NHS Digital is developing a new system to support the national data opt-out which will give patients more control over how identifiable health and care information is used. The system will offer patients and the public the opportunity to make an informed choice about whether they wish their personally identifiable data to be used just for their individual care and treatment or also used for research and planning purposes. To find out more click here or use the NHS app.
Any personal information we hold about you is processed in carrying out the public task of providing healthcare and for the purposes of “…provision of health or social care of treatment or the management of health or social care systems and services…” in accordance with the EU and UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
We keep records about your health and any treatment and care you receive. This helps us ensure you get the best treatment and management of your healthcare. The records may be written down, or held on a computer.
Our main electronic system for recording your care and treatment is CareNotes, but other systems may be used depending on the service you are receiving.
Records held will include both personal information and 'special category' information, which is how the law defines more sensitive information about your healthcare.
We are likely to hold:
Sensitive personal information we may hold will include:
We use the records to help plan and guide your care. They help to ensure:
Your information may also be used to help:
Information used for statistical purposes is anonymous. We take stringent measures to ensure individuals cannot be identified. Where information is used for purposes such as service improvement we will anonymise or pseudonymise your personal information wherever possible to protect your confidentiality unless there is a legal basis that permits or requires us to use it. We will only use or share the minimum information necessary.
We work in close partnership with a number of organisations in order to provide the best support and care possible.
We may need to share relevent personal information with other NHS organisations and other non-NHS organisations contracted to provide health or social care services in order to support your healthcare needs. For example we may share information with NHS England, General Practitioners (GPs), ambulance or transport services or private care homes or social care providers. We are required by law to share information with other bodies such as with the Care Quality Commission for inspection purposes.
There may be occasions when we are required by law or a specific court order to share information. This includes exceptional circumstances where we may be required to share information to the police for the purposes of prevention, investigation and detection of crime or with appropriate authorities where there is an overriding public interest to prevent abuse or serious harm to you or to others. Where there is cause to do this the Trust will always do its best to notify you of sharing information and share only the minimum information required for the purpose.
We work closely with other organisations to support the health and safety of people who use our services and members of the public. We also support initiatives and studies to better understand healthcare demands in Devon by working in collaboration with these organisations. In the Resources section to the right you will find a list of partners with which we have agreements. We only share information if there is a legal basis to do so or when the information is anonymised so individuals cannot be identified. All agreements are subject to checks and appropriate sign-off by Devon Partnership NHS Trust.
We will hold your information in confidence and it will only be used for the purposes explained to you. We will only share information where current legislation permits or requires it and will ensure so far as we are able to that any information will be shared securely and held securely and will ensure so far as possible that any such third party will hold information in accordance with current legislation and protect your confidentiality.
For more information on sharing information with NHS England in relation to Flu and COVID-19 please click here.
Devon Partnership NHS Trust takes all necessary measures to protect your information. Data security measures are in place for all the Trust’s existing services and at the heart of all new initiatives going forward. Our processes are robust and we will continue to improve and maintain our security to protect the information of the people who use our services and staff and keep up with evolving information standards.
Everyone working for the NHS has a legal duty to keep sensitive information secure and confidential. This extends to any suppliers working with Devon Partnership Trust who may come into contact with our information. Before engaging with any supplier, they must demonstrate the same high standard of security expected for our organisation before engaging in any services. Devon Partnership on process information in relation to our users of trust service’s within the UK.
We will also from time to time ask you to confirm the information about you is up-to-date.
The information we secure is generated from:
All of Devon Partnership NHS Trust records are maintained and destroyed in accordance with the NHS Retention Schedule. The schedule sets out the appropriate length of time the type of record is retained for. We do not keep records for any longer than is necessary.
Once the retention period is met, or the Trust has decided the record is no longer required, it is confidentially shredded and destroyed.