IGPOL70CORE Confidentiality Code of Conduct for Staff v7 by Provide Community

Confidentiality Code of Conduct for Staff Policy

Version: V7

Ratified by: Finance and Investment Committee

Date ratified:

Job Title of author:

Reviewed by Committee or Expert Group

Equality Impact Assessed by:

1. Introduction

All employees working for Provide Group are bound by a legal duty of confidence to protect personal information they may come into contact with during the course of their work. This is not just a requirement of their contractual responsibilities but also a requirement within the common law duty of confidence and the Data Protection Act 2018. It is also a requirement within the NHS Care Record Guarantee, produced to assure patients regarding the use of their information.

It is important that Provide Group protects and safeguards person identifiable and confidential business information that it gathers, creates processes and discloses, in order to comply with the law, relevant NHS mandatory requirements and to provide assurance to patients and the public.

The following legal, NHS-mandatory framework and Guidance for confidentiality forms the key guiding principles of this Code of Conduct:

• The Data Protection Act 2018

• The UK General Data Protection Regulations (UK GDPR)

• Human Rights Act (1988)

• NHS Codes of Practice on Confidentiality and Information Security Management

• The Caldicott Principles (revised September 2013) (See Appendix E)

• The NHS Care Record Guarantee for England

• 'A guide to confidentiality in health and social care: Treating confidential information with respect’ published in September 2013 (See Appendix B)

• Citizens’ rights under the NHS Constitution

• ISO27001:2013

2. Purpose

This policy has been produced to ensure all staff members at Provide Group are aware of their legal duty to maintain confidentiality, to inform staff of the processes in place to protect personal information; and to provide guidance on disclosure obligations.

A summary of Confidentiality ‘Do’s and Don’ts’ can be found at Appendix A

3. Scope

The code is concerned with protecting personal information about patients, and staffs personal information. Personal information is data in any form (paper, electronic, video recording, verbal, etc.) from which a living individual could be identified; including name, age, address, and personal circumstances, as well as sensitive personal information like race, health, sexuality, etc. This may include patient attendances at

appointments, staff disciplinary records, information about agency staff or volunteers, though this list is not exhaustive. Although the Data Protection Act 2018 is only relevant to the personal information of living individuals, this code also covers information about deceased patients. The code applies to all staff including permanent, temporary, and locum members of staff.

It should be noted that employees also come into contact with non-person identifiable information which must also be treated with the same degree of care e.g. business in confidence information, financial reports.

This Code of Conduct covers personal data held within Provide Group premises or taken off site, e.g. by staff visiting patients at home, travelling to clinics, or working from home.

4. Definitions

Person-identifiable information - This is anything that contains the means to identify a person, e.g. name, address, postcode, date of birth, NHS number, National Insurance number etc. Even a visual image (e.g. photograph) is sufficient to identify an individual. Any data or combination of data and other information, which can indirectly identify the person, will also fall into this definition.

Sensitive personal Information - This refers to personal information about: race or ethnic minority; political opinions, religious or similar beliefs, trade union membership, physical or mental condition, sexual preferences, commission or alleged commission of offences or a legal proceeding. This category also includes sensitive health information e.g. information regarding in-vitro fertilisation, sexually transmitted diseases including HIV and termination of pregnancy.

It is not possible to provide detailed guidance for every eventuality, therefore where further clarity is needed, the advice of a senior manager or Information Governance team should be sought.

5. Principles

A duty of confidence arises out of the common law duty of confidence, employment contracts and for registered health professionals, it is part of your professional obligations. Breaches of confidence and inappropriate use of records or computer systems are serious matters which could result in disciplinary proceedings, dismissal and possibly legal prosecution. So, make sure you do not:

• Put personal information at risk of unauthorised access

• Knowingly misuse any personal information or allow others to do so

• Access records or information that you have no legitimate reason to look at, this includes records and information about your family, friends, neighbours and acquaintances as well as patients who are not under your care or within your remit

Provide Group will ensure that patients are adequately informed about the use and disclosure of their personal information via the use of its fair processing information on Provide website and leaflets (Your Information, Your Rights) supplemented with locally produced information where necessary. This will tell them why, how and for

what purpose personal information is collected, recorded and used by the organisation. You should ensure you are familiar with the patient information material and ensure you seek advice from the Information Governance Manager if patients have questions you are unable to answer.

