Privacy

We aim to provide you with the highest quality care. To do this, we must keep records about you and the care we provide for you.

Health records are held on paper and electronically and we have a legal duty to keep these confidential, accurate and secure at all times in line with Data Protection Laws.

Our staff are trained to handle your information correctly and protect your privacy.  We aim to maintain high standards, adopt best practice for our record keeping and regularly check and report on how we are doing.  Your information is never collected for direct marketing purposes, and is not sold on to any other third parties.

Sometimes your care may be provided by members of a care team, which might include people from other organisations such as health; social care; education; or other care organisations.

We routinely collect information from the initial contact when we receive a call in the 999 Emergency Operations Centre (EOC) through to completing an electronic patient record (EPR) with information about the patient and care we provide, when we attend an incident. Some of this information goes on to form part of the Ambulance Data Set (ADS).

If a patient is transferred from ambulance services to the care of an Emergency Department, information within the Ambulance Data Set is subsequently linked with key information collected in Emergency Departments as part of the Emergency Care Data Set (ECDS).

The purpose of this is to fully understand the patient’s journey from the ambulance service to other urgent and emergency healthcare settings. This will enable clinicians, ambulance services and the NHS to learn from patient journeys and further improve the care they provide in the future.

Data collected by ambulance services and emergency departments is securely linked and transferred to us. Data collected as part of the Ambulance Data Set is shared with NHS Digital – a section of NHS England specialised in data and IT systems – where it is linked with key relevant information in the Emergency Care Data Set and securely returned to us.

This linked information includes a unique number generated by us during the initial 999 call, as well as a unique vehicle reference which will help us re-identify the original care record for the incident and the patient.

Appropriate access to this information will enable us to help develop the skills of our clinicians to improve the care they provide and support us in delivering service improvements to improve patient experience.

Patients will be able to opt out from this process if they so wish and data about their emergency care will remain with the ambulance service and / or the Emergency Department. To opt out of this process, please see the section entitled National data opt-out below.

For more information about the National Data Opt-Out, please visit www.nhs.uk/your-nhs-data-matters

The lawful basis for the ambulance service to process this information under UK General Data Protection Regulation (UK GDPR) is Article 6 (1)(e) – “…exercise of official authority” and for processing special categories (health) data the basis is: Article 9(2)(h) – ‘…health or social care…’ of the UK GDPR Regulations.

For the data collected by ambulance services (ADS) to be linked with relevant data items collected at Emergency Departments (ECDS) the lawful basis is the Sections 254(1), (3), (5) and (6), section 260(2)(d), section 261(2)(e) and section 304(9), (10) and (12) of the Health and Social Care Act 2012, as per the Ambulance Data Set.

To lawfully process information in the manner described, NHS England on behalf of ambulance services have obtained a section 251 approval, as required by the NHS Act 2006 and Health Service (Control of Patient Information) Regulations 2002. This provides a legal basis for patient information to be processed for these purposes.

NHS Digital officially merged with NHS England on 1st Feb 2023, therefore the organisation previously known as NHS Digital is legally known as NHS England and data held by NHS Digital is now held within NHS England.

Information is held for specified periods of time as set out in the Records Management Code of Practice for Health and Social Care.

Information collected about you to deliver your health care is also used to assist with:

• Making sure your care is of a high standard.
• Using statistical information to look after the health and wellbeing of the general public and planning services to meet the needs of the population.
• Assessing your condition against a set of risk criteria to ensure you are receiving the best possible care.
• Preparing statistics on our performance for the Department of Health and other regulatory bodies.
• Helping train staff and support research.
• Supporting the funding of your care.
• Reporting and investigation of complaints, claims and untoward incidents.
• Reporting events to the appropriate authorities when we are required to do so by law.

The legal basis for the processing of data for these purposes is that the NHS is an official authority with a public duty to care for its patients, as guided by the Department of Health and Data Protection law says it is appropriate to do so for health and social care treatment of patients, and the management of health or social care systems and services.

If we need to use your personal information for any reason beyond those stated above, we will discuss this with you.  You have the right to ask us not to use your information in this way. However, there are exceptions to this which are listed below.

• the public interest is thought to be of greater importance for example:
• if a serious crime has been committed
• if there are risks to the public or our staff
• to protect vulnerable children or adults.
• we have a legal duty, for example registering births, reporting some infectious diseases, wounding by firearms and court orders
• we need to use the information for medical research. We have to ask permission from the Confidentiality Advisory Group (appointed by the NHS Health Research Authority)

Data Protection laws gives individuals rights in respect of the personal information that we hold about you.  These are:

1. To be informed why, where and how we use your information.
2. To ask for access to your information.
3. To ask for your information to be corrected if it is inaccurate or incomplete.
4. To ask for your information to be deleted or removed where there is no need for us to continue processing it.
5. To ask us to restrict the use of your information.
6. To ask us to copy or transfer your information from one IT system to another in a safe and secure way, without impacting the quality of the information.
7. To object to how your information is used.
8. To challenge any decisions made without human intervention (automated decision making)

Should you have any further queries on the uses of your information or you wish to lodge a complaint about the use of your information please contact [email protected].

If you are still unhappy with the outcome of your enquiry you can contact the Information Commissioner’s Office at https://ico.org.uk/global/contact-us/.

