Skip navigation

Caldicott Guardians National Annual Conference: News & Updates

Chaired and produced in association with Christopher Fincken, Chair, The UK Caldicott Guardian Council the aim of today’s conference is to bring current and aspiring Caldicott Guardians together to understand current issues and the national context, and to debate and discuss key issues and areas they are facing in practice.

The key areas of focus included developing your skills as an effective Caldicott Guardian, a focus on hot topics including cyber security, self assessment and audit of the Caldicott Function, learning from information sharing in domestic violence and homicide cases, research and the caldicott guardian, implementing the new GMC guidance on confidentiality, information disclosure to the police, Caldicott Decision Making and understanding the legal context including consent after Lanarkshire and the Duty of Candour.

The conference also discussed the competence requirements for Caldicott Guardians moving forward following Dame Fiona Caldicott’s recommendations in the National data security review, and developments in training and educating future doctors in Caldicott principles.

Speakers and presentation from the day include:

An update from the Information Governance Alliance

Suzanne Lea Programme Manager Information Governance Alliance (IGA)

  • how IGA supports and works with Caldicott Guardians
  • implementation of NDG review report recommendations

Suzanne Lea Full Presentation Click Here

Suzanne Lea stated the IGA mission is “To enhance the quality of health and care services, including people's experience of using those services, by improving information governance.”

“We are working closely with IG teams in the four partner  organisations to bring consistency or messages and reduce duplication and conflicting advice and guidance. But it is not enough to get the messages consistent nationally – we need to do more to empower local organisations to make the right decisions”

“This is about giving advice in plain English, the headlines, to help local leaders make decisions about how to implement best practice in use and protection of people’s information in their local organisations.”

Suzanne Lea Presentation Abstract:

Information governance and information sharing are still big news.  Since the last Caldicott Guardian Conference in May 2016 several reviews have been published including the National Data Guardian and the Care Quality Commission Reviews on data security and consent and the Bob Wachter Review on digital transformation.  In support of the Wachter Review the Government has announced new money for digital transformation and named 12 NHS trusts as new global exemplars. There has been a consultation on the Reviews by the National Data Guardian and the Care Quality Commission and the Government response is expected soon.

Meanwhile the financial pressures continue, leaving Caldicott Guardians under greater pressure as they continue to support local digital and integration projects as well as handling day-to-day information sharing queries.

Other speakers will talk about the National Data Guardian Review and the work of the UK Council of Caldicott Guardians. The Information Governance Alliance works with both the Office of the National Data Guardian and the Council to offer support for local Caldicott Guardians tailored to their specific needs. This support includes a query service, support for the emerging Caldicott Guardians network, webinars and opportunities to meet – at workshops and conferences.

Suzanne Lea Biography:

Suzanne leads on communications and engagement for the Information Governance Alliance (IGA), a collaborative partnership between the Department of Health, NHS England, Public Health England and NHS Digital.  The IGA has a remit to provide a joined up and consistent approach to the rules on using information in health and care through becoming the authoritative source of advice and guidance. Previously Suzanne spent 18 months in the Department of Health, working on information governance policy and was part of the team supporting Dame Fiona Caldicott’s independent review of information governance in 2013.

The National Data Guardian review: Implications for Caldicott Guardians

John Carvel Member National Data Guardian Panel

  • the recommendations from the data security, consent and opt-outs review
  • implications for Caldicott Guardians
  • priorities for implementation and moving forward

John Carvel Full Presentation Click Here

During his presentation Jon Carvel stated: "Caldicott guardians make a significant difference"

John discussed the NDG review of Data Security, Consent and Opt-outs, commissioned in September 2015 by the Secretary of State.

