Privacy Notice

 

Our Information Governance team have created this page to provide you with information as to why Rotherham Doncaster and South Humber NHS Foundation Trust collects information about you and how we will use this information; information about your rights under Data Protection Laws, such as the General Data Protection Regulations (GDPR) 2016.

Click here to see how this Trust has ensured compliance with the law and what we plan to do to ensure continuous compliance.

Who is responsible for your data?

Senior Information Risk Officer (SIRO)

Richard Banks
Director of Health Informatics
Email: rdash.ig@nhs.net
Phone No: 01302 796189

---

Caldicott Guardian

Dr Nav Ahluwalia
Executive Medical Director
Email: rdash.ig@nhs.net
Phone No: 01302 796189

---

Data Protection Officer (DPO)

Caroline J Britten
Head of Information Governance
Email: rdash.dpo@nhs.net
Phone No: 01302 796189

---

Definitions

Definitions

Privacy Notices

Trust Privacy Notices

A privacy notice tells you what to expect us to do with your personal information when you make contact with us or use one of our services.  It is a statement that describes how the organisation collects, uses, retains and discloses personal information and is sometimes referred to as a privacy statement, a fair processing statement or sometimes a privacy policy.

The member of staff overviewing the Data Protection Legislation and the Trust approach is Caroline J Britten, Data Protection Officer.  Should you have any queries regarding data protection or information governance please contact her on 01302 796189.

• Privacy Notice
• Children & Young People
• Staff
• Membership
• Integrated Doncaster Care Record
• Cookies

You can also choose whether your confidential patient information is used for research and planning purposes – click here for more information.

*currently under development

Individual Clinical Services – Specific Use of Information

• Adult Mental Health*
• Children’s & Young Persons Mental Health (CAMHS)*
• Older People’s Mental Health*
• Children, Young People and Families (CYP&F)*
• Drug & Alcohol (Adults)*
• Drug & Alcohol plus Sexual Health (Young People)*
• Doncaster Care Integrated Services (DCIS)*
• Forensics*
• Introducing Access to Psychological Therapies (IAPT)*
• Memory Services*
• St Johns Hospice*

*Currently under development

How is your data used?

• Information Sharing Agreements*
• Data Processing with Contractors*
• Data Protection Impact Assessments
• Cookies

*Currently under development

What are your rights?

Under the Data Protection law data subjects (individuals) have eight specifics rights:

1. The right to be informed – Individuals should be informed of how their data will be used. This applies to both patient and staff data.
2. The right of access – Individuals have the right to access their personal data, and this is commonly referred to as a subject access request.  Click here for more information about the request process, application form and guidance
3. The right to rectification – Individuals can make requests to have inaccurate personal data rectified or completed.  Click here for more information about the process, application form and guidance.
4. The right to erasure – this is often referred to as the “right to be forgotten” and is not absolute.  This right does not apply to special category data if processing is necessary for the provision of health or social care; or for the management of health or social care systems or services.
5. The right to restrict processing – individuals have the right to require organisations to restrict processing where:
   • accuracy is contested by the individual;
   • processing is unlawful and the subject opposes erasure;
   • the organisation no longer needs the data, but the subject requires it to be kept for legal claims;
   • the individual has objected, pending verification of legitimate grounds.
6. The right to data portability –  individuals have the right to receive personal data about them in a ‘commonly used and machine readable format’.  This right is only available where the processing is based on consent and the processing is automated. Please note that this is not the legal basis for the majority of our processing, therefore for with regards to most of the data held by this Trust, this right does not apply.
7. The right to object – individuals have the right to object to:
   • processing based on legitimate interests or the performance of a task in the public interest / exercise of official authority (including profiling);
   • direct marketing (including profiling); and
   • processing for purposes of scientific/historical research and statistics.
8. Rights in relation to automated decision making and profiling – when making a decision solely by automated means without any human involvement this is known as automated individual decision-making; and any automated processing to evaluate certain things about an individual is known as profiling, although it can also be part the same process.  We can only carry out solely automated decision-making that has legal (or similarly significant) effects on you, where the decision is:
   • necessary for the entry into or performance of a contract; or
   • authorised by Union or Member state law applicable to the controller; or
   • based on your explicit consentand if so, we must ensure we give you information about the processing and introduce simple ways for you to request human intervention or challenge a decision.  We must also carry out regular checks to make sure that our systems are working as intended.

Leaflets

• Access to health Records
• Your Info – Your Rights

Policies

Click here to see view the Trust’s Policy webpage

Contact us

Post: Information Governance, Woodfield House, Tickhill Road Site, Balby, Doncaster, DN4 8QN

Phone: 01302 796189

Email: ig@rdash.nhs.net