Confidentiality of patient information


In healthcare, we know that patients provide us with personal and sensitive information in order to help us to care for them.

Clinical staff already have a professional duty of confidentiality as part of their role, but the safe and legal management of information applies to all staff who come into contact with information about you as part of their work. If information is given to someone who should not have access to it, this can be a breach of your confidentiality and may be unlawful.

Information Governance
Information Governance is the process by which we ensure that we take steps to keep your information safe, secure but accessible to those who need it to deliver care to you. It consists of a framework of policies and procedures that have been agreed by NCH&C and applies to the different types of information formats in which this may be held including, paper, electronic or other sources like CDs or video tapes. These have been developed in line with national guidance and expected good practice to make sure we keep your information secure.

It includes monitoring processes to make sure that when information is requested about you, these requests are managed according to legal guidelines. It also includes having plans in place to manage any situation where the format in which the information is held may be compromised. This includes systems to prevent unauthorised access to electronic and paper records and systems to recover data, wherever possible, in the event of a computer failure.

To support this, we have an active training programme in place for our staff so that they understand what we mean by confidential information and how they are expected to keep your information safe and secure. It supports them to help you to understand what information we hold about you and why; the reasons why this may need to be shared with others as part of your care and the process to do so.

Access  to Your Health Records

Access to your health records

Under the Data Protection Act you have a right to access your health records. This can be done through the Access to Health Records Officer, who can be contacted on 01603 785876.

Caldicott Guardian

Caldicott Guardian

Every NHS Organisation has a Caldicott Guardian, who is a senior member of the Trust Board. They make sure that we only use any personal, identifiable information held about you in an appropriate way.

Senior Information Risk Owner (SIRO)

Senior Information Risk Owner

The Trust SIRO is a member of the Board who is responsible for ensuring that the process for identification and management of information risks and threats are in place and working.

Data Protection Officer (DPO)

Data protection officer

The DPO ensures that the management and disclosure of information meets the requirements of the Data Protection Act. These include ensuring that any information processing is lawful, secure and up to date. To read the Trust's Fair Processing Notice, please click here.

Share this page