You are here

All reports

Inspection report

Date of Inspection: 20 February 2014
Date of Publication: 20 March 2014
Inspection Report published 20 March 2014 PDF

People's personal records, including medical records, should be accurate and kept safe and confidential (outcome 21)

Meeting this standard

We checked that people who use this service

  • Their personal records including medical records are accurate, fit for purpose, held securely and remain confidential.
  • Other records required to be kept to protect their safety and well being are maintained and held securely where required.

How this check was done

We looked at the personal care or treatment records of people who use the service, carried out a visit on 20 February 2014, talked with people who use the service and talked with carers and / or family members. We talked with staff and reviewed information given to us by the provider.

Our judgement

People were protected from the risks of unsafe or inappropriate care and treatment because accurate and appropriate records were maintained.

Reasons for our judgement

People’s personal records including medical records were accurate and fit for purpose. The eight medical records that we looked at contained a record of the treatment provided for each person. This included personal and medical information for each person and the vaccinations administered. One doctor we spoke with told us that people’s records were updated at each appointment to ensure they reflected each person’s current care health needs. However, we found the vaccine history section of three out of eight risk assessment forms were not fully completed by person’s using the service and / or re-checked by the doctor to ensure this did not impact proposed treatment.

Records were kept securely and could be located promptly when needed. People's records including records relevant to the management of the services were kept securely in lockable cabinets behind the reception area. We found electronic records were only accessible by authorised staff using secure login details and password. Records that we looked at showed all staff had signed confidentiality statements and undertaken training related to; information governance, and security guidelines, password management and patient confidentiality for example. This training ensured staff maintained their duty of care in the handling of records and information related to people using the service and the management of the service.

Records were kept for the appropriate period of time and then destroyed securely. The practice manager told us people’s records had not been disposed of since the travel clinic had been registered in December 2012, and they were aware of the need to ensure the secure disposal of records. The provider had a service contract in place for the secure disposal of records and we saw certificates of destruction issued by the approved contractor. However, we found the provider did not have a policy in place to guide staff in relation to retention of records to ensure that records were not kept longer than necessary.