Skip to content
Map & Directions Contact us

Caldicott Principles

Principle 1: Justify the purpose(s) for using confidential information

Principle 2: Use confidential information only when it is necessary

Principle 3: Use the minimum necessary confidential information

Principle 4: Access to confidential information should be on a strict need-to-know basis

Principle 5: Everyone with access to confidential information should be aware of their responsibilities

Principle 6: Comply with the law

Principle 7: The duty to share information for individual care is as important as the duty to protect patient confidentiality

Principle 8: Inform patients and service users about how their confidential information is used


The principles apply to use and sharing of confidential patient information, that is data collected for the provision of health and social care services where patients and service users can be identified and would expect that data will be kept private. This may include for instance, details about symptoms, diagnosis, treatment, names and addresses.

The principles are supported by the appointment of a Caldicott Guardian.  A Caldicott Guardian is a senior person responsible for protecting the confidentiality of people’s health and care information and making sure it is used properly. Our Caldicott Guardian is Dr Raphael, Consultant Cardiologist / Medical Director.

Further information

The UK Caldicott Guardian Council

Return to Data Protection and Confidentiality