During the course of its employment activities, West Midlands Ambulance Service (WMAS) collects, stores and processes personal information about prospective, current and former staff.

This Privacy Notice includes applicants, employees (and former employees), workers (including agency, casual and contracted staff), volunteers, trainees and those carrying out work experience.

We recognise the need to treat staff personal and sensitive data in a fair and lawful manner. No personal information held by us will be processed unless the requirements for fair and lawful processing can be met.

What types of personal data do we handle?

In order to carry out our activities and obligations as an employer we handle data in relation to:

• Personal demographics (including gender, race, ethnicity, sexual orientation, religion)
• Contact details such as names, addresses, telephone numbers and Emergency contact(s)
• Employment records (including professional membership, references and proof of eligibility to work in the UK and security checks)
• Bank details
• Pension details
• Medical information including physical health or mental condition (occupational health information)
• Information relating to health and safety
• Trade union membership
• Offences (including alleged offences), criminal proceedings, outcomes and sentences
• Employment Tribunal applications, complaints, accidents, and incident details

Our staff are trained to handle your information correctly and protect your confidentiality and privacy.

We aim to maintain high standards, adopt best practice for our record keeping and regularly check and report on how we are doing.  Your information is never collected or sold for direct marketing purposes.

COVID – 19

The health and social care system is facing significant pressures due to the COVID-19 outbreak. Health and care information is essential to deliver care to individuals, to support health and social care services and to protect public health. Information will also be vital in researching, monitoring, tracking and managing the outbreak. In the current emergency it has become even more important to share health and care information across relevant organisations.

Existing law which allows confidential patient information to be used and shared appropriately and lawfully in a public health emergency is being used during this outbreak. Using this law, the Secretary of State has required NHS Digital; NHS England and Improvement; Arm’s Length Bodies (such as Public Health England); local authorities; health organisations and GPs to share confidential patient information to respond to the COVID-19 outbreak.

Any information used or shared during the COVID-19 outbreak will be limited to the period of the outbreak unless there is another legal basis to use the data.

COVID–19 Testing

In such circumstances where you tell us you’re experiencing COVID-19 symptoms, we may need to collect specific health data about you. Where we need to do so, we will not collect more information than we require and we will ensure that any information collected is treated with the appropriate safeguards.

Data may be shared with laboratories both government run and increasingly in the private sector under the guidance of PHE. This data is limited to that which is required to ensure test results can be communicated back to the individual. Normally this will be a phone number, home address and email address linked to a named individual with date of birth and where available NHS number.

COVID-19 Test and Trace Service

Due to the COVID-19 outbreak the Trust was asked to establish a Test and Trace cell to support the Public Health England (PHE) Tier 1 contact tracing level (referred to as complex cases) of the service through the implementation of a local contact tracing policy of their employees when a staff member* is confirmed as COVID-19 positive.

*This caveat also includes CFRs, Volunteers, Contractors and Patients which the Trust has provided care to as an emergency service.

Positive cases may be identified internally or passed to the Trust via secure email from Public Health England. The Trust needs to accurately record details of confirmed or suspected COVID-19 cases and staff who may have been exposed to COVID-19 through contact with those individuals.

Information will be held and retained in line with the Records Management Code of Practice for Health and Social Care 2016.

*In the event of a declared outbreak by Public Health England this data will be held for an indefinite period and until all investigations are completed.

The information (data collection) recorded is kept to a minimum, with associated role-based access controls in place.

This includes the following personal data:

1. Operating unit or department
2. Full name and address
3. Date of birth
4. Payroll number
5. Preferred contact number
6. Preferred email address
7. NHS number
8. CAD Reference (where applicable)
9. COVID-19 test location, date and results (where required)
10. Additional notes

The information is hosted within WMAS secure systems. Access to records is recorded, ensuring a log of who has viewed records can be pulled.

There are defined role-based access controls in place. These roles are assigned by the COVID-19 Management Team who will ensure that only those individuals who require access to data are assigned. There is also a process in place to ensure the closure of system access when required. The system allows records to be altered by authorised personnel with validations in place to ensure correct information is entered where possible.

GDPR Legal Basis

Article 6 (1) (e) Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law

Article 9 (2) (h) – Necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems

 What is the purpose of processing data?

• Staff administration and management (including payroll and performance)
• Pensions administration
• Business management and planning
• Accounting and Auditing
• Accounts and records
• Crime prevention and prosecution of offenders
• Education
• Health administration and services
• Information and databank administration
• Sharing and matching of personal information for national fraud initiative

We have a legal basis to process this as part of your contract of employment (either permanent or temporary) or as part of our recruitment processes following data protection and employment legislation.

Sharing your information

There are a number of reasons why we share information. This can be due to:

• Our obligations to comply with legislation
• Our duty to comply any Court Orders which may be imposed

Any disclosures of personal data are always made on case-by-case basis, using the minimum personal data necessary for the specific purpose and circumstances and with the appropriate security controls in place. Information is only shared with those agencies and bodies who have a “need to know” or where you have consented to the disclosure of your personal data to such persons.

Use of Third Party Companies

To enable effective staff administration WMAS may share your information with external companies to process your data on our behalf In order to comply with our obligations as an employer.

