Your personal information

a worker scans medical records ready for filing

Our data protection guarantee

In order to comply with data protection legislation, we are required to let you know what we do with any information we hold about you. This could be your health care records, personnel details or financial information. Our fair processing notice below is your assurance that we are complying with our legal obligation to you and is also a good opportunity for you to understand or exercise your information rights.

In short, we must tell you:

  • What personal information we use
  • Why we need your personal information
  • The lawful basis for processing your personal information i.e. legitimate reasons for collecting, keeping, using and sharing it
  • How we use, store, protect and dispose of your personal information
  • How long we keep it for and who we may share it with
  • About your information rights
  • How to report a complaint or concern.

Please read our fair processing notice[pdf] 327KB to find out how this affects you.

Your personal information

Personal information (PI) refers to any information that can identify a person, either on its own or with other information. Obvious examples are name, address and date of birth; however this could include other forms for data, such as email address, car registration, physical feature, NHS number and pictures. 

This also includes ‘Pseudonymisation’, which is the use of a random set of numbers or letters to generate a unique identifier (pseudonym), which can be matched with additional information to identify you, but doesn’t reveal your identity. This is commonly used in research, for publishing findings.

Most of the PI we process is confidential or sensitive because it involves information about your health. This could be used in a discriminatory way, and as it’s likely you’ll want it to be kept private, we need to take greater care to keep it secure. Find out more about what information is confidential and sensitive in our Fair Processing Notice.

Anonymised data is not PI - as it’s information which cannot reasonably identify you. Anonymous data requires the removal of information which might identify you and allows PI to be converted into an unidentifiable format. This allows us to process your PI without compromising data protection requirements or posing privacy risks. We always consider this when we need to use your PI, and we only use your PI when absolutely necessary.

We may collect and use your PI about your contact details, identity, medical history, qualifications, financial details, learning needs analysis, employment records, criminal records or any other information which may be confidential or sensitive which you have provided to us, or through a third party such as other health and social care professionals, local authorities, voluntary organisations or relatives and carers.

Processing personal information

We’re responsible for planning, procuring, commissioning, implementing and providing NHS services for administrative, direct care, and research purposes, or to meet a legal and regulatory requirement. This may require the use of personal data of our staff, patients, service users or any individual whom we hold information on, which is why data protection legislation requires us to process your personal information (PI):

  • Fairly and lawfully with transparency
  • For explicitly specified and legitimate purpose
  • Adequately, relevant and limited to the specified purpose
  • Ensuring its accuracy and integrity
  • No longer than is necessary
  • Securely
  • In ways that comply with the law
  • With adequate safeguards in place when agreed to be transferred outside of the UK.

The PI we collect may be used for any of the following purposes:

  • Healthcare for patients – diagnosis, treatment and referral
  • Accounting, financial management and auditing
  • Commissioning and procuring services
  • Education and training
  • Consultancy and advisory services
  • Human resources and staff administration
  • Crime prevention and prosecution
  • Health administration and services management
  • Business activity information and databank administration
  • Contractual arrangements for data processing by third parties on our behalf
  • Occupational health referrals
  • Research, national surveys
  • Advertising, marketing and public relations or insurance
  • Security services (CCTV monitoring, confidentiality audits.)

Without your PI, we cannot:

  • Direct, manage and deliver the healthcare you may need
  • Ensure we have accurate and up-to-date information to assess and provide what you require
  • Provide the appropriate level of assistance or adequate guidance
  • Refer you to a specialist or another service
  • Protect the general public or promote public health
  • Manage, develop or improve our services
  • Investigate complaints or proceed with legal actions for claims
  • Employ you
  • Procure products and services
  • Commission business activities
  • Comply with a court order
  • Comply with regulatory requirements
  • Meet some of our legal obligations
  • Compile statistics to review our performance
  • Educate and train our workforce
  • Standardise best practice
  • Undertake clinical trials and research studies
  • Complete occupational health checks
  • Keep you and other service users safe on our premises.

Lawful basis for processing your personal information

We don’t rely on consent to use your personal information (PI) as a ‘lawful basis for processing’ following appropriate guidance from the Information Governance Alliance.  We follow specific provisions under Article 6 (Lawful Processing) and 9 (Processing of Special Categories of Personal Data) of the General Data Protection Regulation.

More information on these articles can be found in our Fair Processing Notice.

This means that we will:

  • Use your PI to provide you with your care or for legitimate administrative purposes without seeking your consent.  However, you do have the right to say ‘NO’ to our use of your PI but this may have an impact on our ability to provide appropriate care. Please speak to your healthcare professional or contact our Data Protection Officer.  
  • Collect and use your PI to provide care and run our hospitals but will not use it for anything else that is not considered by law to be for this purpose
  • Use enough of your PI that will be relevant and necessary to carry out various tasks within the delivery of your care and running our services
  • Keep your PI accurate and up-to-date when using it and if it is found to be wrong, make it right, where appropriate, as soon as possible
  • Keep your information in a way that will identify you for as long as legally required, whilst ensuring your rights
  • Have secure processes in place to keep your PI safe when it is being used, shared, and stored.

We will always secure your freely given, specifically expressed and fully informed consent to share your PI, if we do not have a lawful basis to do so. In circumstances where it is not practical to inform you of the intended use, we are informing you through this notice.

We never use your PI for advertising, marketing or insurance purposes without your consent.

You reserve the right to restrict, refuse or withdraw consent at any time, where there’s no lawful basis for processing your PI without your consent. We’ll fully explain the possible consequences to you, which may affect the care or service you receive from us.

