Under Data Protection legislation people have the right to be informed about the way in which we use, share and store their personal information. The purpose of this privacy notice is to tell you what to expect when we collect personal information.
Devon Partnership NHSTrust is registered with the Information Commissioner’s Office as a Data Controller with registration number Z7558715.
Our Data Protection Officer can be contacted by email to email@example.com or by post addressed to “Data Protection Officer, Devon Partnership Trust, Trust Headquarters, Wonford House, Dryden Road, Exeter, EX2 5AF”
Your personal information as a user of our services
Any personal information we hold about you is processed in carrying out the public task of providing healthcare and for the purposes of “…provision of health or social care of treatment or the management of health or social care systems and services…” in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
We keep records about your health and any treatment and care you receive. This helps us ensure you get the best treatment and management of your healthcare. The records may be written down, or held on a computer
Our main electronic system for recording your care and treatment is CareNotes, but other systems may be used depending on the service you are receiving.
Records held will include both personal information and 'special category' information, which is how the law defines more sensitive information about your healthcare.
We are likely to hold:
Sensitive personal information we may hold will include:
We use the records to help plan and guide your care. They help to ensure:
Your information may also be used to help:
Information used for statistical purposes is anonymous. We take stringent measures to ensure individuals cannot be identified. Where information is used for purposes such as service improvement we will anonymise or pseudonymise your personal information wherever possible to protect your confidentiality unless there is a legal basis that permits or requires us to use it. We will only use or share the minimum information necessary.
We work in close partnership with a number of organisations in order to provide the best support and care possible.
We may need to share relevent personal information with other NHS organisations and other non-NHS organisations contracted to provide health or social care services in order to support your healthcare needs. For example we may share information with NHS England, General Practitioners (GPs), ambulance or transport services or private care homes or social care providers. We are required by law to share information with other bodies such as with the Care Quality Commission for inspection purposes.
There may be occasions when we are required by law or a specific court order to share information. This includes exceptional circumstances where we may be required to share information to the police for the purposes of prevention, investigation and detection of crime or with appropriate authorities where there is an overriding public interest to prevent abuse or serious harm to you or to others. Where there is cause to do this the Trust will always do its best to notify you of sharing information and share only the minimum information required for the purpose.
We will hold your information in confidence and it will only be used for the purposes explained to you. We will only share information where current legislation permits or requires it and will ensure so far as we are able to that any information will be shared securely and held securely and will ensure so far as possible that any such third party will hold information in accordance with current legislation and protect your confidentiality.
Devon Partnership NHS Trust takes all necessary measures to protect your information. Data security measures are in place for all the Trust’s existing services and at the heart of all new initiatives going forward. Our processes are robust and we will continue to improve and maintain our security to protect the information of the people who use our services and staff and keep up with evolving information standards.
Everyone working for the NHS has a legal duty to keep sensitive information secure and confidential. This extends to any suppliers working with Devon Partnership Trust who may come into contact with our information. Any supplier must demonstrate the same high standard of security expected from the NHS before engaging in any services.
We will also from time to time ask you to confirm the information about you is up-to-date.
The information we secure is generated from:
All of Devon Partnership NHS Trust records are maintained and destroyed in accordance with the NHS Retention Schedule. The schedule sets out the appropriate length of time the type of record is retained for. We do not keep records for any longer than is necessary.
Once the retention period is met, or the Trust has decided the record is no longer required, it is confidentially shredded and destroyed.
Privacy notice for the website
Links within this site to other websites are not covered by this privacy notice.
The Trust does not store or collect any personal information about site users (with the exeception of information submited via the Online self-referral form mentioned below). The system will record your email address and other information if volunteered to us by you. This information shall be treated as confidential. It may only be used for internal review and to contact you regarding any feedback.
If you complete and submit the online self-referral form for our Depression and Anxiety Service your personal information is sent direct to the service. It is not stored on any of the web servers and is only used for the intended purpose of self-referring to the service.
You can send us your feedback, comment on policies, strategies or other issues relating to the Trust by contacting us. If you send an e-mail or contact us asking for information, we may need to contact other NHS departments or external organisations to find that information. If your question is technical, we may need to pass it to our IT Department.
Cookies are pieces of data created when you visit a website. The cookies our website uses are "session cookies", which means that your "preferences" are stored temporarily while you move around the site. You can set your computer not to accept cookies. However, if you do this, you may not be able to use some site features because we need to record your preferences in order to give you the information you need during your visit.
Session cookies are deleted when you leave the site. They do not contain any personal information about you, and do not hold any information about which sites you visited before the Trust's.
Log files allow us to record visitors' use of the site. They enable us to make changes to the layout of the site and to the information in it, based on the way that visitors move around it.
Log files do not contain any personal information or information about which other sites you have visited.
What happens when I move to another site?
We do not pass on any personal information you have given us to any other site.