If you are authorised to disclose personal information you should ensure you do so in accordance with the organisations Information Sharing Policy (IGPOL69) and you must only:

• Share with those with a legitimate right to see/hear the information;

• Transfer in accordance with the organisation’s secure transfer methods as detailed in the Transferring of Personal Information Policy (IGPOL65);

• Disclose the minimum necessary to provide safe care or to fulfill the function required

If you are authorised to disclose information that can identify an individual patient for non-healthcare purposes (e.g. research, financial audit) you must only do so if:

• You have the patient’s explicit consent;

• The consent is written or voice recorded - to ensure there is no later dispute about whether consent was given.

Under the common law duty of confidence, identifiable personal information may be disclosed without consent in certain circumstances, these are:

• Where there is a legal justification for doing so, e.g. to comply with an Act of Parliament (statute) or court order;

• In Child Protection proceedings if it is considered that the information required is in the public or child’s interest;

• Where there is a public interest justification - i.e. where the public good that would be achieved by the disclosure outweighs both the obligation of confidentiality to the patient concerned and the broader public interest in the provision of a confidential service; and

• Where disclosure can be justified for another purpose. This is usually for the protection of the public and is likely to be in relation to the prevention and detection of serious crime (see below).

Where there are any concerns regarding disclosure or personal information and particularly where patient consent is unable to be obtained then you must discuss this with the Information Governance and IT Projects Manager or Caldicott Guardian.

Staff must refer to the Procedures for disclosing information to the Police and Courts as documented in the organisation’s Information Sharing Policy (IGPOL69) for further information on the process to follow with regards to disclosures to the Police.

Any personal information given or received in confidence for one purpose may not be used for a different purpose or passed to anyone else without the consent of the provider of the information. This is usually the patient but may sometimes be another person such as a carer or relative who has provided the information.

Breach of confidence, inappropriate use of health records or abuse of computer systems may lead to disciplinary action and may result in legal proceedings.

The patient has the right to refuse permission for disclosure of information held about them even if they have previously given consent for disclosure of such information. The patient’s request must be clearly documented in the record and respected by all practitioners from that date for all information not just that recorded after this date. This decision can only be revoked by a court order or where non-disclosure would place the patient or other person at risk of significant harm, such as in child protection cases.

6. Protecting Personal Information

Make sure you comply with the following staff policies/ guidelines which set out practical things you should do to keep personal information protected:

• Good record keeping (see IGPOL63 – Health Record Keeping Policy);

• Keeping Information Secure, incl Appropriate use of Computer Systems (see IGPOL53 – Information Security Policy)

• Secure Transfer of Personal Information (see IGPOL65 Transferring Personal Information Policy)

• Reporting information incidents (see QSPOL01 Incident Reporting and Management Policy)

• Digital Recording of Patients (See IGPOL54 – Digital images Recordings of Patients)

• Using Personal Mobile Devices (See ITPOL14 Bring Your Own Device Policy (BYOD)

• Use of Email (See IGPOL88 – Email, Internet, Instant Messaging and Social Media Policy

• Sharing of Information (See IGPOL69 – Information Sharing Policy)

Working Away from the Office Environment

There are situations where staff need to undertake home visits, travel to clinics or work from home carrying confidential information such as patient/staff records. This means that these staff may need to carry Provide Group information with them which could be confidential in nature e.g. on a laptop, encrypted USB stick or paper documents.

To ensure the safety of confidential information staff should keep confidential records on their person at all times. Confidential or Personal information must be safeguarded at all times and kept in a secure location.

