Record Keeping

Record keeping is a fundamental part of professional practice. The purpose of this information is to provide record keeping guidance for the individual dietitian and other members of the dietetic team. It replaces the Joint BDA/Dietitians Board Guidance on Standards for Records and Record Keeping (2001).

The principles are applicable to all areas of practice. The guidance does not define a rigid framework, nor is it designed as an auditable standard; it aims to inform of key record keeping issues.


The British Dietetic Association (BDA) and Sports and Exercise Register (SENR) proudly represent the dietetic workforce, and accredited professionals within the speciality of sports and exercise nutrition, respectively. Registrants have a professional and legal obligation to keep an accurate record of their interaction with service users or clients.

This record keeping guidance is intended for use by all members of the BDA and SENR, who include registered dietitians, dietetic support workers/assistants, student members and sports nutritionists. These guidelines apply to all roles and settings in which they work.

This guidance document comes at a time when there is huge variability in terms of the use of paper or digital records across the profession. Therefore, has been written in such a way as to provide members of the BDA and SENR registrants with the principles that underpin good record keeping no matter what format their records are in or where they are employed.

This guidance is necessarily broad and cannot provide definitive answers to every situation a member/registrant may encounter. Nor does it provide a rigid framework for an auditable standard. It does however, provide the principles that will guide dietitians, the wider dietetic workforce and sports and exercise nutritionists in making, protecting and sharing of clinical records and any other personal data that they hold. These guidelines should be used alongside any record keeping guidelines set out by your employer.


Primary Purpose

Secondary Purpose

Underpin day-to-day service and delivery of care

Assist in audit

Help structure thoughts to aid decision-making

Provide data for service development

Be an accurate account of intervention and care planning

Provide data for research

Communicate between professionals

Provide data for population monitoring

Act to aid memory

Provide evidence for claims complaints, inquests, inquiries, disciplinary hearings and other legal proceedings.


Traditionally, health records have been thought of as having both primary and secondary purposes. As the digital world evolves around us, and service users increasingly expect data from their record to be used (anonymously) for service reporting and clinical research to enhance both the quality and diversity of service provision. The boundary between what is considered a primary and secondary purpose is becoming blurred.


Making the record

Records are fundamental to safe and effective service provision.

Protecting the record

All record keeping is governed by the European Union General Data Protection Regulations (GDPR).

Sharing the record

Your duty to share information in line with GDPR, is as important as your duty to maintain patient confidentiality.

Making the Record

Being able to make and maintain records is a requirement of HCPC and SENR Code of Professional Conduct and all those who provide direct care are required to keep records. You have a duty to communicate fully and effectively with colleagues to ensure that they have all the necessary information to provide safe and effective care.

  • You should complete the record as soon as possible after the consultation or event and certainly within timescales stipulated in local policies. This should normally be within the working day. Click here to read a case study on the possible consequences of not completing a record in a timely fashion. 
  • You should communicate clearly and concisely in an appropriate style so that your message is understood.
  • You must write in a way that the person you are caring for could understand your entry.
  • Records should be structured in a way that is conducive to capturing relevant information efficiently and in a way that information is accessible when needed. Review the record template in the key resources section which can help guide you to structure your notes and improve them.
  • You should embrace information standards, realising that the record is only part of the health and social care jigsaw. You should proactively seek to implement and adopt existing standard templates and terminology that enable consistent recording of quality data across systems and organisational boundaries. Click here to visit The Professional Records Standards Body (PRSB) which develops national standards for the structure and content of health and social care records.
  • Where possible the BDA’s SNOMED (Systematized Nomenclature of Medicine) subsets should be incorporated into electronic record templates to promote consistent practice across the profession. (Not applicable to SENR registrants).
  • You should avoid approximations, jargon, meaningless phrases, irrelevant speculation, bias.
  • The BDA and SENR does not have a definitive list of abbreviations. Use of abbreviations varies nationally, locally and even within different departments of the same organisation, it is good practice to check if your organisation has a ratified list of acceptable abbreviations or acronyms and adhere to it.
  • If you are recording that a decision has been made you should record how those decisions were made; including the information that lead to that the decision, to include who was involved in the decision-making process.
  • If your records are hand written they must be legible, written in permanent ink and be legible when photocopied or scanned.
  • You should adhere to local policy regarding signing and dating record entries including signing in and out of computers using your own unique ID. You are responsible for your records.
  • The decision to delegate tasks (e.g. completing a client record) and the subsequent countersigning of said record must be a reasoned and individual decision. If there is no local policy, the ultimate responsibility about when and how delegation and countersigning take place lies with the supervising dietitian or sports and exercise nutritionist. All student entries into the record must be countersigned by the supervisor.
  • You should check your record for mistakes
  • If you need to alter a record you must adhere to local policy and ensure that all changes are clear, non ambiguous and signed and dated (electronically or by hand). Electronic patient recording systems should have a built in audit trail that meets ISO standard ISO 27789:2013.
  • Records should be audited regularly and action taken to ensure best practice, patient safety and quality of care. Review the audit tool in the key resources section which has been developed by the BDA to help you audit your own records.