Employee Records; Contracts Administration (NHS Business Services Authority)

The information which you provide during the course of your employment (including the recruitment process) will be shared with the NHS Business Services Authority for maintaining your employment records, held on the national NHS Electronic Staff Record (ESR) system.

 Prevention and Detection of Crime and Fraud

We may use the information we hold about you to detect and prevent crime or fraud. We may also share this information with other bodies that inspect and manage public funds.

We will not routinely disclose any information about you without your express permission. However, there are circumstances where we must or can share information about you owing to a legal/statutory obligation.

Individuals Rights

Data Protection laws gives individuals rights in respect of the personal information that we hold about you.  These are:

1. To be informed why, where and how we use your information.
2. To ask for access to your information.
3. To ask for your information to be corrected if it is inaccurate or incomplete.
4. To ask for your information to be deleted or removed where there is no need for us to continue processing it.
5. To ask us to restrict the use of your information.
6. To ask us to copy or transfer your information from one IT system to another in a safe and secure way, without impacting the quality of the information.
7. To object to how your information is used.
8. To challenge any decisions made without human intervention (automated decision making)

Should you have any further queries on the uses of your information, please speak to the Human Resources Department or contact [email protected].

Should you wish to lodge a complaint about the use of your information, please contact our Human Resources Department via [email protected] or telephone 01384 215555.

If you are still unhappy with the outcome of your enquiry you can contact the Information Commissioner’s Office at https://ico.org.uk/global/contact-us/

Directors privacy notice

West Midlands Ambulance Service is a Foundation Trust. A Foundation Trust has more freedom from central government control, though it remains fully part of the NHS. Foundation Trusts are duty-bound to deliver free care, based on need, not ability to pay, but they are more accountable to the local community. This is because local people and staff can become members of the Trust and elect representatives to serve on the Council of Governors or even stand for election as a governor themselves.
Foundation Trusts are:
Part of the NHS and subject to NHS standards, performance ratings and inspections.  They must also work in partnership with other NHS organisations and co-operate with local partners
Accountable to Monitor (the independent regulator of NHS Foundation Trusts) and the CQC (Care Quality Commission), who oversee and monitor them against their terms of their licence and have powers to intervene.
More information about being a Foundation Trust can be found here

Public Membership

During the course of our activities, West Midlands Ambulance Service collects, stores and processes personal information in relation to its staff and those who have signed up to be a public member (a member must be at least 16 years old). We recognise the need to treat all personal data in a fair and lawful manner.

What types of personal data do we handle?

In order to carry out our activities and obligations as a Foundation Trust we handle membership data in relation to:
Personal demographics (including gender, ethnicity, sexual orientation, date of birth)
Details of involvement preferences such as attending events, responding to surveys or becoming a governor.
Contact details such as names, addresses, telephone numbers and email addresses.
Medical information (any declared disability)
Our staff are trained to handle your information correctly and protect your confidentiality and privacy. We aim to maintain high standards, adopt best practice for our record keeping and regularly check and report on how we are doing. Your information is never collected or sold for direct marketing purposes.

Processing Personal Data

To enable effective administration of its membership, West Midlands Ambulance Service NHS Foundation Trust membership register is held securely with an external company. Their full privacy notice is below:
https://secure.membra.co.uk/Documents/MESPrivacyStatement.pdf
The company is compliant with ISO27001 (the international standard for best practice for an information security management system).
Data Protection laws gives individuals rights in respect of the personal information that we hold about you.  These are:
To be informed why, where and how we use your information.
To ask for access to your information.
To ask for your information to be corrected if it is inaccurate or incomplete.
To ask for your information to be deleted or removed where there is no need for us to continue processing it.
To ask us to restrict the use of your information.
To ask us to copy or transfer your information from one IT system to another in a safe and secure way, without impacting the quality of the information.
To object to how your information is used.
To challenge any decisions made without human intervention (automated decision making)
Should you have any further queries on the uses of your information please contact the Foundation Trust team on [email protected] or you wish to lodge a complaint about the use of your information please contact [email protected].
If you are still unhappy with the outcome of your enquiry you can contact the Information Commissioner’s Office at https://ico.org.uk/global/contact-us/

West Midlands Ambulance Service University NHS Foundation Trust (WMAS) utilises surveillance cameras (CCTV and Body Worn Cameras) in and around the Trust’s sites, on our emergency vehicles as well as body worn cameras being trialled by operational crews.

Please note, our surveillance cameras inside our vehicles and our body worn cameras are only activated by the crew should they feel there is a risk to safety. Should they be activated, you will be advised by the crew and/or an audio message will be played inside the vehicle or a recording light will flash on the body worn cameras.

The legal basis for collection of CCTV and body worn camera images is Article 6(1)f under the General Data Protection Regulation (GDPR) 2016, that processing is necessary for the purpose of the legitimate interests pursued by the controller (WMAS). Our legitimate interest in doing so, is in order to;

• Protect staff, patients, visitors and Trust property
• Apprehend and prosecute offenders and provide evidence to take criminal or civil action in the courts
• Provide a deterrent effect and reduce unlawful activity
• Help provide a safer environment for our staff
• Assist with the verification of claims

You have a right to request personal information which may have recorded yourself and ask for a copy of this. For details on how to make a subject access requests please click here. Please be aware, you will need to provide sufficient information to identify you and assist us in finding any images on our systems and any third party will be redacted. We reserve the right to withhold information where permissible by Data Protection Legislation and we will only retain surveillance data for a reasonable period or as long as is required by law. In certain circumstances (high profile investigations, serious or criminal incidents) we may need to disclose CCTV or Body Worn Camera data for legal reasons. When this is done there is a requirement for the organisation that has received the images to adhere to Data Protection Legislation.

