Privacy Notices

Privacy Notice

How do we collect and store your information and why

The Kent and Medway NHS and Social Care Partnership Trust (KMPT) are committed to protecting your privacy. This statement explains how we collect and use the personal information we collect about you, and the rights and choices you have in relation to the information.

1. Who are we?

KMPT provides a number of different mental health services to people living in Kent and Medway. Our services are more specialised than services provided by general practitioners. Most of our mental health services are provided through:

  • community based teams
  • outpatient clinics
  • inpatient units

Community services and inpatient/outpatient units are generally split into services for working age adults and services for older adults over local areas. In addition to our community and inpatient/outpatient services, we also provide a number of specialist services across the county including mental health services for people with learning disabilities.

We currently work as a partnership organisation for mental health services, our partners include:

  • Clinical Commissioning Groups (CCGs)
  • Commissioning Support Units
  • General Practitioners (GPs)
  • Ambulance Services
  • Acute Hospital Trusts
  • Mental Health Social Services
  • Local Authorities

Our trust is registered with the Information Commissioner’s Office (ICO) to process personal and special categories of information under the Data Protection Act 2018 and our registration number is Z9417133.

2. Data Protection Legislation

In carrying out our day to day activities we process and store personal information relating to who you are. We are therefore required to adhere to the requirements of the General Data Protection Regulations, and the Data Protection Act 2018. We take our responsibilities under this legislation very seriously and we ensure the personal information we obtain is held, used, transferred and otherwise processed in accordance with that legislation and all other applicable data protection laws and regulations.

3. What personal information do we collect?

Personal information, is information which can be used to identify you. This will include, who you are, where you live, what you do, your family, possibly your friends, your employers, your habits, your problems and diagnoses, the reasons you seek help, your appointments, where you are seen and when you are seen, who by, referrals to and from specialists and other healthcare providers, tests carried out both here and in other places, investigations and scans, treatments and outcomes of treatments, your treatment history, the observations and opinions of other healthcare workers, within and without the NHS as well as comments and aide memoires reasonably made by healthcare professionals in this organisation who are appropriately involved in your health care.

4. Why do we collect and how are we using your information?

We may collect your information for a number of reasons, however when we collect the information we will discuss with you the specific reasons why. Reasons for collecting your information will include:

  • to provide Healthcare Services
  • to keep Accounts and Records relating to our activities
  • to take part in appropriate research within the Health Sector
  • to provide educating and training to our staff to ensure good quality services
  • to enable us to audit our services and prepare statistics on NHS performance
  • to assist in reviewing the care provided and ensuring services meet the needs of the users

We may supplement or add to the information we hold about you with information that is available through, or we receive from, other sources e.g. third party organisations such as local authorities and charities.

These records help us to deliver our services and manage our activities. They may be written down (manual/paper records), held on a computer in electronic form or as part of an information system.

5. Information Sharing and Disclosure

We work as a partnership organisation for mental health services and may need to share some clinical information with other groups of professionals involved in the provision of care. Please be reassured, we will only use or pass on information where there is a genuine need for it.

Your treatment and care may involve a team, which includes doctors, nurses, therapists, some administrative staff and other health and social care professionals, including your GP. Information about you may be shared to assist those who have an interest in your care or treatment. Your information will only be passed on to those who have a need-to-know and be shared in a secure manner.

Your information may also be shared, subject to strict agreements describing how it will be used with:

  • social services
  • local authorities
  • voluntary sector providers
  • private sector providers

We will not disclose your information to any other organisation without your permission unless there are exceptional circumstances, such as when the health or safety of yourself or others is at risk or where the law requires it to be passed on.

We are required by law to report certain information to the appropriate authorities and occasions when this is the case include:

  • where we encounter infectious diseases which may endanger the safety of others such as meningitis or measles (but not HIV/ AIDS)
  • Where a formal court order has been issued
  • Where disclosure is necessary to protect either yourself or someone else from harm

Whatever the reason for sharing information, we will ensure it is done so securely and lawfully.

People who have access to your information will only normally have access to that which they need to fulfil their roles, for instance admin staff will normally only have a limited access to your information, whilst your clinical treating team will be able to access the full record. All access to your information is logged within the system and is auditable.

You have the right to object to our sharing your data in these circumstances but we have an overriding responsibility to do what is in your best interests.

6. The accuracy of your information

We have a duty to ensure your information is accurate and kept up-to-date. To do this, we undertake regular checks on the quality of the data we hold and will ask you at regular intervals to confirm your basic information, such as name, address, date of birth, ethnicity etc. is right.

We may also take part in Information Quality Assurance Assessments with our partner organisations to ensure we deliver improvements in the quality of information we record about you.

7. Storing your information

Although most of the information we store and process stays within the UK, some information may be transferred to countries outside the European Economic Area. This may occur if, for example, one of our trusted partner’s servers are located in a country outside the EU. These countries may not have similar data protection laws to the UK however, we are required to take steps to ensure your privacy continues to be protected as outlined in this notice.

We will keep your information for as long as required to enable us to operate our services but we will not keep your information for any longer than is necessary. We will take into consideration our legal obligations when determining how long we should retain your information. When we no longer need to retain your information we will ensure it is securely disposed of, at the appropriate time.

8. Your rights

You have the right to:

  • request a copy of the information we hold about you;
  • update or amend the information we hold about you if it is wrong;
  • change your communication preferences at any time;
  • ask us to remove your personal information from our records;
  • object to the processing of your information for marketing purposes; or
  • raise a concern or complaint about the way in which your information is being used.

If you wish to find out more about these rights, or obtain a copy of the information we hold about you, please contact our Information Governance Department at:

Information Governance Department
St Michaels House
St Michaels Road
Sittingbourne
Kent
ME10 3DW

KMPT.ig@nhs.net

tel: 01795 514525

9. Privacy queries

If you have any questions or queries about this Privacy and Data Protection Statement, please contact our Data Protection Officer using the details below.

Head of Information Governance
 
Information Governance Department
St Michaels House
St Michaels Road
Sittingbourne
Kent
ME10 3DW

KMPT.ig@nhs.net

Tel: 01795 514525

10. Information Commissioners Office

The Information Commissioner’s Office (ICO) is the body that regulates the trust under Data Protection and Freedom of Information legislation: https://ico.org.uk/. If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the ICO at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number
Fax: 01625 524 510

Email: casework@ico.org.uk

11. Detailed privacy notices

Please find links below to our individual privacy notices which will provide you with further advice on how your information is collected and stored.

Privacy notice - Direct Care
Privacy notice - Emergency Care
Privacy notice - Care Quality Commission
Privacy notice - NHS Digital
Privacy notice - Safeguarding
Privacy notice - CCTV and Body CamerasPrivacy Notice - Clinical Commissioning Groups
Privacy notice - Enforcement agencies
Privacy notice - Ombudsman
Privacy notice - Solicitors and insurance companies
Privacy notice - Research
Privacy notice - Governing bodies