Need to talk?
Service User Privacy Notice
What is our legal basis for processing your personal information?
Processing of patient information comes under Public Task in connection with your health care is necessary for the purposes of health and social care.
Why do we collect personal information?
The staff caring for you need to collect and maintain information about your health and treatment so that you can be given the best possible care. This personal information can be held in a variety of formats, including paper records, electronically on computer systems.
How do we store and share information of people we support
We use SystmOne, an electronic patient records system to store clinical information on the people supported by our services.
Hospice staff: Access is granted to those responsible for care, this includes health care professionals, doctors, chaplaincy, administrative roles and management.
Under direct care your health care records may be shared with other healthcare organisations
However, we will not disclose any health information to third parties without your explicit consent unless there are circumstances, such as when the health or safety of others is at risk or where current legislation permits or requires it.
What types of information are collected
All information we collect will be necessary to delivering care to people, information such as:
Full name, address, date of birth, services used, healthcare services, gender identity, ethicnicty number, email address, government services and location data.
Some of the above information is classed as Special Category Data. Special category data is personal data which the GDPR says is more sensitive, and so needs more protection.
We would process special category data in accordance with GDPR law Article 9 (2) (h):
“Processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3;.”
Visiting the Hospice’s premises
The Hospice uses CCTV systems for the legitimate purposes of security and for the vital interests of employees and people in our care.
Recorded images are accessed by written request to the Hospice and deleted every 30 days, however in periods of increased activity, we increase the retention period to three months.
Data is only shared with the police and insurance companies in specific circumstances.
In general, the Hospice’s reception team use paper record systems to log calls, records of visitors, staff and volunteers present in the building with information being retained only for its purposes. Paper records are shredded when they’re no longer needed.
We process the information in relation to keeping people on the premises safe.
National Data Opt-Out
The national data opt-out was introduced on 25 May 2018, enabling patients to opt out from the use of their data for research or planning purposes, in line with the recommendations of the National Data Guardian in her Review of Data Security, Consent and Opt-Outs.
Patients can view or change their national data opt-out choice at any time by using the online service at www.nhs.uk/your-nhs-data-matters or by calling 0300 3035678.
By 2020 all health and care organisations are required to be compliant with the national data opt-out policy. NHS Digital and Public Health England are already compliant and are applying national data opt-outs.