Should you have any further queries on the uses of your information or you wish to lodge a complaint about the use of your information please contact [email protected].

If you are still unhappy with the outcome of your enquiry you can contact the Information Commissioner’s Office at https://ico.org.uk/global/contact-us/

Introduction

1. Patients have fundamental legal and ethical rights in determining what happens to their own bodies and in securing their privacy and freedom. Valid consent to treatment is therefore absolutely central to all forms of healthcare, from providing personal care to more invasive interventions.
2. Seeking consent is also a matter of common courtesy between health professionals and patients. Relevant discussion regarding proposed assessment or treatment should be documented, this must include the patients’ decision around which treatment is accepted and declined. A good level of communication will facilitate informed consent through to the management of non-consent.
3. It is not uncommon in pre-hospital situations for patients to refuse care or treatment. Although patients may refuse, there may remain, in certain circumstances, an ongoing moral duty and legal responsibility for staff to provide further intervention. This policy provides guidance on how these situations should be managed.
4. This policy reflects a range of national guidance and legislation including, but not limited to:

• Human Rights Act 1998
• Mental Capacity Act 2005
• The Health and Social Care Act 2008 (Regulated Activities) Regulations 2014
• Childrens Act 1989
• Equality Act 2010
• Mental Capacity Act Code of Practice (2007)
• National Institute for Clinical Excellence Clinical Guidelines and Quality Statements
• Joint Royal Colleges Ambulance Liaison Committee Clinical Practice Guidelines

5. A healthcare provider who does not adhere to the principles of consent may be liable to legal action from the patient and where appropriate their registering body.

Purpose and Scope

1. To state the legal, professional and ethical basis for consent within the healthcare setting and to ensure that patients are informed and treated appropriately and with due consideration to their wishes and best interest.
2. To state the legal, professional and ethical basis for the assessment of mental capacity, making decisions and undertaking acts on behalf of a patient who is unable to make a decision for themselves.
3. This policy applies to all personnel working for West Midlands Ambulance Service University NHS Foundation Trust (the Trust) in relation to all patient contact.

Accountabilities and Responsibilities

1. The Chief Executive Officer has:

• Overall responsibility for the implementation of this policy throughout the trust
• Overall responsibility for the compliance of the trust with UK statute, including Regulation 11 of The Health and Social Care Act 2008 (Regulated Activities) Regulations 2014
• Delegated responsibility to the Paramedic Practice and Patient Safety Director

2. The Executive Medical Director is responsible for all clinical care provided by the trust and is responsible as Caldicott Guardian in respect of confidentiality and consent given for data sharing.

3. The Head of Clinical Practice (Mental Health) will provide expert advice on Consent and the application of the Mental Capacity Act. They will also be responsible for:

• Ensuring education and training needs relating to consent and the application of the mental capacity act are reviewed and reassessed annually and advice is provided to the trust in the development of training plans.
• Ensuring relevant national guidelines, legislations changes and case law relating to consent and capacity are reviewed and expert advice is provided on their application within the trust.
• Ensuring appropriate clinical engagement with partner agencies and trusts relating to matters of consent, mental capacity and deprivation of liberty.
• Providing robust review of incidents relating to consent, mental capacity and/or deprivation of liberty in consultation with the trust patient safety team.
• Providing educational and clinical information to support the operational implementation of this policy and any related clinical procedures.
• Auditing the performance of the trust against all relevant legislation, guidance, policies and procedures.

4. The Head of Education and Training is responsible for:

• Undertaking a training needs analysis for any change in clinical guidance
• Ensuring the training recommendations are undertaken
• Ensuring the earliest possible resolution for those unable to complete scheduled training
• Ensuring adequate education in relation to aspects of consent and mental capacity as they apply within the CQC regulatory framework.

5. All Managers within the trust will ensure that staff have access to the policy such that they are able to familiarise themselves with its application.

6. All WMAS Staff are responsible for following:

• Ensuring compliance in the application of this policy, associated procedures, relevant legislation and statutory and professional guidelines.
• Maintaining knowledge and competency relating to Consent and Mental Capacity
• Supporting and upholding patient autonomy and human rights

7. The Professional Standards Group will be responsible for reviewing audit reports relating to consent and mental capacity and monitoring any subsequent recommendations and action plans arising from such audits.

8. The Learning Review Group will be responsible for reviewing learning and recommendations relating to and involving consent and mental capacity.

Definitions

The definitions are:

• Valid Consent:

The voluntary and continuing permission of the patient to be given a particular examination, to access clinical records, treatment, operation, or examination. Consent is only valid where it is given by an appropriately informed person who has the capacity to consent to the intervention in question

• Informed Consent:

A patient’s consent to a clinical procedure (or to participation in a research study) after being advised of all relevant facts and all risk involved (see below).

