Governance (Patient Pass)

 

Right to be informed

Patient Pass is a secure, web-hosted communication platform used by some NHS departments to coordinate referrals and inter-hospital transfers. It provides a shared record of advice and guidance and helps ensure relevant patient information is transferred efficiently and securely between care teams. It is a tool that helps healthcare providers meet their obligations for safe care and information governance. 

Patient Pass ensures that patients' personal and medical information is handled in accordance with NHS data protection standards and the UK General Data Protection Regulation (UK GDPR). Only authorised healthcare professionals involved in your care can access your information, and all data is transmitted using secure, encrypted channels. The platform does not share your details with third parties for marketing or non-clinical purposes.

You have the right to know how your information is used, stored, and shared, and Patient Pass supports this by providing a transparent and auditable record of communication between hospitals.

 

Patient Pass Privacy Notice

Who are Patient Pass?
Patient Pass is a secure communication platform used by NHS departments to coordinate referrals and inter-hospital transfers. Your data is managed by your NHS Trust, which acts as the Data Controller. Patient Pass is the Data Processor, providing the technology to support safe and efficient care.

 

What information do they collect?
We collect and share information necessary for your care, including:

  • Personal details (name, date of birth, NHS number)
  • Clinical information (diagnosis, treatment plans, test results)
  • Relevant notes and advice between healthcare teams

Why do they use your information?
Your information is used to:

  • Coordinate your care between hospitals
  • Ensure safe and timely transfers
  • Maintain accurate records of advice and guidance

Legal basis for processing
We process your data under the UK GDPR and Data Protection Act 2018 on the basis of:

  • Public task : Providing healthcare services
  • Vital interests : Protecting your health and safety

Who do they share your information with?
Your data is shared only with authorised NHS staff involved in your care. Patient Pass does not share your information with third parties for marketing or non-clinical purposes.

 

How do they keep your information secure?
All data is encrypted and stored on secure servers within the UK. Access is restricted to authorised healthcare professionals.

 

How long they keep your information?
Your information is retained in line with NHS records management policy. For details, please ask your care team.


Your rights
Under UK GDPR, you have the right to:

  • Access your information
  • Request corrections
  • Request deletion (where applicable)
  • Object to processing
  • Complain to the Information Commissioner's Office (ICO)