General Data Protection Regulations (GDPR)
The GDPR forms part of the data protection regime in the UK, together with the new Data Protection Act 2018 (DPA 2018). The main provisions of this apply, like the GDPR, from 25 May 2018.
Useful Links:
What we do with your information (Fair Processing Notice)
In carrying out our role and responsibilities as a commissioner of services for people working and living in west Hertfordshire, we need to have an understanding of the health and social care needs of our community to ensure that appropriate services are correctly identified and made available across our responsible area.
This means we need information, but we are not allowed access and use all the information available and we remove data that we do not need.
As a CCG we actually do not need to hold much data about individual patients. Where we do, we may keep your information in written format and/or in digital format. This may include basic details about you, such as your name and address and may also contain more sensitive information about your health and social care conditions, current services you are using and also information such as outcomes of needs assessments. We only have this if it is essential to our work.
Therefore, as a commissioning organisation we do not routinely hold medical records or confidential patient data. There are some limited exceptions where we may hold and use personal information about you; for example the CCG is required by law to perform certain services that involve the processing of sensitive personal information. The areas where we regularly use sensitive personal information include:
-
a process where you or your GP can request special treatments that is not routinely funded by the NHS, which are known as Individual Funding Requests
-
assessments for continuing healthcare (a package of care for those with complex medical needs)
- Fair Processing Notice
- Details of Information Collected for Specific Purposes
- Further Definitions
- Continuing HealthCare