Retention and disposal of personal information

Your personal information (PI) may be written down or held electronically centrally in or outside of our Trust. These may be paper records, scans, photographs, slides, CCTV images, microform (i.e. fiche/film), audio, video, emails, records on IT systems, or scanned documents etc. which we process securely in accordance with data protection legislation.

In addition, all NHS staff, including volunteers, and third party organisations (suppliers, service providers and data processors) are bound by a legal duty of confidentiality in their professional code of practice and/or under contractual obligations.

We follow national guidelines in the current national retention and disposal schedule for the Records Management Code of Practice for Health and Social Care 2016, to determine how long we must store your PI and when or if to dispose of it securely.

Keeping your personal information safe

We’re committed to keeping your information secure and have operational policies, procedures and measures in place to protect your information whether in hardcopy, digital or electronic format.

We’re registered to the Information Commissioner’s Office: registration number Z8284051

All of the information systems we use have robust security safeguards to protect your personal information (PI). These are influenced by a number of sources including the 10 National Data Guardian Standards and guidelines produced by NHS Digital and other government standards.

Mandatory training and regular audits are in place to ensure only those absolutely necessary can use your PI. We have also implemented best practice and information security controls to reduce the risk of unauthorised access. If any of your PI is to be processed overseas, a full risk assessment would be undertaken to ensure its security.  

Data protection breaches are reported and investigated and appropriate action, such as disciplinary, legal, lessons learned, re-training, undertaken.

You can contact our Data Protection Officer to find more about how we keep your information safe.

Sharing personal information

We may need to share your personal information (PI) with other organisations, including NHS and public bodies, or third party providers commissioned to process PI on our behalf, when anonymisation is not viable.

This is due to our duty to share which is as important as our duty of confidentiality. We may also share your PI for planning services across the NHS. This is vital to delivering better healthcare and improving our services.

New models of services are being implemented across the NHS, including closer working with GPs and other health and social care providers, facilitated by the use of electronic patient record systems to share your PI. As a university hospitals Trust, teaching may not be effective or possible without sharing your PI.  

You have the right to opt-out of or restrict this sharing.  Your right to opt-out for reasons other than direct care (e.g. planning and research purposes) is managed through the National Data Opt-Out Programme (contact NHS Digital on 0300 303 5678 to find out more).

When we’re required by law to report certain PI to the appropriate authorities, formal permission has to be given by our Caldicott Guardian (Associate Medical Director for Standards), Data Protection Officer (Head of Information Governance) and Senior Information Risk Owner (Director of Information Management and technology). They act as the 'conscience' of our Trust and actively support information sharing where it is appropriate to, and advise on options for lawful and ethical disclosure of PI.

Your Pi will only be shared if there is a lawful basis to do so and under contractual agreements (for third parties), with strict conditions to keep it confidential and secure in the same way we must comply with our legal obligation to you. We have a legal process in place known as a Data Protection or Privacy Impact Assessment which is required when a new or change to an existing process, product, project, system or service is proposed, which will use or access your PI. An information sharing agreement is also drawn up to ensure information is shared in a way that complies with relevant legislation.

However, your right to confidentiality is not absolute which means that we will not require your consent to share your PI if:

  • There is a concern that you are putting yourself at risk of serious harm
  • There is concern that you are putting another person at risk of serious harm
  • There is concern that you are putting a child at risk of harm
  • We have been instructed to do so by a court
  • The information is essential for the investigation of a serious crime
  • You are subject to the Mental Health Act (1983), there are circumstances in which your nearest relative must receive information even if you object
  • Your information falls within a category that needs to be notified for public health or other legal reasons, such as certain infectious diseases.

Find more about what personal information we share by contacting our Data Protection Officer.   

Your information rights

You have the right to:

  • Be informed about the processing of your personal information (PI) by us (through this notice)
  • Access the information we hold about you
  • Ask us to correct or complete your PI
  • Ask us to erase your PI under certain circumstances, if we do not have a lawful basis to process it
  • Ask us to restrict the processing of your PI under certain circumstances
  • Ask us to move, copy and transfer your PI which you have provided to us, securely, for your own purpose
  • Ask us not to process your PI
  • Ask us not to use your PI for public interests, direct marketing, automated decision-making, profiling, research or statistical purposes
  • Receive a response to your access or change request within a calendar month (we may extend the time limit to two calendar months if your request is complex or where a number of requests have been received from you. However, we will acknowledge your request within one calendar month and explain if/why an extensive is required.)

Your rights are not absolute; we may refuse to comply with your request under certain circumstances permitted by law. For example, where your PI: 

  • Was provided by someone else who hasn’t given permission for you to see it
  • Relates to criminal offences
  • Is being used to detect or prevent crime
  • Could cause physical or mental harm to you or someone else.

You can find out more about accessing your PI by contacting our subject access requests team.

You can send us a subject access request by completing this form and emailing it to bhrccgs.accesstohealthrequest@nhs.net, or by writing to us:

Subject Access team
Health Records
1st Floor Blue Zone, Queen’s Hospital
Romford
Essex
RM7 0AG

Guidance on completing the form can be found here

Report a complaint or concern

We try to meet the highest standards when processing personal information, so we want you to let us know when we get something wrong. Contact our Complaints Department or Data Protection Officer, or you can write to us:

Complaints Department                                               Information Governance Department
1st Floor Neutral Zone, Queen’s Hospital                   Queen’s Hospital Stores
Romford                                                                       4 Lyon Road, off South Street
Essex                                                                           Romford
RM7 0AG                                                                     Essex                                                                                                                                                   RM1 2BA

You may prefer to contact the Information Commissioner’s Office (ICO):

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
www.ico.gov.uk

0303 123 1113

The ICO will not normally consider an appeal until you have exhausted your rights of redress and complaint with us.