-identifiable information must be lawful.
References will automatically be added here, see adding references tutorial.