Staff must minimise the amount of Confidential information that is taken out of Provide Group premises. If staff have to carry Confidential Information around during the day they must consider their travel plans, for example calling into shops or petrol stations when they are least likely to be carrying this Information

If staff do need to carry confidential information they must ensure the following are considered and remember that there is personal liability under the Data Protection Act 2018 and their contract of employment for breach of these requirements:

• Ensure any personal information is in a sealed container prior to them being taken out of Provide Group buildings; and

• Make sure they are put in the boot of the car or carried on their person while being transported.

Taking records back to work must be carried out as above, in secure containers etc. For manual patient records they should be logged as being back within the organisation.

Services on TPP SystmOne must ensure that any paper records are tracked using the record tracking template. Further information can be obtained from the Systems Support team.

Staff taking Confidential Information home have personal responsibility to ensure that this is kept secure. This means that other members of their family and/or their friends/colleagues must not be able to see the content or outside folder of the records or have any access to the records whether paper based or electronic.

Staff must have authorisation from the clinical manager before taking patient records home. Where necessary advice should be sought from the IG Manager or Caldicott Guardian.

Working in Open Plan/ Shared Office Environments

Open plan offices have many benefits, such as bringing about a closer working relationship with colleagues from within your own department/team and enabling collaboration between teams. However, they can also pose a risk to maintaining a confidential environment. The following must be adhered to when working within open plan/ shared office spaces:

• Do ensure that you cannot be overheard when discussing highly confidential matters and use designated quiet space where available;

• Meetings with external visitors must be conducted within meeting rooms or private office spaces where confidential conversations with patients or staff cannot be overheard.

• Ensure that visitors are accompanied at all times and where applicable sign in and out.

• There may, on occasion, be the requirement for managers/teams to meet with their staff on short notice regarding confidential and personal matters. With a reduction in office space available, managers should agree what rooms can be used for these issues. These rooms will need to be entirely private;

• Ensure you comply with the Clear Desk & Desk Booking Policy

For further information consult Appendix A – Do’s and Don’ts

7. Confidentiality for Third Parties

Where third party organisations, companies or individuals are working on Provide Group Premises or have access to Provide Group’s information (including information about its patients, staff or commercially sensitive information) these parties must have a commercial agreement in place which contains Non-Disclosure clauses.

A commercial agreement is a legally binding document. The terms of this agreement thus restrict and govern the use of such information by the contractor, requiring them to keep the information confidential and secure. Services must engage with the Provide Group Contracts team at the earliest opportunity to ensure that a suitable agreement is in place before engagement begins.

It is good practice to remind employees of third party organisations/ companies of their obligations with regards to Confidentiality when any engagement commences.

A Code of Conduct Regarding Confidentiality and Data Protection for Contractors Supplying Goods, Services and/or Consultancy to the organisation is available in Appendix D. Please note that this does not replace the need for a commercial agreement to be in place.

Signed Confidentiality agreements should be scanned and emailed to provide.infogov@nhs.net

8. Carelessness and Abuse of Privilege

There are a number of situations where unintentional disclosure may occur, whether as a result of bad practice or as a result of a system failure.

Discussions about patients, whether as part of formal meetings or as informal exchanges about patients between professionals, on or off Provide Group premises, can easily lead to inadvertent disclosure. Staff should ensure that all those attending meetings relating to patient care are aware of, understand and abide by this Confidentiality Code of Conduct.

Personal identifiers must be removed in presentations, audit reports and other sessions with other staff not involved in patient care. Conversations about patients in open or public areas within the organisation (e.g. waiting areas, corridors and lifts) or outside (e.g. streets, buses, trains) must be avoided.

Staff must take care to protect patient information when holding a telephone conversation in a public area, to ensure that personal details cannot be overheard.

Staff should avoid placing clinical information on display boards in clinical areas that can be seen by patients and visitors.

Steps must be taken to ensure physical safety and security of person-identifiable information held in paper and on computers. Staff should consult the Information Security Policy (IGPOL53) for further details.

