Filter file results:
LPFT asks for personal information so we can make sure you are receiving the best care, information, advice, treatment and support that is right for you. To do this effectively, efficiently and safely, we must keep records about you, your health, and the care we have provided or plan to provide to you.
These records may include information such as:
It is important that we hold accurate information about you and we rely upon you to inform us of any changes. The information about you and the services you receive will be recorded on our computer system. We scan paper letters and reports into this system so everything is in the same place.
The computer systems we use are secure and comply with Data Protection requirements and NHS standards of security. Your information cannot be accessed from outside our organisation without appropriate permissions.
As partnership working strengthens between such agencies to ensure best care, information about individuals and whole communities is increasingly being shared across disciplines and organisations.
This means that some of our records are held jointly with other statutory agencies, and other Health and Care agencies that may also be involved in your care such as Lincolnshire County Council and United Lincolnshire Hospitals NHS Trust; however this will be discussed with you by your healthcare team.
The Trust has to provide a legal basis for the processing of your information. The Trust is part of the NHS which has a public duty to care for its patients. Under the Data Protection Act the Trust may process information which is appropriate to provide the health and social care treatment to patients, as well as the management of health and social care systems and services.
If we need to use your personal information for any reason beyond those stated above, we will discuss this with you. You have the right to ask us to not use your information in this way, however there might be times when we will still have to share your information; if this is the case we will discuss this with you.
Under the terms of the General Data Protection Regulations, we are required to notify you of the legal basis for processing the data we handle. The legal basis for processing your information will vary, depending on the purpose for which we will use it. The following table sets out the different legal basis for each purpose.
GDPR Article 9(2)(h) – medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems.
GDPR Article 6(1)(c) – compliance with a legal obligation (the GP practice).
GDPR Article 6(1)(f) – legitimate interests…except where such interests are overridden by the interest or fundamental rights and freedoms of the data subject.
GDPR Article 6(1)(e) – the performance of a task carried out in the public interest.
Schedule 1 Part 2 of the Data Protection Act 2018, provides the basis in UK law for the processing of criminal offence data that is gathered by the Trust for healthcare management purposes.
To manage our contractual obligations for the services we have been commissioned to deliver:
• Ensure that money is used properly to pay for the services it provides
• Investigate complaints, legal claims or important incidents
• Make sure that services offered give value for money
• Make sure services are planned to meet patients’ needs in the future
• Review the care given to make sure it is of the highest possible standard
• To improve the efficiency of healthcare services
Everyone working for the NHS has a duty to keep your information confidential and secure. Staff and contractors are required to respect their duty of confidentiality to you as part of their professional codes of conduct and by their contracts of employment. We keep paper and electronic records securely to prevent unauthorised access or misuse.
We are registered under the Data Protection Act 2018 and the General Data Protection Regulation and we are committed to protecting your privacy and to abide by statutory and good practice guidance regarding maintaining confidentiality and appropriate information security. To ensure each new regular use of information is legal, we undertake a Data Protection Impact Assessment (DPIA), which is a risk assessment recommended by the Information Commissioner’s Office (ICO), the regulator of the Data Protection Act 2018 and the General Data Protection Regulation 25th May 2018. These DPIA risk assessments are processed by the Trust’s Information Governance Team.
The NHS Care Record Guarantee sets out the rules that govern how patient information is used in the NHS and what controls patients can have over this. It covers:
Sharing information is strictly governed to protect your privacy rights in accordance with legislation and best practice. However from time to time there may be a need to share some, or all, of your information with other health care professionals, NHS organisations or other qualified health care providers so that we can work together to obtain the best possible care or treatment.
The Trust has an appointed Data Protection Officer who can be contacted for advice on information privacy matters. They can be contacted on:
Health Records are used to assist with:
Using your information for research
The NHS is a public authority. The NHS Constitution states that the NHS is required to conduct research. This is to improve the current and future health and care of the population. As an NHS organisation, we use personally-identifiable information to conduct research to improve health, care and services, we do this is accordance with HRA’s information and following approval by our research and development department.
As a publicly-funded organisation, we have to ensure that it is in the public interest when we use personally-identifiable information from people who have agreed to take part in a research. This means that when you agree to take part in a research study, we will use your data in the ways needed to conduct and analyse the research study. Your rights to access, change or move your information are limited, as we need to manage your information in specific ways in order for the research to be reliable and accurate. If you withdraw from the study, we will keep the information about you that we already have obtained. To safeguard your rights, we will use the minimum personally-identifiable information possible.
Health and care research should serve the public interest, which means that we have to demonstrate that our research serves the interests of society as a whole. We do this by following the UK Policy Framework for Health and Social Care Research.
Commissioning for Quality and Innovation (CQUIN)
To help improve the quality of services, better outcomes for patients and ensuring the right treatment is being provided to patients, the Department of Health & Social Care has mandated Trusts to achieve certain standards – Commissioning for Quality and Innovation (CQUIN). To achieve these standards the Trust will work with other NHS organisations to share information relating to patients to provide them with the best possible care e.g. frequent A&E attenders.
You will always be informed when the Trust identifies a need to share your information with another organisation to provide you with the best possible care.
Questionnaires and surveys
To help ensure the Trust is meeting the needs and satisfaction of the community it serves, it will commission companies to run questionnaires or surveys on the Trust’s behalf, only the minimum information will be securely shared with these companies and these companies are bound by strict confidentiality clauses.
