Your personal information as a user of our services

Keeping information about you

Any personal information we hold about you is processed in carrying out the public task of providing healthcare and for the purposes of “…provision of health or social care of treatment or the management of health or social care systems and services…” in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

We keep records about your health and any treatment and care you receive. This helps us ensure you get the best treatment and management of your healthcare. The records may be written down, or held on a computer.

Our main electronic system for recording your care and treatment is CareNotes, but other systems may be used depending on the service you are receiving.

Records held will include both personal information and 'special category' information, which is how the law defines more sensitive information about your healthcare.

We are likely to hold:

  • Your personal details including, name, address, email address, date of birth, NHS number and next-of-kin contacts and details of your GP
  • We may also hold details of your marital status, occupation, overseas status, place of birth and preferred name or former name(s).

Sensitive personal information we may hold will include:

  • Details of contact we have had with you, such as clinic visits and appointments
  • Notes, correspondence and reports about your health and your treatment and care
  • Details of your medical conditions and diagnoses, results of investigations
  • Details of care and treatment received and any future care you may need
  •  Relevant information from other health or social care professionals, relatives or those who care for you and know you well
  • Other personal information such as smoking status and any disabilities including any learning disability
  • Your religion and ethnic origin
  • Whether or not you are, or have been, subject to any protection orders for example under the Mental Health Act or Court of Protection or are or have been the subject of any safeguarding procedures.

Using your records to help you and support your care

We use the records to help plan and guide your care.  They help to ensure:

  • All staff involved in your care have accurate and up to date information to assess and advise on the most appropriate care and support for you.
  • Staff have the information they need to be able to assess and improve the quality and type of care you receive
  • A single electronic care record enables your care team to work more effectively. Doctors, nurses and other health professionals working with you have accurate and up-to-date information
  • Appropriate information is available if you see another health professional, or are referred to a specialist or another part of the NHS, or other health or social care provider.
  • We can investigate your concerns, if you need to complain.
  • We can remind you about appointments and send you correspondence and information about your care.
  • Support the funding of your care for example with commissioning organisations.

Other ways in which we may use your information

Your information may also be used to help:

  • Look after the health of the general public and support health research and development
  • Review NHS accounts and services
  • Investigate complaints, legal claims and other incidents and report any such events when we are required to do so by law
  • Develop  and improve services  and the overall performance of the Trust
  • Prepare statistics on NHS performance to meet the needs of the population or for the Department of Health or other regulatory bodies
  • Review the care we provide by way of ensuring it is of the highest standard and quality
  • Teach and train health professionals
  • Review your suitability for research study or clinical trial so that we can tell you about health research opportunities you might be interested in
  • Work with other organisation such as universities, community safety units and research institutions.

Information used for statistical purposes is anonymous. We take stringent measures to ensure individuals cannot be identified. Where information is used for purposes such as service improvement we will anonymise or pseudonymise your personal information wherever possible to protect your confidentiality unless there is a legal basis that permits or requires us to use it.  We will only use or share the minimum information necessary.

How we share your data with third parties

We work in close partnership with a number of organisations in order to provide the best support and care possible.

We may need to share relevent personal information with other NHS organisations and other non-NHS organisations contracted to provide health or social care services in order to support your healthcare needs. For example we may share information with NHS England, General Practitioners (GPs), ambulance or transport services or private care homes or social care providers.  We are required by law to share information with other bodies such as with the Care Quality Commission for inspection purposes.

There may be occasions when we are required by law or a specific court order to share information.  This includes exceptional circumstances where we may be required to share information to the police for the purposes of prevention, investigation and detection of crime or with appropriate authorities where there is an overriding public interest to prevent abuse or serious harm to you or to others. Where there is cause to do this the Trust will always do its best to notify you of sharing information and share only the minimum information required for the purpose.

We will hold your information in confidence and it will only be used for the purposes explained to you.  We will only share information where current legislation permits or requires it and will ensure so far as we are able to that any information will be shared  securely and  held securely  and will ensure so far as possible that any such third party will hold information in accordance with current legislation and protect your confidentiality.

How we protect your personal data

Devon Partnership NHS Trust takes all necessary measures to protect your information. Data security measures are in place for all the Trust’s existing services and at the heart of all new initiatives going forward. Our processes are robust and we will continue to improve and maintain our security to protect the information of the people who use our services and staff and keep up with evolving information standards.

Everyone working for the NHS has a legal duty to keep sensitive information secure and confidential. This extends to any suppliers working with Devon Partnership Trust who may come into contact with our information.  Any supplier must demonstrate the same high standard of security expected from the NHS before engaging in any services.

We will also from time to time ask you to confirm the information about you is up-to-date.

The information we secure is generated from:

  • Visitors to our website
  • People who receive health and/or social care from the Trust
  • People who make a Subject Access Request
  • People who raise a concern or make a complaint
  • People who want to receive general information and contact from the Trust or make a Freedom of Information request
  • Job applicants and our current and former employees
  • People who email us or send a letter
  • Charity and membership involvement.

How long we keep your personal data

All of Devon Partnership NHS Trust records are maintained and destroyed in accordance with the NHS Retention Schedule. The schedule sets out the appropriate length of time the type of record is retained for. We do not keep records for any longer than is necessary.

Once the retention period is met, or the Trust has decided the record is no longer required, it is confidentially shredded and destroyed.

Accessibility