The National Data Guardian asked to propose

  • a set of data security standards applicable across the NHS and social care system
  • With CQC a method to assess compliance
  • new model of consent /opt outs

John also discussed the CQC Review: Safe data, safe care stating:

  • The leadership of every organisation should demonstrate clear ownership and responsibility for data security*
  • Staff should be given the right information, tools, training and support to allow them to do their jobs effectively
  • IT systems and data security protocols should be designed around the needs of patient care and frontline staff
  • Computer hardware and software that can no longer be supported should be replaced as a matter of urgency.
  • Arrangements for internal data security audit and external validation should be reviewed and strengthened*
  • CQC will amend its assessment framework and inspection approach to include assurance of appropriate internal and external validation*

John continued with an in-depth look at the National Data Guardian’s data Security Standards

  • Leadership Obligation 1: People - Ensure staff are equipped to handle information respectfully and safely, according to the Caldicott Principles.
  • Leadership Obligation 2: Process - Proactively prevent data security breaches and respond appropriately to incidents or near misses.
  • Leadership Obligation 3: Technology - Ensure technology is secure and up-to-date.

John also discussed the NDG review’s implications for Caldicott Guardians

  • Report says that Caldicott Guardians make a significant difference, and where properly supported
  • Calls for board-level engagement on data security – to be taken as seriously as financial and clinical management and accountability
  • Boards are not to assume that data security was dealt with exclusively by the Caldicott Guardian or SIRO
  • Bespoke additional training for people in leadership roles, such as Caldicott Guardians

John summarised his presentation with a look at what is next on a statutory basis for the NDG stating:

Government has committed to putting into law a role that:

  • is an independent and authoritative champion for the public
  • considers the uses made of data health and care data
  • has formal advice giving powers
  • does not issue or enforce sanctions but works with existing regulators

He also stated NDG will work:

  • Further work around definition of direct care and implied consent
  • Examining topic of genomic and genetic data
  • Looking at implications of new technology, such as AI

John Carvel Abstract:

John Carvel spent 36 years as a staff writer on The Guardian. From 2000 until he retired from the paper in 2009 he was its social affairs editor, specialising in health and social care.

Since 2009 he has provided consultancy and writing, mainly for public sector health organisations. He has also been a member of various NHS and social care bodies including the National Leadership Council (2009-2011), Quality Information Committee (2010-2013), Information Governance Review (2012-2013), Healthwatch England National Committee (2012-present), Independent Information Governance Oversight Panel (2013-2015), National Information Governance Committee (2013-2015), National Data Guardian’s Panel (2015-present).

John’s varied career on The Guardian was as a writer and editor. He was in turn business reporter, industrial correspondent, local government correspondent, political correspondent, home affairs editor, European affairs editor, education editor and social affairs editor.

He is the author of two biographies on Ken Livingstone, Citizen Ken (1984) and Turn Again Livingstone (1999). He has the Freedom of Information Award for a successful legal action in the European Court against official secrecy at the EU Council of Ministers. Other awards included recognition from the BMA as medical journalist of the year in 2004.

An update from the Information Commissioners Office

Stacey Egerton Lead Policy Officer Public Services Team Strategic Liaison The Information Commissioners Office

  • learning from case studies of breaches by NHS and Social Care organisations
  • reporting, managing and investigating information governance serious untoward incidents
  • fair processing notices and privacy impact assessments
  • DPA changes in line with Europe
  • the role of the Information Commissioner and an update on the data sharing code of practice

Stacey Egerton Full Presentation Click Here

Stacey Egerton Biography:

Stacey joined the Information Commissioners Office in 2012 as a case officer dealing with concerns raised by the public across the local government sector. She is currently a Lead Policy Officer within the ICO’s Strategic Liaison department working with a range of organisations in the health, education and local authority sectors. She has responsibility for helping manage the strategic relationships with the stakeholders in these sectors in order to uphold information rights and promote data privacy for individuals. Over the last 12 months Stacey has done a significant amount of work in relation to data sharing and integrated care initiatives.

EXTENDED INTERACTIVE SESSION: Caldicott Update and Decision Making including Case Examples

Christopher Fincken Chair UK Caldicott Guardian Council

  • developing your skills as an effective Caldicott Guardian
  • ethical and legal issues that have come to the Caldicott Guardian
  • caldicott decision making and issues in practice
  • should there be national competencies for Caldicott Guardians?
  • case examples and interactive discussion
  • Caldicott recent developments and accountability

Christopher Fincken Biography:

Christopher Fincken is Chairman of the UK Caldicott Guardian Council (UKCGC), and was a Caldicott Guardian for over ten years in an Acute NHS Hospital Trust serving a cathedral city and large rural population before volunteering as a Caldicott Guardian for Marie Curie, the leading UK charity which provides home nursing care and hospice care for people with a terminal illness.

