The Trust collects and stores large amounts of personal data every day, such as medical records.
We take our duty to protect your personal information and confidentiality very seriously and are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper.
At Trust Board level, we have appointed a Senior Information Risk Owner who is accountable for the management of all Information assets and any associated risks and incidents, and a Caldicott Guardian who is responsible for the management of patient information and patient confidentiality.
The healthcare professionals caring for you keep records about your health and any care you receive from the NHS to ensure that you receive the best possible care.
These records may include:
Basic details about you such as name, address, date of birth, next of kin, etc.
Contact we have had with you such as appointments or visits and notes about your health, treatment and care
Results of tests
Relevant information from people who care for you and know you well such as health professionals and relatives.
It is essential that your details are accurate and up to date. Always check that your personal details are correct when you visit us and please inform us of any changes as soon as possible.
Your records are used to direct, manage and deliver the care you receive to ensure that:
The healthcare professionals involved in your care have accurate and up to date information to assess your health and decide on the most appropriate care for you
Healthcare professionals have the information they need to assess and improve the quality and type of care you receive
Your concerns can be properly investigated if a complaint is raised
Appropriate information is available if you see another doctor, or are referred to a specialist or another part of the NHS.
Your information may also be used to help us improve NHS services by:
Reviewing the care we provide to ensure it is of the highest standard and quality
Ensuring our services can meet patient needs in the future
Investigating patient queries, complaints and legal claims
Ensuring the hospital receives payment for the care you receive
Preparing statistics on NHS performance Audit NHS accounts and services
Undertaking health research and development (with your consent and you may choose whether or not to be involved)
Helping to train and educate healthcare professionals (with your consent and you may choose whether or not to be involved).
Everyone working within the NHS has a legal duty to keep information about you confidential. Similarly, anyone who receives information from us has a legal duty to keep it confidential. We will share information with the following main partner organisations:
Other NHS Trusts and hospitals involved in your care
Clinical Commissioing Groyups (CCGs), Strategic Health Authorities and other NHS bodies such as Ambulance Services
You may be receiving care from other people, for example social services, who we might need to share your information with so we can work together for your benefit - if they have a genuine need for it, or we have your permission. Therefore, we may also share your information with such organisations subject to strict agreement about how it will be used.
We will not disclose your information to any other third parties without your permission unless there are exceptional circumstances, such as if the health and safety of others is at risk or if the law requires us to pass on information.
You have the right to restrict how and with whom we share the personal information in your records. This must be noted explicitly within your records so all healthcare professionals and staff treating you are aware of your decision.
By choosing this option, it may make the provision of treatment or care more difficult or unavailable. You can also change your mind at any time about a disclosure decision.
- The Data Protection Act 1998 gives you a right to access the information we hold about you on our records.
- Your request must be in writing by completing a Subject Access Request form and sending to the Trust’s Information Governance Manager
- There will be a charge to have a printed copy of the information held about you, which is in accordance with the Data Protection Act. This fee includes the time taken to locate the record and the printing costs involved.
- For copies of records requested by patients/patient’s representatives: £10
- For copies of records requested by Solicitors: £50
- We are required to respond to you within 40 days
- You will need to provide adequate information (for example full name, address, date of birth, NHS number, etc) so that your identity can be verified and your records located
If you require any further information, please contact the Trust’s Information Governance Manager: firstname.lastname@example.org