Our core purpose is to work with people and lead communities in improving their mental and physical health and wellbeing for a better life; through delivering excellent and responsive prevention, diagnosis, early intervention, treatment and care.
We are committed to ensuring that the confidential information of the people we serve remains safe at all times. We have a strong track record: during 2017/18 we achieved a score of 98% through the NHS’s national IG (information governance) self-assessment toolkit. This keeps us at the forefront of trusts of our kind for the fourth consecutive year and maintained our overall rating of ‘satisfactory’, the highest possible rating.
When we work with your personal data, you can be assured that it will be within the legal remit of the GDPR (as enacted by the Data Protection Act 2018), the NHS common law duty of confidentiality and the Human Rights Act 1998.
This means that, when the Trust accesses your medical information, it will only do so with a valid legal reason. We may share the information but only in an appropriate way, and with a valid legal reason. In addition, sometimes the Trust may use data it holds about patients for other purposes. These include:
In all of these cases, the confidentiality of patients is protected by removing any identifiable information. These secondary uses of data are essential if we are to run a safe, efficient, and equitable health service.
The Trust recognises the need for data protection to be at the centre of our processing activities and business practices. The GDPR, as enacted by the Data Protection Act 2018 states that the Trust must:
The page on sharing data details the considerations we make when deciding whether and how the data is shared however this is only part of the data protection by design and default.
When new technologies are investigated, the protection of data is considered. When new ways of working are considered, the protection of data is considered. The default is anonymisation of data wherever possible, however the Trust also considers pseudonymisation and has a policy in place to pseudonymise the data if required.
In order for you to receive the best possible care from our Trust, we process information on all service users. In order to do so we must comply with the Data Protection Act 2018. The data held must only be used for specific purposes allowed by law. The Your information, Your rights leaflet is a brief guide to:
Alongside the ‘Your Information, Your Rights’ information leaflet, the Trust has a Data Protection Policy which also details how we process your personal data. You can view this policy by making a Freedom of Information request.
We value the role that families and carers play as partners in care. We want to support this role, and work with them. Sharing information is a key part of how we provide better, more effective services that are co-ordinated around the needs of the person. We encourage the sharing of information wherever possible, while respecting an individual’s right to confidentiality.
Information sharing is particularly important for those we are supporting through the Care Programme Approach. Learn more about this on our Core Care Standards page – see the ‘families and carers’ section.
In addition, we may share your data with third parties: other health care providers, or for research and planning purposes, for example. If you would like to know more, or if you are looking to share information with us, please visit our 'sharing data' page.
The Trust follows the standard NHS approved procedure for records management. You can learn more about these on the NHS England website.
Please click here for access to the Document Library
Please read our disclaimer and privacy statement on the ‘using this website’ page.