Staff will keep all information about patients confidential.

1. Computers will have firewalls and antivirus software installed and updated regularly with automatic updates enabled. (McAfee)

2. Computers will have anti-spam software installed. (McAfee)

3. Computers will have and regularly use anti-spyware to prevent hacking.

4. All patches and security updates will be accepted when offered by automatic update.

5. Staff will not share passwords with anyone else and will be allowed access to data only relevant to their job description.

6. Passwords will be a minimum of eight characters and a mixture of upper and lower case letters plus numbers and special keyboard characters.

7. Data will be encrypted if it will cause damage or distress if stolen.

8. Computer information will be backed up daily, both to external encrypted hard drive and on-line to secure server.

9. Old computers will have hard drives removed and destroyed before disposal.

10. Any paper documents with names, addresses etc or confidential waste will be shredded before it leaves the premises.

11. Staff should be aware that – they may be prosecuted if they give out personal details without permission.

12. Staff should not send e-mails that may be offensive, about other people, their private lives or anything else that may bring the Practice into disrepute.

13. Staff should never open Spam e-mails, even to ask for no more mailings. Spam should be deleted.

14. Data cards from cameras will not leave the Practice. Clinical camera will be removed to central lobby or upstairs front surgery, away from sight through windows at night.

15. Patient notes will stay on the premises except where used for domiciliary visits. They will be returned to the practice immediately on completion of the visit at the same time as the instruments used.

16. Care will be taken with patient notes inside the practice to prevent other patients reading confidential information. Care will be taken to ensure the correct medical history forms are issued to each patient. If a patient wishes to fill in the form away from other people they will be taken to a separate room to do so.

17. Where conversations need to be held where sensitive information can be overheard, these should be carried out in a separate confidential place.

18. General security – care will be taken on leaving the premises to ensure that the burglar alarm is set and that the door at rear of building is double bolted. In addition to the Yale type lock, the front door will be deadlocked and gates will be padlocked as per lock up procedure. External lighting will be activated from dawn to dusk and CCTV unit will be checked to ensure it is recording on leaving the premises.

Reviewed 23rd August 2017