Skip to content

Coronavirus (COVID-19)

We have a number of temporary service changes in light of the Coronavirus pandemic. Temporary changes to our services.


We have a range of information and advice here: Coronavirus information.

Suffering anxiety, depression, low mood, stress?

We can help! Free, confidential NHS talking therapy service to help you. For more details visit Improving Access to Psychological Therapies.

Your Information – Your Rights

Potential Delays due to COVID-19

Your request for information may be delayed due to urgent operational responses to dealing with Public Health priorities. We apologise for any inconvenience this may cause, we do remain committed to responding to your request and will respond as soon as we are able. Should our response to your request breach the statutory timeframe and you remain unhappy with our response you have the right to complain to the Information Commissioners Office.

Further information and independent advice regarding the Data Protection Act 2018, incorporating the General Data protection Regulation 2016 is available from the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, ,Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number.

Your information

You have rights to do with information that is recorded and held about you. These rights are protected by the Data Protection Act 2018 (DPA) and General Data Protection Regulation 2016 (GDPR).

As a healthcare provider we may collect information regarding your contact with our services. This information about your physical and/or mental health is part of your health record.

Data Protection Act 2018 (DPA) and General Data Protection Regulation 2016 (GDPR)

Under the GDPR, we have a legal duty to protect any information we collect from you. We use leading technologies and encryption software to safeguard your data and keep strict security standards to prevent any unauthorised access to it. More detail about how we collect, process, transfer and store your data can be found in our privacy notices below.

Our Information Governance team have created this page to provide you with information as to why Rotherham Doncaster and South Humber NHS Foundation Trust collects information about you and how we will use this information; as well as how you are able to access your personal health record under a Subject Access Request.

See how this Trust has ensured compliance with the law and what we plan to do to ensure continuous compliance.

What are my rights in relation to my data?

Under the Data Protection Act 2018 and General Data Protection Regulation, you have specific rights in relation to your data; you can make these requests at any time. Your rights are as follows:

Right to be informed

Rotherham Doncaster & South Humber NHS Foundation Trust (RDaSH) has a duty to provide you with information in relation to how your personal and special category data (more sensitive personal data) is collected, stored and processed. This is provided within our privacy notice on this page.

Right of Access to Information/Subject Access

You can request a copy of the information RDaSH holds about you by following this link – Subject Access Request Application Form

This information is ordinarily available to you free of charge once you provide appropriate ID. However, there are certain circumstances whereby we can make a charge for this service. But only if the request is deemed ‘manifestly unfounded or excessively repetitive.’ We have 30 calendar days to respond to your request. In certain circumstances a response may not be able to be provided in such a time scale; however we will write to you and inform you of this as soon as possible. Please contact the Information Governance Team for further information by e-mailing

Right to rectification and erasure

You have the right to request the rectification of inaccurate personal data and the right to request the erasure of your personal data. However, the rights to rectification and erasure are not an absolute right and it may be necessary for RDaSH to continue to process your personal data for lawful and legitimate reasons. If you wish to make such a request, please contact

Right to object to, or restrict processing

You have the right in certain circumstances to ask RDaSH to stop processing your personal data. You can also request not to receive information from the Trust. However, the right to object to, or restrict processing is not an absolute right and it may be necessary in certain circumstances for RDaSH to continue to process your personal data for lawful and legitimate reasons.

If you wish to object to your information being processed, to receiving information from the Trust, or wish to have information rectified or erased, please send your request in writing via email to

Rights in relation to automated decision making and profiling

RDaSH does not use your information to make automated decisions about you, nor to undertake profiling.

Right to Data Portability

You have the right to get your personal data from an organisation in a way that is accessible and machine-readable, for example as a secure file to be exchanged via e-mail, or an encrypted CD-Rom.

You also have the right to ask an organisation to transfer your data to another organisation. They must do this if the transfer is, as the regulation says, “technically feasible”. Within RDASH, as well as probably other NHS organisations this known as a continuation of care.

Who do I contact if I have any concerns about my data?