• Capacity to Consent:

All persons 16 years and above must in law be presumed to possess the capacity to make decisions in line with the Mental Capacity Act 2005 (MCA). Should an individual’s capacity to make a decision (including consent for assessment or treatment) be in question then the MCA sets out the framework for formal assessment of this.

• Duration of Consent:

The length of approval gained by valid consent being given. This generally remains valid unless it is withdrawn by the patient, however, new information should be given to the patient as it arises, and consent gained for any new assessment, treatment or intervention proposed.

Duty of Care, Consent and Human Rights

1. There is a legal, professional, and ethical consensus about the clinical duty to obtain informed consent. Patients may, however, have cognitive and emotional limitations in understanding clinical information. Social and economic variations are also important variables in understanding the practical difficulties in obtaining informed consent. It is the duty of ambulance clinicians to act in a patient’s best interest by overcoming such difficulties so that the patient has a clear, unbiased, and informed view of the care that is being proposed.
2. ‘Duty of care’ may be defined as the absolute responsibility of a health care professional to treat and care for a patient with a reasonable degree of skill and care within their scope of practice.

• Any health care provider who does not treat a patient because valid consent was not gained, could be deemed to be negligent if a genuine effort was not made to gain such consent.

3. The Human Rights Act 1998 provides a framework for the fundamental rights of every person. WMAS will seek to promote an uphold such rights

• Article 2 of the Human Rights Act 1998 places a positive duty upon those acting for and on behalf of the state to protect and uphold the right of an individual to life. WMAS staff will promote and uphold this duty and always seek to act to sustain the lives of its patients.
• The European Court of Human Rights has ruled that –

‘Treatment without consent, invasive treatment contrary to a patient’s best interest, and withholding medical care’ can all be deemed ‘inhumane or degrading treatment’ in extreme cases. Such treatment would be considered contrary to Article 3 of the Human Rights Act 1998

• WMAS staff will ensure the rights of individuals to liberty and security and protect the right to private and family life in accordance with article 5 and article 8 of the Human Rights Act 1998. Any breach of such rights are required to shall be done in accordance with the appropriate procedure set out in legislation such as Mental Health Act 1983 and Mental Capacity Act 2005.

Seeking Consent

1. Before examining, treating or caring for patients, consent will be obtained. Valid consent can only be given by the patient (or, where relevant, someone with parental responsibility for a child or young person). Where valid consent is withheld this must be respected.
2. Patients can change their mind and withdraw consent at any time. If there is any doubt, you should always check that the patient still consents to your caring for or treating them. Consent should be continuous – if previously unexplained treatment is carried out, further consent should be gained.
3. Three basic tests are used to ensure that consent is valid:

• Does the patient have capacity?

In law all persons 16 years or over must be presumed to possess the capacity to

make decisions. In circumstances where there is reasonable justification to doubt this then the Mental Capacity Act 2005 sets out the legal framework to undertake a formal assessment. This includes a diagnostic assessment, functional test and where necessary best interest decision making.

• Is the consent given voluntarily?

Staff should ensure that valid consent is gained from the patient without undue pressure, influence or duress from staff, family members or any other person or circumstance. Staff must challenge and record any instance where attempts to exert such pressure influence or duress are identified along with actions taken to mitigate and respond to this as part of the patient record. Where this involves a vulnerable individual, consideration must be given to making appropriate safeguarding referrals in line with the Safeguarding Policy.

• Has the patient received sufficient information?

The patient should understand, in broad terms, the nature and purpose of the procedure. Failure to provide all relevant information may render the healthcare provider liable to an action for negligence

4. The type of information that needs to be given by the ambulance clinician will vary depending on circumstance and urgency. Information should be provided by somebody with the necessary knowledge and understanding of the care. The following is a useful guide to the type of information the patient should receive prior to treatment:

• Description and method of treatment, removal and ongoing care.
• Purpose and reason for treatment, removal and ongoing care.
• Possible complications and side effects of treatment.
• Treatment options: including the option not to treat and the likely consequences.
• Explanation of likely benefits of treatment.
• A reminder that the patients can change their mind about consent at any time.

5. Staff should take all steps that are reasonable and practicable in the circumstances to facilitate communication with the patient in a way that the patient can understand, using interpreters or communication aids as appropriate, whilst allowing for the urgency of the situation. Patients also need to be able to communicate their decision. Care should be taken not to under-estimate the ability of a patient to communicate, whatever their condition. Often people with learning disabilities have the capacity to consent (and presumption should be maintained) if time is spent explaining to the individual the issues in simple language, considering the use of visual aids.

6. In an emergency/time critical situation, where consent cannot be obtained, emergency clinicians should undertake an assessment of capacity and provide treatment that is in the patient’s best interests and is immediately necessary to save life or prevent a significant deterioration in the patient’s health.

7. Staff should ensure that valid consent is gained from the patient without undue pressure, influence or duress from staff, family members or any other person or circumstance. Staff must challenge and record any instance where attempts to exert such pressure influence or duress are identified along with actions taken to mitigate and respond to this as part of the patient record. Where this involves a vulnerable individual, consideration must be given to making appropriate safeguarding referrals in line with the Safeguarding Policy.

