Hello all - advice and guidance wanted please!

A query has cropped up recently within our adult and children's care services re how to manage occasions where staff from the service area appear in the case management system themselves. Let's say for example because of safeguarding risks identified in relation to their children, or where an officer has suffered mental health issues and is working with a team to resolve. Does anyone have any advice as to how they have managed this situation? Do you lock records down if you're made aware of staff being on the system in order to protect their privacy?

The service area have also queried whether any guidance exists on managing personal access to systems to view relatives/friends records. I can't seem to find any specific guidance but I believe this is something to be decided by the organisation/service area themselves and comes down to a combination of training staff to understand that personal use is not acceptable, limiting access on a needs basis, ensuring that Managers manage staff and address inappropriate access as a disciplinary issue with policies and a disciplinary procedure which supports this?

On a related note - do others regularly audit systems to ensure that use/access by staff is appropriate, or only check records where there is a complaint or concern that something inappropriate has occurred?

Thanks in advance everyone!

Kind regards
Catherine

- - - - - - - - - - - - - - - - - - - - - - - - - - -
Catherine Hanley
Data Protection Officer
Middlesbrough Council Members' Office
PO Box 503
Town Hall
Middlesbrough
TS1 9FX (for directions please use TS1 2RT)
01642 729686

Any opinions or statements expressed in this e-mail are those of the individual and not necessarily those of Middlesbrough Council. Internet communications are not secure and therefore Middlesbrough Council does not accept legal responsibility for the contents of this message as it has been transmitted over a public network. If you suspect the message may have been intercepted or amended, please call the sender.

This e-mail and any files transmitted with it are confidential, may be legally privileged, and are solely for the use of the intended recipient. If you receive this in error, please do not disclose any information to anyone and notify the sender at the above address. Any disclosure, copying, distribution or any action taken or omitted, in reliance on the contents, is prohibited and may be unlawful.

Middlesbrough Council's computer systems and communications may be monitored to ensure effective operation of the system and for other lawful purposes.

Save energy, money and the environment - is it really necessary to print this message?

** This email has been scanned for viruses, vandals and malicious content. **

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

Leaving this list: send leave data-protection to [log in to unmask]
Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask]
To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask]
To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask]

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)