Home Page

The Trust holds information about you in accordance with the General Data Protection Regulation and the Data Protection Act 2018.

Everyone working for the Trust must comply with the Common Law Duty of Confidence. Information you provide to the Trust in confidence will only be used for the purposes explained to you, unless there are other circumstances covered by the law.

The Trust complies with the NHS Confidentiality Code of Conduct. All our staff are required to protect your information, inform you how your information will be used, and allow you to decide if and how your information can be shared.

All our staff receive training in data protection, information security and confidentiality. All staff and any third parties working for the Trust have to follow our policies and procedures

We share your personal information with other NHS organisations. For example, we may share your information for healthcare purposes with health authorities, other NHS trusts, general practitioners (GPs), ambulance services and primary care agencies.

We may need to share information from your health records with other non-NHS organisations from which you are also receiving care, such as social services.

These non-NHS organisations may include, but are not restricted to:

• Social services
• Education services
• Local authorities
• The police
• Voluntary sector providers
• Private sector providers

We may also be asked by other statutory bodies to share basic information about you, such as your name and address, but not sensitive information from your health records. This would normally be to assist them to carry out their statutory duties. In these circumstances, we are informing you through this notice, which is referred to as a Privacy Notice, under the Data Protection Act.

Hertfordshire Community NHS Trust is part of My Care Record, an approach to improving care by joining up health and care information. Health and care professionals from other services will be able to view information from the records we hold about you when it is needed for your care. Please see www.mycarerecord.org.uk for more information.

We may need to disclose information about you if the public interest is thought to be greater than your right to confidentiality. Examples of this include: where a serious crime has been committed, if there are risks to the public or our staff, for safeguarding and the protection of vulnerable children or adults, where we have to comply with a Court Order.

The Trust is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.

Your information will also help us manage the NHS and protect the health of the public by being used to:

• Deliver you the most suitable care and treatment
• Contact you with appointment reminders (this may include text messages)
• Review the care we provide to ensure it is of the highest standard and quality, e.g. through audit or service improvement
• Investigate complaints, legal claims and incidents
• Ensure the hospital receives payment for the care you receive
• Prepare statistics on NHS performance
• Audit NHS accounts and services
• Undertake health research and development (with your consent – you may choose whether or not to be involved)
• Train and educate healthcare professionals
• Report events to the appropriate authorities where the law requires us to

With your consent, we may use your details to contact you with regards to patient satisfaction surveys relating to services you have used within our Trust. This is to improve the way we deliver healthcare to you and other patients.

Your information rights

You have a right to:

• Obtain copies of the information we hold about you
• View the information we hold about you
• Ask us to correct the information we hold about you if it is inaccurate or incomplete.
• A right to ask us not to share information

If you wish access to your records email Access to Medical Records for more information.

Your right to object

At any time you have the right to object to how we use your information. The possible consequences will be fully explained to you and could include delays in receiving care. If you wish to opt out of sharing your information with a third party the Trust will ask you to sign a form to confirm your understanding. This will be uploaded to our Clinical system (SystmOne) so all staff who have a legitimate access to your record are informed.

Who to contact

To learn more about how we use your information, please speak to the health professionals concerned with your care, or contact the Patient Advice and Liaison Service (PALS) department (see link below).

If you require more detailed information, have a concern regarding the way the Trust uses your information of if you feel your confidentiality has been breached please contact:

The Data Protection Officer (Head of Information Governance)
Hertfordshire Community NHS Trust
Howard Court
14 Tewin Road
Welwyn Garden City
Hertfordshire
AL7 1BW

Email: hct.atr@nhs.net (for the attention of the DPO)

Phone: 01707 388 000

If you feel that we are not processing your information lawfully you have the right to complain to:

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow SK9 5AF

Phone: 0303 123 1113 www.ico.org.uk

In England, Northern Ireland and Wales (and in most cases Scotland), a child is recognised as someone who has not yet reached their 18th birthday.

Where you have parental responsibility for a child in UK law or are a significant adult in a child’s life, the following informs you as to how we process your information.

HCT consider a significant person in a child’s life to be; an adult who legally possesses parental responsibility for a child; and or an adult who lives with the child and / or an adult who has regular caring responsibilities for the child.

We are required to ensure that we obtain information for any individual who is significant in any child’s life and their upbringing in order to inform our assessment of the Guiding Principles for the Care and Support of Children (Children Act, 2004) in meeting the needs and promoting the welfare of the child.

In order to do this, we will ask any person who has parental responsibility for a child for the details of any significant individual(s) in the child’s life.

We will process this information by registering and linking the individual to the child’s record. We will review any relevant information found on the record and where clarity is required, the individual will be contacted directly. Further details about how we process information and the parties we share this with can be found above.

We will share any relevant information about a child to a resident parent, who has legal parental responsibility for the child. If you require us to send the same information to individuals with parental responsibility, please request this directly from the health professional concerned.