Failure to adequately protect confidential information may lead to a breach of confidentiality. This is a disciplinary offence and constitutes gross misconduct which may result in summary dismissal.

Accessing confidential information without a legitimate purpose will be viewed as a breach of confidentiality which may lead to disciplinary action and summary dismissal.

Staff that feel that they are under duress or pressure to disclose information to others who do not have a legitimate right to the information must report this to their line manager in the first instance or to the Information Governance team.

9. Accidental access to Confidential Information

Staff that accidentally come into contact with confidential information that they have no legitimate need tomustreport thisto their line manager. Examples of accidental access include opening the wrong patient record on SystmOne or staff record on ESR. Where a breach in confidentiality has occurred this will need to be incident reported.

10. Reporting

of Breaches

All breaches of confidentiality must be reported through the organisation’s Incident Reporting and Management Policy (QSPOL01)

On a routine basis a report on breaches of confidentiality of personal information shall be presented to the Quality and Safety Committee and Risks raised through to the organisation’s Finance and Investment Committee. The information will enable the monitoring of compliance and enable improvements to be made to this Code of Conduct.

11. Training, Dissemination and Implementation Process

All new staff will be made aware of the existence of this Policy via corporate and local induction process and any changes in policy will be communicated through annual mandatory IG training. This Policy is considered a Core organisational Policy and will be communicated through Metacompliance. Managers must highlight to staff their responsibility to ensure that they review the content of this Policy and the importance that the organisation place on this matter and remind staff of the ‘nondisclosure of confidentiality information clause’ in their staff contract.

Managers must actively ensure that staff with access to personal information about patients, undertake and complete mandatory Information Governance training.

Managers must de-brief staff on their post-employment confidentiality responsibilities on termination of employment. This is included on the HR leavers checklist.

12. Monitoring and Review

An audit of this Code of Conduct will be supported and informed by analysis of breaches of confidentiality and complaints from the public and also through the annual Protecting Confidential Information Audit (See Appendix C)

This Code of Conduct will be reviewed every 3 years by the Information Governance Manager. Earlier review may be required in response to exceptional circumstances, organisational change or relevant changes in legislation

Appendix A: Dos and Don’ts

✓ Do safeguard the confidentiality of all personal information that you come into contact with. This is a statutory obligation on everyone working within the organisation.

✓ Do clear your desk at the end of each day, keeping all portable records containing personal data in recognised filing and storage places that are locked at times when access is not directly controlled or supervised.

✓ Do consider scanning paper items and filing them electronically or sending nonactive paper records that you do not have space for to the PDM Archive store.

✓ Do switch off computers with access to personal information, or put them into a password-protected mode [CTRL-ALT-DEL], if you leave your workstation for any length of time.

✓ Do remove your smartcard from your workstation if leaving your work area, even if for a short period.

✓ Do ensure that you cannot be overheard when discussing patients.

✓ Do challenge and verify where necessary the identity of any person who is making a request for confidential information and ensure they have a need to know.

✓ Do share only the minimum information necessary.

✓ Do transfer personal information securely when necessary i.e. only use an nhs.net email account tosend patient identifiable information to another nhs.net email account or another email account with comparable security or by triggering manual encryption in NHS Mail (see Transferring of Personal Information Policy (IGPOL65))

✓ Do seek advice if you need to share information without consent, and record the decision and any action taken.

✓ Do report any actual or suspected breaches of confidentiality.

✓ Do participate in induction, training and awareness raising sessions on confidentiality issues and complete the mandatory annual IG training.

DON’T

 Don’t share passwords or write them down where others may see.

 Don’t disclose information without the consent of the person concerned, unless there are statutory grounds to do so.

 Don’t use person-identifiable information unless absolutely necessary. Anonymise where possible.

 Don’t collect, hold or process more information than you need, and do not keep it for longer than necessary.

 Don’t print confidential information unless absolutely necessary. Do you really need to print that email?

