Caldicott guardian


The Caldicott Committee's December 1997 Report on the Review of Patient-Identifiable Information, usually referred to as the Caldicott Report, identified weaknesses in the way parts of NHS handled confidential patient data. The report made several recommendations, one of which was the appointment of Caldicott guardians, members of staff with a responsibility to ensure patient data is kept secure:

Recommendation 3: A senior person should be nominated in each NHS organisation, including the Department of Health and associated agencies, to act as a "guardian". The "guardian" should normally be a senior health professional or be closely supported by such a person. The NHS IM&T Security Manual requires each organisation to designate a senior medical officer to oversee all procedures affecting access to person-identifiable health data. This role and that of the "guardian" may be combined, providing there is no conflict of interest. The Department of Health should take the development of this role forward in partnership with interested parties.

It is now a requirement for every NHS organisation to have a Caldicott guardian. The Guardians are responsible for ensuring that their organisation adheres to the Caldicott principles.
In 2005, the UK Caldicott Guardian Council was established as the national body for Caldicott guardians.