How do we protect your information?

• Everyone working for the NHS has a legal duty to keep your information secure and confidential at all times.

All staff employed by the Trust or working with the Trust are bound by strict confidentiality agreements. Trust Staff also undertake training on both the Data Protection, Information Security and the Common Law of
Confidentiality to ensure they know and understand how to keep your information secure and confidential at all times.

The Trust’s Information Security department has deployed technical security measures to keep your information secure when stored electronically.
 
• All staff working in the NHS are bound by strict confidentiality guidelines which means only staff that are providing or supporting your care/treatment are entitled to access your information.

All staff are bound by the Common Law Duty of Confidentiality which means only staff involved with your care are entitled to access information relating to you. This is detailed within the confidentiality agreements signed by staff working in the Trust and is included within mandated training provided to staff. All clinical staff are bound by strict professional codes of conduct which incorporate confidentiality clauses. Further information can be found on the British Medical Association (BMA) General Medical Council (GMC) and Nursing and Midwifery Council (NWC) websites.

• We will not disclose any patient/personal information to a third party e.g. private organisation, solicitor, employer, police officer without obtaining your explicit consent.

We will not disclose any patient/personal information to a third party e.g. private organisation, solicitor, employer, police officer without obtaining your explicit consent and in line with Data Protection laws.

Where you have asked a company to act on your behalf e.g. solicitor, we will not release information about you without your explicit consent. Where we receive requests relating to your care by a police officer or employer your information will not be released without your explicit consent or in line with Data Protection laws.


• We will only collect the minimum information required to provide and support your care.
Data protection law requires the Trust to only collect information which is relevant to your care and is not excessive.

• We keep your health record for a defined period of time as determined by Department of Health Guidance.

We have a legal obligation to store your medical information. The length of time we will store your information is set out by the Department of Health. The longest we will keep a patient’s record is 30 years after their care has stopped.

More information on the retention of records in the NHS can be found on the Department of Health website.