Appendix B – Health and Social Care Information Centre (HSCIC) Confidentiality Rules

These confidentiality rules have been published by the Health and Social Care Information Centre as a result of a recent review of Information Governance and in particular recommendations made from a Caldicott Review Group

The rules have been developed to provide a clear and concise guide that can be understood by service users, patients, relatives and staff

Rule1

Confidential information about service users or patients should be treated confidentially and respectfully.

Rule2

Members of a care team should share confidential information when it is needed for the safe and effective care of an individual.

Rule3

Information that is shared for the benefit of the community should be anonymised.

Rule4

Anindividual'srighttoobjecttothesharingofconfidentialinformationaboutthemshould be respected.

Rule5

Organisations should put policies, procedures and systems in place to ensure the confidentiality rules are followed.

APPENDIX C – Protecting Confidential Information

Audit Introduction

In order to provide assurance that access to confidential information is gained only by those individuals that have a legitimate right of access, it is necessary to ensure appropriate monitoring is undertaken on a regular basis. Monitoring should be carried out by the Information Asset Owner or Custodian in order that irregularities regarding access to confidential information can be identified, reported to the IG Team and action taken to address the situation, either through the implementation of additional controls or other remedial action as necessary. Actual or potential breaches of confidentiality should be incident reported, in order that action can be taken to prevent further breaches taking place.

Auditing access to confidential information

To ensure that the correct controls are in place with respect to accessing confidential information the following areas should be audited:

• Security applied to manual files, e.g. storage in locked cabinets/locked rooms

• That patients are made aware of who has access to their information and the uses of their information

• Evidence that checks have been carried out to ensure that the person requesting access to the information has a legitimate right to do so

• Disposal arrangements for confidential waste

• The understanding of staff within the department of their responsibilities with regard to confidentiality and restrictions on access to confidential information

• That staff are adequately trained and understand the principles around Confidentiality and Information Security

• Evidence of passwords being kept secret and not being shared

• Staff have access to information that they are entitled to view via assignment of correct smartcard rights and access rights to shared folders.

Training

Support shall be provided by the Information Governance Manager where required. Training around maintaining Confidentiality and Information Security will be provided through existing IG training

APPENDIX D –

A Code of Conduct Regarding Confidentiality and Data Protection for Contractors Supplying Goods, Services and/or Consultancy to the organisation

Aim

This agreement aims to ensure that any contractor or third party required to work* on Provide Group premises is aware of the confidentiality requirements of the organisation. Confidential Information includes all information relating to the business of Provide Group and its patients and employees. You may be asked to sign this form where a commercial agreement is also in place.

Form of Agreement

Contractor representative’s name:_________________________________ will ensure that all personnel representing Contractor:_______________________ visiting Provide GROUP premises are made aware of their duties and responsibilities with regard to confidentiality, as set out below, before they visit a Provide GROUP’s Premises. Provide GROUP reserves the right to refuse access to any representative of the above name contractor if, in the organisation’s opinion, there is any doubt about that person’s commitment to abide by this confidentiality agreement.

I agree to undertake responsibility for entering into an agreement with Provide GROUP and in so doing, in relation to the carrying out of the tasks set out on the attached schedule, agree:

1. To comply with the principles of all relevant Data protection legislation including the General Data Protection Regulations (GDPR) and the Data Protection Act 2018 when handling and processing Provide GROUP’s data;

2. That any information obtained in the course of business between parties is confidential, shall be used for the sole purposes of the contract / exercise / meeting, and shall not at any time be disclosed by any such person without the consent of the organisation.

3. That any information which is seen or overhead whilst working on Provide GROUP Premises is to be treated as confidential and must not be discussed with or disclosed to anyone else including Provide GROUP Employees

4. Not to store personal or sensitive personal data on portable computing equipment unless it is encrypted to the appropriate standard and where you have been given express permission to do so (256 Bit AES or equivalentas defined in Provide GROUP’s Information Security Policy)

5. Not transfer, copy, duplicate or otherwise take any of Provide GROUP’s Information offsite without express permission.

