ABSTRACT
All members of the primary health care team who will have access to confidential information should sign a confidentiality undertaking. This includes attached staff and anybody who works within or for the surgery, even if only on a temporary basis, and may therefore have the potential to get in contact with confidential information. Prior to signing the confidentiality undertaking the signing party should understand his/her obligations and responsibilities in safeguarding confidentiality. It might be prudent to let the staff member sign a clause specifically mentioning that the Principles of the Data Protection Act and Caldicott and security policy have been carefully explained and understood. Confidentiality undertakings should be reviewed on a regular basis especially if the terms of contract of a staff member and/or the job description change since this might affect the level of access to sensitive data.