Children and Young People

1. The legal position concerning consent and refusal of treatment by those under the age of 18 is different from the position for adults, in particular where treatment is being refused.
2. Young people aged 16 and 17 years are presumed in law to have sufficient understanding and intelligence to be able to consent to their own medical treatment. As with adults, staff should ensure that consent is valid, i.e. given voluntarily by an appropriately informed patient, capable of consenting to the particular intervention. It is, however, good practice to involve the young person’s family in the decision-making process, unless the young person specifically wishes to exclude them from the decision making process, this needs to be documented on the clinical record PRF/EPR
3. With patients under the age of 16, those who have sufficient understanding and intelligence to fully understand what is proposed also have the ability to consent to the intervention (Gillick Competancy). This means that the level of competence of children varies with the complexity of the treatment/refusal and its consequences. There is no particular age when a child gains capacity to consent. In emergency care, consequences of non-treatment are usually evident – but should be fully explained to ensure that a refusal to give consent is fully informed. The Mental Capacity Act 2005 framework does not apply for persons under 16 years of age.
4. For patients under the age of 16 who do not have the sufficient understanding or intelligence to fully understand the nature of the treatment or care proposed, consent should be sought from somebody with parental responsibility for the patient. This includes parents, legal guardians or agencies holding parental responsibility (e.g. Social Services). Where possible, the child or young person should be given the opportunity to express their wishes.
5. For patients under the age of 16 who do not possess sufficient understanding and intelligence to consent to treatment and where it is not reasonably practicable to obtain parental consent (e.g. to deliver urgent interventions in the absence of an individual with parental responsibility), clinicians should act in the best interest of the child
6. As is the case where are giving consent for themselves, those with parental responsibility and giving consent on behalf of young patients should have the capacity to consent to the intervention in question, be acting voluntarily, and be appropriately informed and be acting in the best interests of the child.
7. It is only necessary to gain consent from one person with parental responsibility for the patient. Where a dispute arises between two parties with parental responsibility or between a competent child and a person with parental responsibility and the circumstances do not involve the need for time-critical interventions, clinicians should seek support (e.g. OM, TIC, CVT, MHRV, Police). Where agreement about the best interests of a child cannot be reached, best practice is to refer such cases to the Court of Protection. This may not, however, be practical in the context of delivering urgent and emergency care and staff should consider involving the patient’s General Practitioner or other relevant health and social care practitioners with a pre-existing and ongoing care responsibility for the patient should such a circumstance arise.
8. Critical situations involving children and young person’s involving a life-threatening emergency may arise during a consultation with a person with parental responsibility that refuses consent, despite such emergency treatment appearing to be in the best interests of the child to prevent grave and irreversible mental or physical harm. Similarly where there is disagreement between two persons with parental responsibility or between a child considered to have competence to consent or refuse care and a person with parental responsibility. In such cases the courts have stated that doubt should be resolved in favour of the preservation of life and it will be acceptable for all health care providers to undertake treatment to preserve life or prevent serious damage to health. This MUST be clearly documented, and advice sought from i.e., Operational Managers if required. It is paramount that if there is an escalation of conflict or immediate safeguarding concern that Police are requested.

Mental Capacity Act 2005 – Assessing Capacity

1. The Mental Capacity Act 2005 (MCA) provides a framework to protect and uphold the rights of individuals who may lack the mental capacity to make decisions about their health and treatment. It applies to those aged 16 and over.
2. The MCA outlines five statutory principles which should be considered at all times when addressing issues relating to Mental Capacity. These are:

• A person must be presumed to have capacity unless it has been established that they lack capacity.
• A person cannot be treated as unable to make a decision unless all practicable steps have been taken to help them to do so.
• A person is not to be treated as unable to make a decision merely because they make an unwise decision
• An act done, or decision made, under the MCA for or on behalf of a person who lacks capacity must be done, or made, in their best interests
• Before the act is done, or the decision is made, regard must be had to whether the purpose for which it is needed can be as effectively achieved in a way that is less restrictive of the person’s rights and freedom of action

3. An assessment of capacity should be made where any doubt exists, or where concerns are raised as to the capacity of the patient to make a decision.

4. The MCA defines a person as lacking capacity as follows:

“a person lacks capacity in relation to a matter if at the material time he is unable to make a decision for himself in relation to the matter because of an impairment of, or a disturbance in the functioning of, the mind or brain” (Mental Capacity Act, 2005)

5. Assessments of capacity should be both decision and time specific. Where a different decision is required a further assessment of capacity should be made. Similarly, if circumstances change or a significant period of time elapses, reassessment of capacity should be undertaken.

6. WMAS staff will assess the capacity of an individual to make a specific decision at a given time in line with WMAS procedures for the assessment of capacity, with due regard for legislation, statutory guidance and national guidelines.

7. WMAS staff assessing and determining the capacity of an individual to make a decision will document this assessment and evidence any finding of incapacity on the balance of probabilities within the patient record.

8. WMAS staff will assess the needs of any patient lacking capacity in order to make a determination of treatment or care to be delivered in their best interest. This will be done in accordance with WMAS procedures for the assessment of best interests, with due regard for legislation, statutory guidance and national guidelines. This will take into account the wishes and views of the patient and any family, carers or other appropriate persons. All reasonably ascertainable relevant circumstances and information will be documented clearly alongside the decisions made or acts undertaken as part of the patient record.