6. To perform any agreed transfers using encrypted media approved by the organisation.

7. To return any data and data media to Provide GROUP on completion of their work;

8. To report any security or confidentiality breaches made in the course of the work/ visit/ engagement detailed below, his employees, representatives/agents or sub-contractors immediately to a Provide GROUP Representative.

Contractor: …………………………….

Signature: ……………………….…….

Title: ……………………………..…….

Date: ……………………….………….

Duration of the Tasks:

Start Date: End Date:

PURPOSE OF WORK/ VISIT/ ENGAGEMENT (Please Complete below)

Appendix E - The Eight Caldicott Principle

Principle 1: Justify the purpose(s) for using confidential Information. Every proposed use or transfer of confidential information should be clearly defined, scrutinised and documented, with continuing uses regularly reviewed by an appropriate guardian.

Principle 2: Use confidential information only when it is Necessary. Confidential information should not be included unless it is necessary for the specified purpose(s) for which the information is used or accessed. The need to identify individuals should be considered at each stage of satisfying the purpose(s) and alternatives used where possible.

Principle 3: Use the minimum necessary confidential information. Where use of confidential information is considered to be necessary, each item of information must be justified so that only the minimum amount of confidential information is included as necessary for a given function.

Principle 4: Access to confidential information should be on a strict need-toknow basis. Only those who need access to confidential information should have access to it, and then only to the items that they need to see. This may mean introducing access controls or splitting information flows where one flow is used for several purposes.

Principle 5: Everyone with access to confidential information should be aware of their responsibilities. Action should be taken to ensure that all those handling confidential information understand their responsibilities and obligations to respect the confidentiality of patient and service users.

Principle 6: Comply with the law

Every use of confidential information must be lawful. All those handling confidential information are responsible for ensuring that their use of and access to that information complies with legal requirements set out in statute and under the common law.

Principle 7: The duty to share information for individual care is as important as the duty to protect patient confidentiality.

Health and social care professionals should have the confidence to share confidential information in the best interests of patients and service users within the framework set out by these principles. They should be supported by the policies of their employers, regulators and professional bodies.

Principle 8: Inform patients and service users about how their confidential information is used. A range of steps should be taken to ensure no surprises for patients and service users, so they can have clear expectations about how and why their confidential information is used, and what choices they have about this. These steps will vary depending on the use: as a minimum, this should include providing accessible, relevant and appropriate information - in some cases, greater engagement will be required.

Click here to enter text.

EQUALITY IMPACT ASSESSMENT TEMPLATE: Stage 1: ‘Screening’

Name of project/policy/strategy (hereafter referred to as “initiative”):

Confidentiality Code of Conduct for Staff Policy

Provide a brief summary (bullet points) of the aims of the initiative and main activities:

Confidentiality Code of Conduct for Staff Policy

Project/Policy Manager: Petra Lastivkova

Date: 11/8/2022

This stage establishes whether a proposed initiative will have an impact from an equality perspective on any particular group of people or community – i.e. on the grounds of race (incl. religion/faith), gender (incl. sexual orientation), age, disability, or whether it is “equality neutral” (i.e. have no effect either positive or negative). In the case of gender, consider whether men and women are affected differently.

Q1. Who will benefit from this initiative? Is there likely to be a positive impact on specific groups/communities (whether or not they are the intended beneficiaries), and if so, how? Or is it clear at this stage that it will be equality “neutral”? i.e. will have no particular effect on any group.

Neutral

Q2. Is there likely to be an adverse impact on one or more minority/under-represented or community groups as a result of this initiative? If so, who may be affected and why? Or is it clear at this stage that it will be equality “neutral”?

Neutral

Q3. Is the impact of the initiative – whether positive or negative - significant enough to warrant a more detailed assessment (Stage 2 – see guidance)? If not, will there be monitoring and review to assess the impact over a period time? Briefly (bullet points) give reasons for your answer and any steps you are taking to address particular issues, including any consultation with staff or external groups/agencies.

