Your information and health records

Everyone working for the NHS has a duty to keep your information confidential and secure. Staff and contractors are required to respect their duty of confidentiality to you as part of their professional codes of conduct and by their contracts of employment. We keep paper and electronic records securely to prevent unauthorised access or misuse.

We are registered under the Data Protection Act 2018 and the General Data Protection Regulation and we are committed to protecting your privacy and to abide by statutory and good practice guidance regarding maintaining confidentiality and appropriate information security.  To ensure each new regular use of information is legal, we undertake a Data Protection Impact Assessment (DPIA), which is a risk assessment recommended by the Information Commissioner’s Office (ICO),  the regulator of the Data Protection Act 2018 and the General Data Protection Regulation 25th May 2018. These DPIA risk assessments are processed by the Trust’s Information Governance Team.

Sharing information is strictly governed to protect your privacy rights in accordance with legislation and best practice. However from time to time there may be a need to share some, or all, of your information with other health care professionals, NHS organisations or other qualified health care providers so that we can work together to obtain the best possible care or treatment.

The Trust has an appointed Data Protection Officer who can be contacted for advice on information privacy matters. They can be contacted on:

• Telephone: 01529 222205
• Email: dataprotectionofficer@lpft.nhs.uk

• By law, everyone working for or on behalf of the NHS or other qualified health care providers must respect your confidentiality and keep your information secure.
• We reassure you that the computer systems we use are subject to strict access controls and only staff who are involved in your care will have access to your records.
• We will always obtain your consent before sharing your information with other health professionals unless exempted by law.
• When we do share your information we will always endeavour to use the most secure method available where possible

Health Records are used to assist with:

• Looking after the health of the general public – e.g. notifying central NHS groups of outbreaks of infectious diseases
• Reporting events to the appropriate authorities when we are required to do so by law  – e.g. notification of births
• Paying your GP or hospital for the care you have received
• The audit of NHS accounts and clinical audit of the quality of services provided
• Reporting and investigation of complaints, claims and untoward incidents
• Service planning to ensure we meet the needs of our population in the future
• Preparing statistics on our performance for the Department of Health
• Reviewing our care to ensure that it is of the  highest standard
• Teaching and training health care professionals
• Conducting health research and development
• Lincolnshire Partnership NHS Foundation Trust is a research-active Trust involved in developing future treatments and care. You might be asked to take part in a research study. If you are, the researcher will explain the study in detail to you, including why it is necessary and what it will involve. If you decide that you would like to be involved, you will be asked to sign a consent form.  If you do not want to take part, this will not affect your treatment in any way.

The National Data Guardian, Dame Fiona Caldicott, recommended a new opt-out model for data sharing in her Review of data security, consent and opt-outs in 2016. The aim is to allow patients to make an informed decision about how their personal data will be used. It is part of a vision to improve patients’ trust and confidence in how data is looked after by the health and social care system. The National Opt-out ties in with other work on data security and making sure data is only used for the benefit of people’s health and care.

NHS Digital are introducing a new tool that people can use to opt out of their confidential patient information being used for reasons other than their individual care and treatment. It will be secure and accessible, and will be available from 25 May 2018.

Patients and the public who decide they do not want their personally identifiable data used for planning and research purposes will be able to:

• Set their national data opt-out choice online, or
• There will be a non-digital alternative for patients and the public who can’t or don’t want to use an online system.
• Individuals can change their mind anytime.
• Where patients have already registered with their GP, to prevent their identifiable data leaving NHS Digital, this will be converted to the new national data opt-out.

The national data opt-out will be introduced alongside the new data protection legislation. and all health and care organisations will be required to uphold patient and public choices by March 2020.

For further details please go to: https://digital.nhs.uk/services/national-data-opt-out-programme

From time to time auditors will come to our Trust to quality check the information we hold. Under the Local Audit and Accountability Act 2014 those auditors have the authority to access personal information without the permission of our patients.

Any information recorded by the auditors will be referenced by an identification number instead of the name of a patient and will not be kept for longer than necessary as per Data Protection requirements under the General Data Protection Regulation.

The Data Protection Act 2018 entitles you to access your health records. If you would like copies of your records they will be provided free of charge. 

We have 30 days from when we receive your completed request and confirmation of identification to process and respond. 

There are a number of ways you can request access to your records, these include:

• Send us a letter or email - please include your personal details i.e. name, date of birth and address, alongside what specific information you would like us to provide. 
• Alternatively, you can complete an application form (available below): 
  • Applying for health records 
  • Applying for personal records

We will also need proof of your identity, such as a photocopy of your passport, driving licence, birth certificate and a utility bill to confirm your address.

If you require any help completing a request or the application form, please call the access to records department:

• Telephone: 01529 222327 (office hours 9am and 5pm, Monday – Friday)
• Email: records@lpft.nhs.uk

Completed forms or letters should be returned to:

• Information charter
• How we use and share your information to help you leaflet
• Records retention schedule - included in  8a Records Lifecycle Management Policy