Information Governance
Date Protection laws protect the data given to organisations. The Trust complies with all relevant legislation and relevant policies can be found below.
- Access to Health Records - Litigation and Claims Dep't Disclosure Procedure - v5
- Corporate Records Management Policy - v4
- Data Protection and Confidentiality Policy - v8
- ICT Acceptable Use policy - v3
- Records Management and Retention Policy - v5
- Safe Haven Policy - v9
- Communications and Engagement Privacy statement
Data Protection Impact Assessments
The Trust follows a privacy by design approach to ensure you information and privacy is a top priority in any new electronic system. We carry out a Data Privacy Impact Assessment, which is also known as a DPIA to screen new systems (or significant changes to existing systems) to check for any risks to confidential data. If a DPIA highlights any risk, these are appropriately managed and action is taken to remove or significantly reduce it to an acceptable level.
View a Summary of Current DPIAs and their Status
To make sure our patients’ information is secure the trust follows a privacy by design approach to make sure your information and privacy is a top priority for any new system. We use a process known as a Data Privacy Impact Assessment also called a DPIA for screening new systems (or significant changes to existing systems) to highlight any risks to confidential data. Where a DPIA highlights risks these are appropriately managed and action taken to ensure the risk is removed or significantly reduced to an acceptable level.
The DPIA is a tool recommended by the Information Commissioners Office (ICO) to help us make sure your data is used properly, legally and securely. Find out more via the Information Commissioner's Office website.