9. Section 5 of the MCA provides protection from liability for Acts undertaken in connection with the care or treatment of patients but does not provide protection arising from negligence. Such acts can be undertaken where the patient lacks capacity, the acts are reasonably believed to be in the best interest of the patient and do not amount to a deprivation of liberty. Examples of such acts may include:

• Carrying out an assessment or examination of the patient
• Providing medical treatments
• Giving medication
• Taking someone to hospital for assessment or treatment
• Providing care in an emergency

10. The definition of a deprivation of liberty is not defined within the MCA. However, case law from both the European Court of Human Rights and within the UK has established an acid test. A deprivation of liberty arises where the person is subject to continuous supervision or control and is not free to leave. This applies where such restrictions are for a not negligible period of time. Consideration as to what constitutes a ‘not negligible period of time’ will be dependent on the nature, duration and intensity of any restriction or force applied. A deprivation of liberty may only be considered in order to provide life-sustaining treatment, or to prevent a serious deterioration in the condition of the patient and must take into consideration the criteria set out in section 4b of the MCA.

11. In circumstances where the need for a deprivation of liberty arises, staff should seek senior advice wherever practicable. At all times, staff will have regard for considering less restrictive interventions, ensuring acts are in the best interest of the patient and will ensure all relevant information is documented as part of the patient record.

12. Restraint by WMAS staff should be utilised only as a last resort to prevent serious harm occurring in the absence of any other appropriate means or resources to do so. This policy should be read in conjunction with the WMAS Assessment of Capacity, Decision Making and Best Interests and Restraint and Deprivation of Liberty Procedures which outline processes to support the application of the Mental Capacity Act 2005

Advance Refusals of Treatment

1. Patients may have a “living will”, “advance directive” or advance decision to refuse treatment (ADRT) specifying how they would like to be treated in the case of future incapacity. These may be formal legal documents, written informally or expressed verbally to family, friends, carers and attending clinicians. Case law has determined that refusal of treatment under a living will or advance directive that is valid, made voluntarily by an appropriately informed person with capacity and applicable to subsequent circumstances in which the patient lacks capacity, is legally binding. WMAS should respect the wishes stated in such a document, when the crew are made aware of its existence. The responsibility for making provision to make ambulance staff aware of such wishes lies with the patient.
2. In a pre-hospital emergency environment, there may be situations where there is doubt about the validity or applicability of a living will, advance directive or ADRT, often as a result of not being previously aware of its existence. If ambulance clinicians are not satisfied that the patient had made a prior and specific request to refuse treatment, or that the advanced directive does not apply specifically to the presenting clinical circumstances, they should continue to provide all clinical care in the normal way until further information can be provided.
3. Where such a refusal relates to life-sustaining treatment (e.g. Resuscitation) an ADRT must be in writing, signed and dated by the person and witnessed. Where these criteria are not met, WMAS staff must provide care in line with the patient’s best interests.

Mental Health, Overdose and Self-Harm

1. Where a patient with a mental health need presents, consideration should be given to whether making a referral for assessment under the Mental Health Act 1983 would be more appropriate to the use of the mental capacity act 2005.

Consent for Patients whose First Language is not English

1. The Trust is committed to ensuring that patients whose first language is not English receive the information they need and are able to communicate appropriately with healthcare staff. It is not best practice to use family members to interpret for the patient who does not speak English, however it is recognised that this may be the only option available, staff should use the ‘Pre Hospital Communication Guide’ to assist in communicating with the patient. This is available on the WMAS intranet and via the EPR/Kit Bag. If language still remains a barrier to effective communication, then staff should contact the Emergency Operations Control Centres requesting ‘Language Line’ or contact ‘Language line’ directly.

Clinical Photography and Conventional or Digital Photography

1. Photography (involving patients themselves) intended to benefit the patient’s treatment is seen as ‘treatment’ in itself and requires valid consent. Photographs should be retained in the patient’s hospital file and no other copies are permissible. Only Trust photographic equipment can be used by authorised persons for this purpose. No photographs are to be taken using personal media devices.
2. All other photography and motion pictures for purposes such as media promotion require patient and staff consent, which needs to be sought in writing. Care should be taken to ensure the patient does not unduly pressured into giving such consent as a condition of receiving care.