Seeking feedback from patients and service users
Our trust uses the Friends and Family Test (FFT) to seek feedback on our services. We will send messages to all patients that have attended an appointment, or been discharged, asking them for their overall feedback on their experience of the service. We also ask if they would recommend the trust service to their friends and family. The aim is to improve services where necessary and will be used by the trust to make information available about its services including the percentage score of those people who would recommend them. These messages are not direct marketing because we are seeking feedback on how to improve our care and services that a patient has received.
We will share your information with other organisations, to assist with giving you the best care possible. Where we share your information with these organisations, they are subject to strict information sharing protocols/agreements. Anyone who receives information from the Trust has a legal duty to keep it confidential and secure. Only information that is required and appropriate to support your care and treatment will be provided.
Strengthening the relationship between Lincolnshire Partnership NHS Foundation Trust (LPFT) and Lincolnshire County Council (LCC) for the reinforcement of the partnership arrangements in place under Section 75 of the NHS Act 2006 that enable greater integration between health and social care. This facilitates the safe delivery of services that are tailored to support the emotional wellbeing and mental health of adults in Lincolnshire. Lincolnshire Partnership NHS Trust staff for S.75 services will directly input into the Council’s patient information system.
Where we share your information with other organisations that do not form part of your care, permission from yourself will be sort before sending the information unless we have a legal obligation to provide the information or we have to because the interest of the public is thought to be of greater importance.
There are occasions where we have a legal duty to pass patient information to external organisations which operate to oversee and address issues relating to the management of the NHS as a whole. These include:
Lincolnshire Care Portal
In Lincolnshire NHS and social care services are working more closely together to better co-ordinate the delivery of care to people supported by local commissioners.
The Lincolnshire Care Portal is a programme which allows people to give health and care workers their consent to access their medical and care records during their treatment.
The people caring for you need to access information about your health and care record to make the best decisions about your diagnosis and treatment. By way of example this could include GPs, hospital-based clinicians, nurses, health visitors and social care workers.
To enable this to happen more quickly and to improve the care you receive, a new process has been put in place. This will allow your information to be viewed by different health and care organisations, using existing computer systems.
This new process does not share your record with third party organisations, but provides health and care workers, with your consent, access to view your information.
Information will only be accessed by health and care workers that have a legitimate relationship with you and they will only access the data required to support your care.
More information on the Lincolnshire Care Portal can be found here: https://lincolnshire.nhs.uk/together/care-portal
National Records Locator
The National Record Locator provides a service to health and care organisations which allows them to make patient records available to those that need them for the delivery of care to patients. The service works by providing a registry of pointers which shows a user that a patient record exists and where it is held. This service allows those delivering care in health settings, such as an authorised clinician or care worker, to access a patient’s record in real time and at the point of need. NHS Digital provides the service as the means to enable NHS organisations to share information.
You have the right to be confident that the Trust handles your personal information responsibly and in line with good practice. If you have a concern about the way we have handled your information, please tell us immediately using the contact details below so that we may deal with your concern and work with you to resolve it.
For example, contact us if you have concerns that we:
In the first instance, please contact us. However you also have the right to lodge a complaint with the Information Commissioners Office if you believe the Trust has breached your rights or we have not investigated your concerns fully.. Contact details can be found by visiting: https://ico.org.uk/make-a-complaint
Call the helpline on 0303 123 1113 – (local rate – calls to this number cost the same as calls to 01 or 02 numbers).
Live chat – https://ico.org.uk/global/contact-us/live-chat/
Via their webform – https://ico.org.uk/global/contact-us/email/ or alternatively emailing directly to email@example.com
Or in writing to:
Information Commissioner’s Office
The National Data Guardian, Dame Fiona Caldicott, recommended a new opt-out model for data sharing in her Review of data security, consent and opt-outs in 2016. The aim is to allow patients to make an informed decision about how their personal data will be used. It is part of a vision to improve patients’ trust and confidence in how data is looked after by the health and social care system. The National Opt-out ties in with other work on data security and making sure data is only used for the benefit of people’s health and care.
NHS Digital introduced a new tool on 25 May 2018 that people can use to opt out of their confidential patient information being used for reasons other than their individual care and treatment.
Patients and the public who decide they do not want their personally identifiable data used for planning and research purposes will be able to:
Patients can view or change their national data opt out choice at any time by using the online service at www.nhs.uk/your-nhs-data-mattersor by clicking on "Your Health" in the NHS App, and selecting "Choose if data from your health records is shared for research and planning".
The national data opt-out was introduced and all health and care organisations will be required to uphold patient and public choices by 30 September 2021.
For further details please go to: https://digital.nhs.uk/services/national-data-opt-out-programme
The Data Protection Act 2018 entitles you to access your health records. If you would like copies of your records they will be provided free of charge.
We have 30 days from when we receive your completed request and confirmation of identification to process and respond.
There are a number of ways you can request access to your records, these include:
We will also need proof of your identity, such as a photocopy of your passport, driving licence, birth certificate and a utility bill to confirm your address.
If you require any help completing a request or the application form, please call the access to records department:
Completed forms or letters should be returned to:
Accessible Information Standard
Please tell us if you have any communication needs relating to a disability or sensory loss. You may require information in large print, audio, Braille, easy read, or in an alternative language. If you prefer to have your correspondence in an alternative format or emailed, our teams can arrange this for you. Please let a member of the team know at your next appointment. Your healthcare worker will note this on your record so everyone in your care team is aware of your requirements.
Updated August 2021
Telephone: 01529 222327
Data Protection Officer: firstname.lastname@example.org
Caldicott Guardian: email@example.com