Privacy and Consent in Digital Communication Support
Privacy and consent are essential when digital communication tools are used in learning disability services. Apps, digital passports, video prompts, communication photos, body maps, health pages and visual schedules may include highly personal information. They can improve communication, but they must be governed carefully so people’s rights, dignity and control are protected.
Strong providers place privacy and consent within wider communication and accessibility practice and connect it with learning disability support pathways. This means digital communication is not treated as a technical shortcut; it remains part of respectful, person-centred support.
Concept Explained Clearly
Privacy and consent in digital communication means checking what information is collected, why it is needed, who can see it, how it is stored, how it is shared and whether the person has been supported to understand and influence those decisions.
This may involve consent for photos, videos, digital communication passports, sharing information with health professionals, using cloud-based apps or recording communication outcomes.
Why It Matters in Real Services
Digital communication tools can expose private information if access is poorly controlled. Staff may share photos too widely, leave devices unlocked, store videos without review or include sensitive information that is not necessary.
Providers should be able to evidence that digital communication improves access without reducing privacy, dignity or choice.
What Good Looks Like
Good practice means information is proportionate, current, securely stored and only shared where there is a clear reason. People are supported to understand what is being used, using accessible explanations where needed.
Strong services demonstrate a clear line of sight from consent, information governance and staff practice to safer, more respectful communication support.
Operational Example 1: Consent for a Digital Communication Passport
Context: A person was moving to a new day opportunity. Staff wanted to share a digital communication passport containing photos, communication cues and support guidance.
Support approach: The provider completed an accessible consent and information-sharing review.
Five practical steps:
- Staff identified which information the new setting genuinely needed.
- The person was shown an accessible explanation of what would be shared.
- Family and advocates contributed where appropriate without replacing the person’s voice.
- The passport was edited to remove unnecessary personal details.
- Managers recorded consent, sharing arrangements and review dates.
Day-to-day delivery detail: Staff used photos and simple yes/no options to explain that the passport would help new workers understand communication. The person agreed to share staff guidance but did not want some personal photos included.
How effectiveness was evidenced: The new service received useful communication guidance without unnecessary personal information. Records showed that the person’s preferences shaped what was shared.
Deepening Privacy Through Total Communication
Privacy and consent should reflect total communication approaches beyond spoken language. A person may show agreement, uncertainty, discomfort or refusal through gesture, expression, posture, sounds, objects, AAC or behaviour.
Staff should not assume consent because a person does not verbally object. They should observe the person’s whole communication and respond to signs of hesitation or distress.
Operational Example 2: Video Prompts and Personal Dignity
Context: A person benefited from video prompts during personal care preparation, but staff were unsure what could be filmed appropriately.
Support approach: The provider reviewed dignity, consent and content boundaries before creating any video prompt.
Five practical steps:
- Staff identified the communication purpose of the video.
- The team agreed that no intimate care would be filmed.
- The person was supported to choose which objects and rooms appeared.
- The video was stored securely with access limited to relevant staff.
- The prompt was reviewed to confirm it remained useful and appropriate.
Day-to-day delivery detail: The final video showed towel, toothbrush, clean clothes and bathroom door, but did not show the person receiving care. Staff used it before the routine to support understanding while protecting dignity.
How effectiveness was evidenced: Personal care preparation became calmer, and governance records showed that privacy had been actively protected.
Systems, Workforce and Consistency
Privacy and consent should be included in communication profiles, digital tool guidance, staff induction, supervision, information governance audits and support plan reviews. Staff should know what can be recorded, what must not be shared and how to report concerns.
Handovers should avoid unnecessary personal detail while still sharing communication information that affects safety and support. Supervision should check whether workers understand consent as an ongoing process, not a one-off form.
Operational Example 3: Health Communication and Secure Sharing
Context: A person used a digital body map and pain diary. Staff needed to share relevant information with a GP but wanted to avoid sending excessive personal records.
Support approach: The provider used accessible information principles from accessible information standards in learning disability services to support understanding and proportionate sharing.
Five practical steps:
- Staff identified the specific health information needed for the appointment.
- The person was supported to understand what would be shared.
- Only relevant pain diary entries and communication responses were included.
- Information was shared through the agreed secure route.
- The outcome was recorded and reviewed after the appointment.
Day-to-day delivery detail: Staff shared a summary of stomach pain selections, appetite changes and worry indicators rather than the full communication log. The GP used this to guide assessment.
How effectiveness was evidenced: The appointment record showed clearer health information and proportionate sharing. The provider evidenced both communication access and privacy protection.
Governance and Evidence
The audit trail may include consent records, information-sharing agreements, communication profiles, digital tool access logs, supervision notes, review records, incident reports and outcome reviews.
Data may show improved appointment participation, fewer privacy concerns, stronger staff compliance, better consent recording and clearer person involvement. Qualitative evidence should explain how privacy decisions supported dignity and communication rights.
Commissioner and CQC Expectations
Commissioners expect providers to evidence personalised communication, rights-based support, safe information-sharing and outcome-focused practice. Privacy and consent arrangements show that digital innovation is being managed responsibly.
CQC expects dignity, consent, effective communication, safe care, involvement and good governance. Inspectors may look at whether people understand how information is used, whether records are secure and whether staff protect privacy in daily practice.
Common Pitfalls
- Assuming consent because a person does not verbally object.
- Using photos or videos without clear purpose or review.
- Sharing full records when a focused summary would be enough.
- Leaving devices unlocked or accessible to people who do not need access.
- Failing to update consent when tools, settings or sharing arrangements change.
- Treating privacy as paperwork rather than everyday practice.
Conclusion
Digital communication support can improve access, involvement and safety, but it must protect privacy and consent at every stage. Strong providers demonstrate that information is used proportionately, shared securely and shaped by the person’s communication and preferences. When privacy governance is embedded well, digital communication remains both effective and rights-led.