He was also an independent member of the National Information Governance Committee of the Care Quality Commission (NIGC - CQC) until it’s dissolution in 2015.

He represents the UKCGC on the Information Governance Forum

He represented UKCGC on the NHS Protect Strategy Implementation Group and was a member of the NHS Commissioning Board’s IG Professional Leadership Group. He was also Chair of the Honest Broker PIA Steering Group and a member of the cross government data sharing workshop addressing barriers to information sharing in relation to gang violence. He has a particular interest in Multi Agency Risk Assessment Conferences on Domestic Violence (MARAC’s) and Multi Agency Public Protection Arrangements (MAPPA) and is the author of “Striking the Balance”, guidance for information sharing in relation to Domestic Violence published by the Department of Health. 

He combines a deep knowledge of the challenges that real life presents with a passion to understand and unravel problems to try and find the best solution. He writes, lectures, and provides innovative, memorable and challenging training all based on practical experience! In addition he provides advice and guidance to an extensive range of organisations both local and national on Caldicott Guardian, confidentiality, information sharing, information governance and data protection.

Training and educating future doctors in Caldicott principles

James Freed Chief Information Officer Health Education England

  • Exploring education and training opportunities for Doctors
  • The role of the National Information Board in helping the workforce to make the best use of data and technology
  • Proposing a role for a specialist medical faculty concentrating on developing data-savvy doctors
  • The impact of Caldicott 3 on training for Doctors

James Freed Presentation Abstract:

The National Information Board for Health and Social Care has a responsibility to deliver a programme of technological, process and workforce changes to meet our ambition of a personalised health and care system. This presentation will explore how the NIB intends to support the recommendations of National Data Guardian’s Review of Data Security, Consent and Opt-Outs. In particular it will concentrate on what it is doing to develop competence and change behaviour in the workforce and at the most senior levels in health and care organisations. It will also articulate the Caldicott Guardian’s role in supporting a ‘properly training and motivated workforce’ and the opportunities to influence and educate both the workforce and the leadership cadre in the NHS.

James Freed Biography:

James trained as a molecular biologist for several years before making the move to process redesign and IT. He worked in hospitals in South West London for the Cancer Services Collaborative, an organisation funded by the NHS Modernisation Agency. He cut his teeth on national IT implementation following a move to NHS Connecting for Health where he worked as Best Practice Lead for pathology, order communications, and prevention, screening and surveillance before taking up the role of National Lead for Screening in Leeds.

James then moved to the Health Protection Agency where his chief role was managing an operational Information Management department and contributing to strategic decision-making supporting infectious disease surveillance and control. He managed the Infections Specialist Library, which subsequently migrated to NICE as part of NHS Evidence.

James then became Head of Information Strategy at Public Health England and authored the PHE Knowledge Strategy which provides a vision for knowledge and information for the whole public health system. He also contributed to the National Information Board framework Personalised Health and Care 2020 and has been involved in implementing its vision. 

James now works as Chief Information Officer for Health Education England where he is responsible for describing and implementing the strategic direction for information and technology for the organisation. He is passionate about digital literacy and the professionalism of Health Informaticians across the health and care system. In this capacity he is programme director for the Building a Digital Ready Workforce programme as part of the NIB Paperless 2020 programme.

Future events of Interest:

Caldicott Guardian Training Course
2016 & 2017 dates

Cyber Security in Healthcare: Assuring and securing information in the NHS
Monday 7 November 2016
Hallam Conference Centre, London

National Data Security Standards for Health and Social Care
Friday 2 December 2016
Hallam Conference Centre, London



6 October 2016


    Partner Organisations

    The Tavistock and Portman NHS Foundation TrustInPracticeClinical Audit Support CentrePlayoutJust For Nurses
    GGI (Good Governance Institute) accredited conferences CPD Member ASGBI (Association of Surgeons of Great Britain and Ireland) professional partner BADS (British Association of Day Surgery) accredited conferences