Exceptions to the Principle of Consent

1. An unborn foetus has no rights under consent law. A pregnant mother has every right to refuse treatment for herself or her foetus, irrespective of the potential harm that may arise to the foetus however the requirements of Safeguarding the unborn child under the Children Act 1989 come into play and a safeguarding referral must be instigated without delay and a request made for support from a senior officer.
2. The Public Health (Control of Disease) Act 1984 provides that, on an order made by the magistrate or sheriff, persons suffering from certain notifiable infectious diseases can be medically examined, removed to, and detained in hospital without their consent. Similarly, Section 47 of the National Assistance Act 1948 provides for the removal to suitable premises of persons in need of care and attention without their consent. Such persons should either be suffering from grave chronic disease or be aged, infirm or physically incapacitated and living in unsanitary conditions. These situations are extremely rare and ambulance clinicians should request an incident officer or clinical supervisor to attend such incidents.
3. If a patient refuses decontamination treatment, for example following a chemical, biological, radiological or nuclear (CBRN) incident, ambulance clinicians should liaise with the Police, Health Protection Agency and Public Health laboratories to decide on an appropriate course of action. Powers lie within these groups to take action for the public good.
4. Treatment involving mentally ill patients is covered by the Mental Health Act 1983, provided that the patient is formally detained under that Act. Exceptions under the Act only relate to treatment for the mental disorder itself, and not for other illnesses or conditions. This means that any patient detained under the Mental Health Act 1983 has every right to impart and deny consent for treatment for physical disorders not directly related to his/her mental illness. It is very likely that specialist advice will be available in such circumstances from the Approved Mental Health Practitioner (AMHP) who has coordinated the Section.

Consent and Research

1. Involvement in a research project requires that valid consent is obtained beforehand with certain exceptions. The requirements for consent as they apply to research are set out in the WMAS Trust research strategy.

Consent and Data Protection

Subject Access Requests

1. Requests by an individual to access their own data will be processed under the legal basis of consent, in accordance with the Data Protection Policy and any other relevant trust Policies or Procedures. As such, it is incumbent upon those processing this information to ensure that the principles of consent have been adhered to. In addition when dealing with data subjects remotely, there is an expectation of due diligence in establishing the identity of the person giving consent to the release of information.

Consent to process information as part of care delivery

1. In line with the recommendation of the information commissioner, Consent should not be considered as the primary legal basis for processing information as part of the delivery of direct health and care service, as it is difficult to deliver care without processing information and as such it is difficult for such consent to be freely given. This may apply both to the remote delivery of care by the Emergency Operations Centre, or in respect of on-scene care.
2. In such cases the trust will consider the following elements of GDPR/Data Protection Act 2018 as they apply to the given situation:

• GDPR Article 6(1)(c): processing is necessary for compliance with a legal obligation
• GDPR Article 6(1)(e): processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
• GDPR Article 9(2)(h): processing is necessary for the purposes of preventative or occupational medicine…medical diagnosis, the provision of health or social care or the management of health or social care systems and services…’
• GDPR Article 9(2)(i): processing is necessary for reasons of public interest in the area of public health, such as protecting against serious threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices
• GDPR Article 9(2)(j): processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes
• Data Protection Act 2018, Schedule 1: Part 1 describes conditions for processing personal data for health, public health, social care and research purposes; Part 2 sets out the conditions for processing personal data on the grounds of substantial public interest

3. In most circumstances these provisions will provide an appropriate framework for the processing of information relevant to the delivery of care.

4. This does not preclude the giving of consent where this is appropriate in such scenarios, but these provisions may provide a more robust legal basis for the processing of personal information and sensitive data (including health related data).

5. In general terms, access to supplementary information and shared care records should be on the basis of consent. In specific circumstances, it may be appropriate to rely on other legal basis justifications as defined by GDPR/DPA 2018.

Consent to process information as part of central trust functions

1. Various functions within the trust also process information outside of care delivery. This includes but is not limited to HR, the Patient Experience Team, the High Intensity Service Users Team, the Safeguarding and Patient Safety Team.
2. Across such functions, each team will ensure it has appropriate processes in place where it is processing information on the legal basis of consent that such consent is recorded appropriately. Any such consent given should algin with the definition of consent within this policy.

Processing Information Under a Legal Basis other than Consent

1. The Data Protection Act 2018 sets out the lawful basis for the processing/sharing of information. Whilst one basis is the consent of the individual, there are others for which consent might not be required, or where, despite the refusal/withdrawal of consent, data is processed in any case.
2. The Trust will act in accordance with the Data Protection Act 2018, WMAS Data Protection Policy and all relevant policies and procedures when processing and sharing information. Where relevant and appropriate it will have due regard to the National Data Opt Out as described in WMAS’s National Data Opt Out Policy.
3. Section 251b of the Health and Social Care Act 2012 imposes a positive duty to share information to other health or social care providers where “likely to facilitate the provision to the individual of health services or adult social care in England, and it is in the individuals best interests”.

• Where the individual objects (i.e refuses or withdraws consent), or is considered likely to object to this, the Trust ‘need not’ comply with this duty. The legislation does not however note that the trust ‘must not’ or ‘should not’ and so the sharing of information in these circumstances should be balanced on the basis of the benefit and risk associated with processing/sharing the information and in light of any other relevant provision of the Data Protection Act 2018, the Trusts Data Protection Policy/ Procedure or any other relevant policy procedure.

Key Points – Consent

1. Gaining valid consent is central to all forms of healthcare.
2. Consent is only valid if it is given freely by a person who has all the relevant facts, is able to assimilate them, and can fully understand the implications of their decision. (i.e. has capacity)
3. Patients can change their minds and withdraw consent at any time.
4. Young persons who have the intelligence to fully understand the proposed treatment also have the capacity to consent to such treatment.
5. The rules of consent do not absolve clinicians of their duty of care responsibility, nor do they affect the human rights of patients. Valid refusal of consent by a capacitious patient will however satisfy the duty of the staff member in most cases, excepting where there are other legal duties e.g. Safeguarding.