Positive impact – ensures security, confidentiality, integrity and accessibility of information.

Policy to be monitored through the organisation’s Incident Reporting process, Protecting Confidential Information Audit and reviewed every 2 years.

Guidelines: Things to consider

Equality impact assessments at Provide take account of relevant equality legislation and include age, (i.e. young and old,); race and ethnicity, gender, disability, religion and faith, and sexual orientation.

The initiative may have a positive, negative or neutral impact, i.e. have no particular effect on the group/community.

Where a negative (i.e. adverse) impact is identified, it may be appropriate to make a more detailed EIA (see Stage 2), or, as important, take early action to redress this – e.g. by abandoning or modifying the initiative. NB: If the initiative contravenes equality legislation, it must be abandoned or modified.

Where an initiative has a positive impact on groups/community relations, the EIA should make this explicit, to enable the outcomes to be monitored over its lifespan.

Where there is a positive impact on particular groups does this mean there could be an adverse impact on others, and if so can this be justified? - e.g. are there other existing or planned initiatives which redress this?

It may not be possible to provide detailed answers to some of these questions at the start of the initiative. The EIA may identify a lack of relevant data, and that data-gathering is a specific action required to inform the initiative as it develops, and also to form part of a continuing evaluation and review process.

It is envisaged that it will be relatively rare for full impact assessments to be carried out at Provide. Usually, where there are particular problems identified in the screening stage, it is envisaged that the approach will be amended at this stage, and/or setting up a monitoring/evaluation system to review a policy’s impact over time.

EQUALITY IMPACT ASSESSMENT TEMPLATE: Stage 2:

(To be used where the ‘screening phase has identified a substantial problem/concern)

This stage examines the initiative in more detail in order to obtain further information where required about its potential adverse or positive impact from an equality perspective. It will help inform whether any action needs to be taken and may form part of a continuing assessment framework as the initiative develops.

Q1. What data/information is there on the target beneficiary groups/communities? Are any of these groups under- or over-represented? Do they have access to the same resources? What are your sources of data and are there any gaps?

Q2. Is there a potential for this initiative to have a positive impact, such as tackling discrimination, promoting equality of opportunity and good community relations? If yes, how? Which are the main groups it will have an impact on?

Q3. Will the initiative have an adverse impact on any particular group or community/community relations? If yes, in what way? Will the impact be different for different groups – e.g. men and women?

Q4. Has there been consultation/is consultation planned with stakeholders/ beneficiaries/ staff who will be affected by the initiative? Summarise (bullet points) any important issues arising from the consultation.

Q5. Given your answers to the previous questions, how will your plans be revised to reduce/eliminate negative impact or enhance positive impact? Are there specific factors which need to be taken into account?

Q6. How will the initiative continue to be monitored and evaluated, including its impact on particular groups/ improving community relations? Where appropriate, identify any additional data that will be required.

Guidelines: Things to consider

An initiative may have a positive impact on some sectors of the community but leave others excluded or feeling they are excluded. Consideration should be given to how this can be tackled or minimised. It is important to ensure that relevant groups/communities are identified who should be consulted. This may require taking positive action to engage with those groups who are traditionally less likely to respond to consultations, and could form a specific part of the initiative. The consultation process should form a meaningful part of the initiative as it develops, and help inform any future action.

If the EIA shows an adverse impact, is this because it contravenes any equality legislation? If so, the initiative must be modified or abandoned. There may be another way to meet the objective(s) of the initiative.

Further information:

Useful Websites

www.equalityhumanrights.com Website for new Equality agency www.employers-forum.co.uk – Employers forum on disability www.disabilitynow.org.uk – online disability related newspaper www.womenandequalityunit.gov.uk – Gender issues in more depth www.opportunitynow.org.uk - Employer member organisation (gender) www.efa.org.uk – Employers forum on age www.agepositive.gov.uk – Age issues in more depth