Information Governance

How to use the DCR system appropriately:

• Use it for the sole purpose of the provision of direct care which is any heath or care activity concerned with the prevention, investigation and treatment of illness and the alleviation of suffering of individuals (all activities that directly contribute to the diagnosis, care and treatment of an individual).   It should not be used for any secondary purposes such as research, teaching, needs assessment, financial audit, service management activities or risk stratification for example.

• Only use it to access data on a patient/client with whom you have a legitimate care relationship/when you have a justified reason to access their data.

• Only use the DCR for a work-related purpose. Under no circumstances should you look at your own DCR record, or that of a family member or friend. This is considered a disciplinary offence.

• All use and access of information in the DCR system is monitored to assure that access is both appropriate and relevant. The DCR keeps a record of who has accessed a record, the time and date when they have accessed it and the information they were viewing.

• A patient/client has the right to request access to the audit trail which details users who have accessed their record in the DCR. They can do this through a Subject Access Request (SAR)(opens in a new tab).

• Your continued employment and, where relevant, professional qualification, may be at risk if you access information inappropriately. This may also be illegal and subject to criminal proceedings.

• Raise any concerns you may have about breaches of information with the DCR Data Protection Officer. All breaches of information are investigated in line with your organisation’s disciplinary procedures.

• You must notify the DCR System Admin by email DCRSystemAdmin@dorsetcouncil.gov.uk(opens in a new tab) of any changes in circumstances that may invalidate your access to DCR, such as changing or leaving your job role.

• Do not copy the data from within the DCR to your source system. You do not have the permission to do so. The Partners are the data controllers and they are only sharing their data into the DCR for the provision of direct care to the residents of Dorset.

• Once you are logged in, you are responsible for everything which is viewed in your name. Do not share the data within the DCR with any parties – colleagues or the police. While the police may have a justifiable reason and legal basis for the data, please refer them to the source organisations.

• Your computer should not be left unattended when you are logged in the DCR. You should also always lock your computer or ‘log off’ DCR before moving away from your computer.

• Always use the DCR from a secure link i.e. a work device.