Why are we collecting information about you?
Lewisham and Greenwich NHS Trust keeps records about the healthcare and treatment you receive as one of our patients. This helps to ensure that you receive the best possible care from us.
It helps you because:
- Accurate and up-to-date information assists us in providing you with the best possible care
- All information is readily available if you see another doctor or are referred to a specialist or another part of the NHS
It helps the NHS to:
- Plan and manage the health service
- Teach and train healthcare professionals
- Conduct healthcare related research and development
- Audit NHS Services
- Prepare statistics on NHS performance
- Monitor how we spend public money
Data Protection Act 1998
The Data Protection Act 1998 regulates the processing of personal data held on computer systems and in other formats. It restricts how we can use an individual’s data, and consists of eight Data Protection Principles that must be applied to ensure safe and legal processing of personal data.
Lewisham and Greenwich NHS Trust is the registered data controller of personal data that is collected by the Trust to help us provide and manage healthcare to our patients. We are registered as a 'data controller', and notified the Information Commissioner (ICO) why we need to process the data.
Full details of all the purposes to which data may be put are listed at the ICO website. The Trust’s ICO registration number is Z4898169.
What kind of information do we hold about you?
We hold the following information about you:
- Name, address, date of birth, NHS Number and next of kin
- Contacts we have had with you (such as clinic visits)
- Details of diagnosis and treatment
- Allergies and health conditions
How do we keep your records confidential?
Everyone working for the NHS is subject to the Common Law Duty of Confidence. Information provided in confidence will only be used for the purposes to which you as patient given consent to, unless there are other circumstances covered by the law.
Under the NHS Confidentiality Code of Conduct, all our staff are also required to protect your information, inform you of how your information will be used, and allow you to decide if and how your information can be shared. This will be noted in your records.
The Trust shares data with a range of organisations. Wherever possible the information is anonymised. However, data may be shared with other organisations for the purposes of caring for a patient. In that case the data has to be identifiable to ensure that all parties are always clear exactly whose data is being used.
We may share your information for health purposes with other NHS organisations, e.g. health authorities, NHS Trusts, general practitioners (GPs), ambulance services and other NHS agencies such as Clinical Commissioners
Information sharing with non-NHS organisations
For your benefit, we may also need to share information from your health records with non-NHS organisations, from which you are also receiving care, such as social services or private healthcare organisations. However, we will not disclose any health information to third parties without your explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk or where the law requires the disclosure of information.
We may also be asked to share basic information about you, such as your name and (part of) address, which does not include sensitive information from your health records. Generally, we would do this only to assist them to carry out their statutory duties (such as usages of healthcare services, public health or national audits). In these circumstances, where it is not practical to obtain your explicit consent, we are informing you through this notice, which is referred to as a Privacy Notice (formerly known as Fair Processing Notice), under the Data Protection Act.
Where patient information is shared with other non-NHS organisations, an information sharing agreement is drawn up to ensure information is shared in a way that complies with relevant legislation.
Non-NHS organisations may include, but are not restricted to:
- Social services
- Education services
- Local authorities
- The police
- Voluntary sector providers
- Private sector providers
Your right to withdraw consent for us to share your personal information
You have the right to refuse/withdraw consent to information sharing at any time. The possible consequences will be fully explained to you and could include delays in receiving care.
Can you get access to your information?
Under the Data Protection Act 1998 a person may request access to information (with some exemptions) that is held about them by an organisation. For more information on how get access to the information we hold about you please refer to
under our Access to Information pages.
At the moment, health and social care workers from different organisations in Lewisham and Greenwich do not have a system in place to share important information about your care automatically. This means that GPs, hospital staff, district nurses, occupational therapists and social workers don’t always have immediate access to all the information they need to provide the most timely and efficient care.
To address this problem we are launching a new system of local electronic records. The new system is called Connect Care.
You can find out more via the link below.