Warrington and Halton Hospitals NHS Foundation Trust is registered with the Information Commissioner's Office to process personal and sensitive personal data under the UK Data Protection Act. The current Act sets new standards for protecting data in accordance with the General Data Protection Act (GDPR).
All our staff have a duty to ensure that personal information, given in confidence, remains confidential. The duty of confidence is reinforced in common law, statute, disciplinary codes and our contract of employment.
The General Data Protection Regulation (GDPR) came into force on 25th May 2018. GDPR is designed to strengthen data protection law across the EU and will be effective in the UK regardless of the UK’s exit from the EU.
There are many similarities between previous data protection legislation and the new UK Data Protection Act and GDPR, but there will also be a number of changes including new responsibilities placed upon data controllers and processors, increased regulatory powers and new rights for data subjects. The General Data Protection Regulation provides a legal basis for the processing of general personal data and special category data under articles 6 and 9 respectively for healthcare provision.
An overview of GDPR can be found here.
Information regarding your rights can be found here.
We aim to provide you with the highest quality care. To do this we must keep records about you and the care we provide for you. The General Data Protection Regulation provides a legal basis to process both personal and sensitive data for the provision of health care.
Health Records are held on paper and electronically and we have a legal duty to keep these confidential.
Information collected about you to deliver your health care is also used to assist with:
Making sure your care is of a high standard
Assessing your condition against a set of risk criteria to ensure you are receiving the best possible care
Preparing statistics on our performance for the Department of Health and Social Care and other regulatory bodies
Helping train our staff and support research
Supporting the funding of your care
Reporting and investigation of complaints, claims and untoward incidents
Reporting events to the relevant authorities when we are required to do so by law
Using statistical information to look after the health and wellbeing of the general public and for planning services to meet the needs of the population.
Completion of the NHS patient survey programme
The Trust’s privacy notice which explains how we use your data can be accessed here.
Details of the national data opt-out programme that people can use to opt out of their confidential patient information being used for reasons other than their care and treatment are available here
You can also find out more about how patient information is used at:
https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and
https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)
If you require advice about accessing your personal information the Trust’s Medico-Legal team can be contacted on access to your information the Trust’s Medico-Legal team at: email@example.com
The subject access form that we ask you to complete in order to gain access to your records can be accessed here.
If you have any further queries on the uses of your information please speak to one of the following:
Your healthcare professional.
The Patient Advice and Liaison Service (known as PALS). They can be contacted on 01925 635911.
Our Data Protection Officer (Information Governance Manager) on 01925 635911 ext. 5673 or at firstname.lastname@example.org
Should you wish to complain about the use of your information please contact our complaints team using the PALS information above.
If you remain unsatisfied with the outcome of your enquiry you can write to:
The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or telephone them on 01625 545700.