Welcome to GOC Standard 14: Confidentiality and Privacy in Optical Practice

Welcome to this focused course on confidentiality and privacy tailored for optical practices working in the UK. GOC Standard 14 underpins safe, trusted care: it requires that patient information and interactions are handled with respect across reception areas, consulting rooms, domiciliary visits and digital systems. This course will equip you and your team with practical, legally informed habits to protect patients, reduce risk and demonstrate compliance.

What You Will Learn

• Core principles: Minimum necessary disclosure, need‑to‑know sharing, valid consent, and documenting the legal basis and rationale for any disclosure.
• Legal & professional framework: Practical highlights of the Data Protection Act 2018, UK GDPR, Common Law Duty of Confidentiality, Human Rights Act and Access to Health Records legislation - what they mean for everyday practice.
• Consent, capacity and carers: When implied consent is enough for direct care, when explicit consent is required, how to assess capacity and record best‑interest decisions, and how to work with carers and parents.
• Practical controls: Simple, high‑yield steps for reception, screens and equipment, printed materials, telephone calls, digital platforms, social media and domiciliary visits.
• Managing disclosures and incidents: How to respond to requests (family, police, safeguarding), when to share without consent, how to contain and record breaches and when to escalate.
• Record keeping & templates: Exactly what to capture (who, what, when, why, how), incident and disclosure log templates, and how to evidence compliance.
• Everyday scripts and scenarios: Ready‑to‑use reception and phone scripts, three quick tests before sharing, and model responses for common near‑misses and incidents.
• Audit and continuous improvement: Small cycle audits, key metrics, and how to embed change through training and induction.

Memorise and use: minimum necessary + need‑to‑know + record the why. Small, repeatable behaviours across the whole team are your best defence.

How This Course Will Help You

• Reduce the likelihood of complaints, regulatory action and data breaches by adopting legally sound, practical routines.
• Give you confident, exam‑smart answers and on‑the‑spot actions for real‑world scenarios.
• Provide ready‑made scripts, checklists and templates you can adopt immediately for induction, reception and domiciliary visits.
• Support whole‑team compliance - clinical, administrative and visiting staff - through concise training points and observed competency checks.
• Help you evidence compliance with GOC Standard 14 and UK data‑protection requirements for CPD and inspections.

Who Should Take This Course

• Optometrists and dispensing opticians
• Practice managers and clinic leads
• Reception and administrative staff
• Domiciliary and outreach teams
• Locums, students and trainees
• Information governance or Caldicott leads in optical settings

Course Format & What to Expect

• Short, practical modules with scenario‑based learning and clear action points.
• Checklists and one‑page induction scripts you can download and adapt.
• Quick tests and memory aids for on‑the‑spot decisions.
• Suggested templates for incident logs and disclosure records.
• Time estimate: designed to be completed in short sessions - suitable for team training and refresher CPD.
• On completion you will receive a CPD certificate and practical tools to implement immediately.

Practical Tips You Can Use Today

• Three quick tests before sharing: 1) Is it necessary for care or safety? 2) Is the recipient appropriate and verified? 3) Is the amount disclosed the minimum necessary?
• Reception script (ready to adapt): "To confirm your details discreetly, can I check two identifiers with you in a quieter area? We can discuss prescription details in private if you prefer."
• Phone script for third parties: "I'm sorry, I can't share that without the patient's permission. They can authorise release in writing, by a three‑way call, or collect the information themselves."
• If a breach occurs: contain access, preserve evidence, notify your IG/Caldicott lead, assess harm and record every action.

We're pleased you've chosen this course to strengthen privacy and confidentiality in your practice. Start the first module to build practical, everyday habits that protect patients and support professional standards.