Caldicott Principles

How we use your information




Chaired by Dame Fiona Caldicott in 1997, the Caldicott Committee produced a report reviewing the ways in which patient information is shared within the NHS in England and Wales. This independent review was commissioned by the Chief Medical Officer which aimed to improve patient care, ensure confidentiality and protection of information when transferring patient-identifiable information to both NHS and non-NHS organisations. The Committee also advised ways to minimise the risk to confidentiality.

The committee produced six standards expected from health and social care organisations to use, as outlined below, which are known as the Caldicott Principles. In September 2013 the Caldicott Principles were revised and a seventh principle was added.

  • Principle 1 - Justify the purpose(s) of using confidential information
  • Principle 2 - Only use it when absolutely necessary
  • Principle 3 - Use the minimum that is required
  • Principle 4 - Access should be on a strict need-to-know basis
  • Principle 5 - Everyone must understand his or her responsibilities
  • Principle 6 - Understand and comply with the law
  • Principle 7 - The duty to share information can be as important as the duty to protect patient confidentiality
  • Principle 8 - Inform Patients and service users about how their confidential information is used