Introduction
The purpose of this SOP is to provide a framework and guidance around the safe sharing of confidential voice recordings, often needed for governance or training reasons. Confidential voice recordings must only ever be shared if there is a genuine need to do so, such as to support the investigation of an incident or complaint or to provide feedback or learning opportunities. Or where a patient has made a request to receive a copy of their own call.
Confidential voice recordings must only ever be shared in a secure manner, the guidance outlined in this SOP MUST be followed. NHS net is the only email platform to be used, memory sticks must be encrypted and password protected. Sharing confidential voice recordings in any other way or not following the guidelines in this SOP will be considered an Information Governance Breach.
The Standard Operating Procedure
Before sharing a voice recording you must ask the following questions:
Is there a genuine need to share the information? Can the task be completed without sharing the information? If you are unsure, please seek advice from the Governance Team.
When all other options have been considered, the following steps can be followed to share a confidential voice recording in the safest way possible.
Best Option Face to Face
In best practice, any 3rd party needing to listen to a confidential voice recording will be invited to Osprey Court and a member of Management or the Governance team will play the recording from a confidential, restricted access folder on the shared drive. The call will remain the responsibility of the Manager or Governance team member to keep safe whilst needed and deleted when no longer needed.
Sharing via email
Ideally, any confidential email should only ever be sent to and from an NHS.NET email account. Both the recipient and the sender must have an nhs.net account, no other email accounts have adequate security and must not be used under any circumstances. The following statement must be embodied in the accompanying email:
“This email contains a confidential file that must only be opened by the named recipient, if it has come to you in error, please respond to the sender and delete the email immediately. If you are the intended recipient of this email, you are responsible for the safe keeping of the contents. You must only use the contents for the intended purpose and you must safely dispose of the contents as soon as you have finished with them. You must not save the contents or share with any 3rd parties. Any unauthorized use of the contents of this email will be considered an IG breach.”
The sender must follow up the email to confirm safe delivery and safe disposal of the Confidential voice recording.
Alternative Secure email
If it is not possible to send to the recording to an NHS account, it may be sent using the secure method. The word SECURE needs to be written in square brackets [SECURE] which will prompt the recipient to open through the Egress platform which is secure. Details of the secure platform can be found at: Egress Intelligent Email Security: Anti-Phishing, Data Loss Prevention & Encryption
Monitoring
All information sharing is routinely reviewed and monitored by BrisDoc Information Governance Board.
Related information
Information Governance Policy
Change Register
| Date | Version | Author | Change |
| 03.01.2018 | 1 | Sarah Pearce | New document |
| 19.03.2020 | 1 | Sarah Pearce | No changes. |
| 15.07.2021 | 1 | Sarah Pearce | Removed MP3 blocking details – no longer relevant. |
| 24.07.2023 | 2 | Sarah Pearce | Added pt request reference |
| 24.07.2023 | 2 | Sarah Pearce | Added [SECURE] info |
| 24.07.2023 | 2 | Sarah Pearce | Removed USB – No longer an option |