Data Protection and Access to Health Records

Change my appointment

Appointment Form

If you have been given an outpatient appointment at the hospitals and are unable to attend for whatever reason you can use the form below.

It is really important that you let us know of any changes as soon as possible. This means we can offer the original appointment to another patient.

Please complete the form below with your contact details and as much information as possible. You can find most of the information we need on your appointment letter.

If you have any problems using this form, please call the number on your appointment letter and we will do our best to help you. You will receive a response from us so you know it has been received and actioned.

If you wish to change the date and time of your appointment you, you can click the re-book option and state any dates that are not suitable for you, or you can contact us using the number on your appointment letter.

Warrington and Halton Hospitals NHS Foundation Trust is registered with the Information Commissioner's Office to process personal and sensitive personal data under the UK Data Protection Act. The current Act sets new standards for protecting data in accordance with the General Data Protection Act (GDPR).

All our staff have a duty to ensure that personal information, given in confidence, remains confidential. The duty of confidence is reinforced in common law, statute, disciplinary codes and our contract of employment. The privacy statement of the CQC, the independent regulator of health and social care in England, can be read here.

General Data Protection Regulation (GDPR) and your records

The General Data Protection Regulation (GDPR) came into force on 25th May 2018. GDPR is designed to strengthen data protection law across the EU and will be effective in the UK regardless of the UK’s exit from the EU.

There are many similarities between previous data protection legislation and the new UK Data Protection Act and GDPR, but there will also be a number of changes including new responsibilities placed upon data controllers and processors, increased regulatory powers and new rights for data subjects. The General Data Protection Regulation provides a legal basis for the processing of general personal data and special category data under articles 6 and 9 respectively for healthcare provision.

An overview of GDPR can be found here

What are my rights under GDPR?

Information regarding your rights can be found here

How we use your personal information

We aim to provide you with the highest quality care. To do this we must keep records about you and the care we provide for you. The General Data Protection Regulation provides a legal basis to process both personal and sensitive data for the provision of health care.

Health Records are held on paper and electronically and we have a legal duty to keep these confidential.

Information collected about you to deliver your health care is also used to assist with:

  • Making sure your care is of a high standard
  • Assessing your condition against a set of risk criteria to ensure you are receiving the best possible care
  • Preparing statistics on our performance for the Department of Health and Social Care and other regulatory bodies
  • Helping train our staff and support research
  • Supporting the funding of your care
  • Reporting and investigation of complaints, claims and untoward incidents
  • Reporting events to the relevant authorities when we are required to do so by law
  • Using statistical information to look after the health and wellbeing of the general public and for planning services to meet the needs of the population.
  • Completion of the NHS patient survey programme

The Trust’s privacy notice which explains how we use your data can be accessed here

The Trust's most recent Data Security and Protection Toolkit Assurance report is available here

A list of Data Protection Impact Assessments is available here

COVID-19 and your information - Supplementary privacy note on COVID-19 for Patients/Service Users - view here.

The national data opt-out programme

The National Data Opt-Out

he national data opt-out was introduced on 25 May 2018, enabling patients to opt out from the use of their data for research or planning purposes, in line with the recommendations of the National Data Guardian’s review of Data Security, Consent and Opt-Outs.

You can view or change your national data opt-out choice any time, by visiting:

By March-end 2022 all health and care organisations are required to be compliant with the national data opt-out policy, where confidential patient information is used for research and planning purposes. NHS Digital and Public Health England are already compliant and are applying national data opt-outs. Find out more about compliance.

National Data Opt-Out Privacy Notice

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.

The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:

  • improving the quality and standards of care provided
  • research into the development of new treatments
  • preventing illness and diseases
  • monitoring safety
  • planning services

This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.

Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.

To find out more or to register your choice to opt out, please visit At this page you can learn more about confidential information, the benefits of sharing data and find out about scenarios when the opt-out will apply.

You can also find out more about how patient information is used at: (which covers health and care research); and (which covers how and why patient information is used, the safeguards and how decisions are made)

You can change your mind about your opt-out choice at any time.

Health and care organisations have until 31/03/2022 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care.

Requesting copies of your personal information

If you require advice about accessing your personal information the Trust’s Medico-Legal team can be contacted on access to your information the Trust’s Medico-Legal team at:

The subject access form that we ask you to complete in order to gain access to your records can be accessed here

If you have any further queries on the uses of your information please speak to one of the following:

Should you wish to complain about the use of your information please contact our complaints team using the PALS information above.

If you remain unsatisfied with the outcome of your enquiry you can write to:

The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or telephone them on 01625 545700.