To safeguard your information and to support your rights, RDaSH has appointed a Data Protection Officer (DPO). The role of the DPO is to monitor internal compliance with data protection legislation and inform and advise staff, patients, carers and the public in relation to data protection. The DPO can be contacted at

If you have a concern about any aspect of your care or treatment at this hospital or about the way your records have been managed, you can also contact in the first instance  –

For concerns related to mental or physical health services:

PALS – Patient Advice and Liaison Service

Rotherham Doncaster and South Humber NHS Foundation Trust
Woodfield House
Tickhill Road Site
Tickhill Road

Phone: 0800 015 4334

Alternatively, you can also contact the Information Commissioner if you have a complaint about our processing of your personal data:

The Office of the Information Commissioner
Wycliffe House
Water Lane

Phone: 0303 123 1113 or 01625 545 745


Below are some useful definitions:

Data Controller

The organisation which determines the processing of Personal Data. The Data Controller is the legally
responsible organisation.

Data Processor

An organisation which the Data Controller appoints to provide a service on its behalf. The Data Processor must follow the legal instruction of the Controller.

Data Subject

The individual who personal data is about. The individual must be identifiable from the data

Data Protection Officer

The person appointed by the Data Controller as the single point of contact for data protection
enquiries. The Data Protection Officer acts independently and monitors compliance with data
protection obligations.

Data Processing

The activities which relate to Personal Data. Data Processing includes: Obtaining, recording or holding
the information ; organisation, adaption or alteration; retrieval, consultation or use; disclosure by transmission, dissemination or otherwise making available; alignment, combination, blocking, erasure or destruction of the information or data.

Information Commissioners Office (ICO)

The regulator of information rights in the United Kingdom. The ICO website is –

Personal Data

Data which relates to an individual and enables them to be identified.

Special Category Data

This personal data is more sensitive, and so needs more protection, ie race; ethnic origin; politics;
religion; trade union membership; genetics; biometrics (where used for ID purposes); health; sex
life; or sexual orientation

Privacy Notices

Below are a list of privacy notices in use by the Trust

Trust Privacy Notices

A privacy notice tells you what to expect us to do with your personal information when you make contact with us or use one of our services.  It is a statement that describes how the organisation collects, uses, retains and discloses personal information and is sometimes referred to as a privacy statement, a fair processing statement or sometimes a privacy policy.

You can also choose whether your confidential patient information is used for research and planning purposes – click here for more information.

Individual Clinical Services – Specific Use of Information

  • Adult Mental Health*
  • Children’s & Young Persons Mental Health (CAMHS)*
  • Older People’s Mental Health*
  • Children, Young People and Families (CYP&F)*
  • Drug & Alcohol (Adults)*
  • Drug & Alcohol plus Sexual Health (Young People)*
  • Doncaster Care Integrated Services (DCIS)*
  • Forensics*
  • Introducing Access to Psychological Therapies (IAPT)*
  • Memory Services*
  • St Johns Hospice*

*Currently under development

Who is responsible for your data?

Senior Information Risk Officer (SIRO)

The SIRO has responsibility to ensure organisational information risk is properly identified and managed, and that appropriate assurance mechanisms exist. The SIRO will put the needs of the organisation at the forefront of their mind and take a risk based approach.

The current RDaSH SIRO is:

Richard Banks
Director of Health Informatics

Phone: 01302 796189

Caldicott Guardian

The Caldicott Guardian is the senior person responsible for protecting the confidentiality of people’s health and care information and making sure it is used properly. They act as the conscience of the organisation and will put the needs of the public first.

The current RDaSH Caldicott Guardian is:

Dr Nav Ahluwalia
Executive Medical Director

Phone: 01302 796189

Data Protection Officer (DPO)

Under the General Data Protection Regulations (GDPR) public authorities must appoint a DPO. Their primary role is to ensure that the organisation processes the personal data of its staff, customers, providers or any other individuals in compliance with the Data Protection Act 2018. The DPO will advise on what is or is not possible within the boundaries of the legislation.

The current RDaSH DPO is:

Caroline J Britten
Head of Information Governance

Phone: 01302 796189



Trust’s Policy webpage

Contact us

Contact the Information Governance Team


Information Governance,
Woodfield House,
Tickhill Road Site,

Phone: 01302 796189