Everyone working for the NHS must keep information about you confidential.
All NHS organisations follow the principles and values set out in the NHS Constitution when using and sharing personal information.
How the CCG uses your information
Information about your health and care is confidential and not routinely shared with the CCG for direct health care purposes. However we may, on occasion, need to access and use certain personal information if, for example, we are involved in helping you resolve a complaint or you need to be assessed for continuing health care purposes.
We will only use information about you in accordance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018, the Human Rights Act 1998 and the common law duty of confidentiality.
In order to effectively commission health services in East and North Hertfordshire we need to use anonymised data about the local population. Accurate and relevant information is essential when planning your health services and conducting research.
We do not share personal information about you with other organisations without your permission. However, there may be circumstances where we are required by law to report certain information to the appropriate authorities, for example, to protect vulnerable children and adults from harm or to prevent fraud.
In such cases, permission to share must be sought from our Caldicott Guardian, Sheilagh Reavey, who is responsible for ensuring confidential patient information is protected. We are obliged to tell you when we share your information, unless doing so puts you or others at risk of harm.
Advice on how to make a Freedom of Information (FOI) request is available here.
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) was developed to update and harmonise data privacy laws across Europe by standardising definitions and addressing legal uncertainty and public perception that their data is at risk. GDPR protects an individual’s fundamental rights and freedoms, in particular, the “Right to the Protection of Personal Data.”