Protecting the Record

A health or care record is any record of information relating to someone’s physical or mental health that has been made by (or on behalf of) a health professional. Such records are extremely personal and sensitive.

A record is comprised of all data relating to an identifiable individual including but not limited to written records, emails, letters, diaries, photos, scans and monitoring charts. From paper to hard drives to the cloud, client data may be stored in a variety of platforms.

All personal data in the UK is governed by the 2018 Data Protection Act and EU General Data Protection Regulations (GDPR) 2018. There are 6 principles of the GDPR which must be adhered to. GDPR goes beyond the health care record and is applicable in all aspects of work where the processing of data that could personally identify an individual occurs.

Therefore, GDPR covers the whole business. For example, application would include but is not limited to personal data held as part of recruitment tasks, employment, running events and marketing services.

Principles of GDPR

1. Processing should be lawful, fair and transparent

2. Personal data shall be collected for specified, explicit and legitimate purposes

3. Personal data must be adequate, relevant and limited to what is necessary

4. Personal data shall be accurate and kept up to date

5. Personal data shall be kept for no longer than is necessary

6. There must be appropriate security in place in respect of the personal data

  • You must recognise your duty as a data processor or a data controller and abide by the regulations stipulated in the GDPR.
  • Every organisation and sole trader who processes personal data must register with the Information Commissioners Office (ICO). If you work for an organisation (such as an NHS Trust, health board or private company), your organisation must be registered. If you provide patient care as a freelancer you must register yourself via the ICO website. Click here to register via the Information Commissioners Office (ICO) website
  • If you are employed, you must acquaint yourself with local systems and adhere to policies and procedures that safeguard records. This may include possessing a smartcard, using electronic passwords, filing and storing records securely.
  • If you are a freelancer you must map the flow of personal data through your business, identify and mitigate risks and have your own policy on how you process personal data. You should create a privacy notice and ensure that clients and prospective clients understand what data you need and how you will process it. Consent for sharing can be obtained via a privacy notice.
  • You should only access the records of patients and clients for legitimate purposes and should never access records for yourself, family or friends.
  • You should take all reasonable steps to ensure that records are stored securely to prevent unauthorised access or loss.
  • You should not hold conversations regarding the content of records in public and should ensure that the content of records in not made visible on trolleys, computer screens or desks.
  • You should report issues of missing/ accessing records to your line manager if you are employed. If you are a private practitioner, you must keep a record of any data protection breaches and follow ICO guidance if they occur. This may involve informing the ICO of the breach.
  • Do not keep records for any longer than is necessary. There are legal requirements for how long health records should be kept. Each UK country sets out minimum retention periods for NHS health records. You can review the record retention policy set out by your country below:

Sharing the Record

The duty to share information can be as important as the duty to protect client confidentiality. You have a legal duty to disclose confidential information if there is risk of harm to the service user, yourself or others. This may mean sharing information without consent. If you work for the NHS you should discuss your scenario with your trust’s Caldicott guardian.

  • You must gain consent and record that you have obtained consent to share data about a patient. If you are employed you must adhere to local policies. If you are a freelancer you should include a privacy statement as part of your data processing policy .
  • You should understand how any information you share is going to be used and be able to articulate this to the patient
  • You should check that systems for sharing records are secure such as email, fax, letter.
  • You should take care when using social media that information is not shared inadvertently.