Confidentiality and GDPR

This is an updated piece of legislation that sets new standards for protecting information.

GDPR stands for General Data Protection Regulation. This new legislation will strengthen the protection of data and provide harmonisation of data protection across the EU and the UK, enforcing far more severe monetary penalties for non-compliance (up to four per cent turnover). GDPR also brings a new set of digital rights for all individuals.

Our commitment to your data privacy and confidentiality

Being honest and clear with patients and staff about how the trust uses personally identifiable information is an important part of the way we provide healthcare. Personal information is about you. We believe it is very important to protect your information in all that we do and use it in the way the law says we can. We take care to put in place controls to make sure your information is safe. We also do checks to make sure that our controls are working.

GDPR gives everyone in the UK more rights around controlling their personal information. It asks all organisations to be really clear with patients, customers, clients and staff about what we do with personal information.

Who is responsible for your data:

  • Data protection officer - Leanne McDougall, Head of Information Governance
  • Senior information risk owner - Sheila Stenson, Executive Director of Finance
  • Caldicott Guardian – Professor Catherine Kinane, Executive Medical Director
Privacy notice

A privacy notice is a statement that describes how an organisation collects, uses, retains and shares personal information. It will also tell you about the rights you have around your information. Our privacy notices can be viewed here.

Access to healthcare records

GDPR and the Data Protection Act 2018 give every living person or their authorised representative the right to apply for access to their healthcare record. For further information and an application form, please see our access to healthcare records page.

Freedom of Information

The Freedom of Information Act (FOIA 2000) gives members of the public the right to ask for information that is held by public sector organisations such as local councils and the NHS. Our publication scheme and contact details can be found on our FOI page.