What is a Caldicott Guardian and why do they matter?

26 October 2023

by Helen Press, Senior Nurse Adviser and Caldicott Guardian, MHA


You might have seen or heard about the title Caldicott Guardian. But what is it and what does it mean for care homes, their residents and their families?

A Caldicot Guardian is defined as ‘a senior person responsible for protecting the confidentiality of people’s health and care information and making sure it’s used properly.’ The role has been in place across the NHS for many years, however government guidance has recently changed and from June 2023, all health and social care bodies in England are required to have an identified individual in this role.

To put it more into plain language, their role is to make sure that the personal information we hold on those who use the MHA’s services is used legally, ethically and appropriately, and that confidentiality is maintained. It means that there is someone in post who acts as a conscience in matters of data confidentiality and sharing, specifically relating to people who receive care and support across MHA services.

For MHA, being the Caldicott Guardian is now part of my role as Senior Nurse Advisor. As part of this I will be working closely with our Data Protection Officer to make sure we are upholding the principles. That role has a wider remit and is responsible for all personal data processing activities.

As a registered nurse I feel well placed to take on these new responsibilities. It is recommended that the person appointed is a health or social care professional who has experience and knowledge of working with patients and service users and of managing the complexities of frontline care. This, I feel, sits comfortably alongside my role in leading the future direction of nursing across MHA.

My current priority is to make sure we adjust our current Information Governance Policy and associated responsibilities, and to outline and incorporate the eight Caldicott Principles into our ways of working. These principles are:

  1. Justify the purpose(s) for using confidential information
  2. Use confidential information only when it is necessary
  3. Use the minimum necessary confidential information
  4. Access to confidential information should be on a strict need-to-know basis
  5. Everyone with access to confidential information should be aware of their responsibilities
  6. Comply with the law
  7. The duty to share information for individual care is as important as the duty to protect patient confidentiality
  8. Inform patients and service users about how their confidential information is used.