Privacy - a fair processing notice


What we do

NHS Bexley CCG is responsible for planning, buying and monitoring (also known as commissioning) health services from healthcare providers such as hospitals and GP practices for the local population to ensure the highest quality of healthcare.

We also have a performance monitoring role of these services, which includes responding to any concerns from our patients on services offered. In these instances, Bexley CCG may need to hold some information about you.


How we use your information?

The CCG may hold some information about you and it is important you are aware how that information is used, who we may share that information with, how we keep it secure (confidential) and what your rights are in relation to this.


What kind of information we use?

 As a clinical commissioning group the following types of information/data can only be used:

  • Identifiable: containing details that identify individuals – where absolutely necessary and with patient consent. Examples include; name, address, date of birth and NHS number. This can include (only if necessary) personal and sensitive information, such as a specific health condition or diagnosis, ethnicity and demographics.
  • Pseudonymised: about individuals but with identifying details (such as name or NHS number) replaced with a unique code.
  • Anonymised: about individuals but with identifying details removed.
  • Aggregated: anonymised information grouped together so that it doesn't identify individuals.

There are very strict rules surrounding the use of this data. Section 251 applications under the NHS Act 2006 has been used to process certain types of information for specific purposes. These are:

  • Invoice validation
  • Risk stratification

What do we use your sensitive and personal information for?

There are some limited exceptions where we may hold and use identifiable information about you. This can include name, address, date of birth, NHS number and there may also be times when this includes sensitive personal information. For example the CCG has been required by law to perform certain services that involve the processing of sensitive personal information.

The areas where we may regularly use sensitive personal information include:

  • a process where you or your GP can request special treatments that is not routinely funded by the NHS, which are known as individual funding requests
  • assessments for continuing healthcare and appeals
  • responding to your queries, compliments or concerns
  • assessment and evaluation of safeguarding concerns
  • where there is a provision (section 251) permitting the use of sensitive personal information under specific conditions, for example to:
    • understand the local population needs and plan for future requirements, which is known as ‘risk stratification for commissioning’.
    • ensure that the CCG is billed accurately for the treatment of its patients, which is known as ‘invoice validation’.
    • Monitor access to services, waiting times and particular aspects of care.

Sensitive personal information may also be used in the following cases:

  • the information is necessary for your direct healthcare
  • CCGs responding to patients, carers or Member of Parliament communication
  • you have freely given your informed agreement (consent) for us to use your information for a specific purpose
  • there is an overriding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime
  • there is a legal requirement that will allow us to use or provide information (e.g. a formal court order).


What we use pseudonymised, anonymised and aggregated data for


The CCG uses these types of data to plan healthcare services:

  • Check the equality and efficiency of the health services commissioned
  • Prepare performance reports on the services commissioned
  • Work out what illnesses people will have in the future, so that the CCG can plan and prioritise services and ensure these meet the needs of patients in the future
  • Review the care being provided to make sure it is of the highest standard

 Stringent measures are in place to ensure individual patients cannot be identified.


How is your information shared?

The CCG commissions a number of organisations (both within and outside the NHS) to provide healthcare services to you. The CCG may also share anonymised statistical information with them for the purpose of improving local services, for example understanding how health conditions spread across our local area compared against other areas.

The law provides some NHS bodies, particularly NHS Digital (Previously Health and Social Care Information Centre) ways of collecting and using patient data that cannot identify a person to help commissioners to design and procure the combination of services that best suit the population they serve.

The CCG may also share information with NHS England and NHS Digital.

Information may also be shared for your benefit with other third parties or non NHS organisations, such as care homes, social services from which you may be receiving care. Where information sharing is required with such organisations, the CCG will not disclose any health information without your explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk or where the law requires it. The CCG may be asked to share basic information about you, such as your name and address which does not include sensitive information. This would normally be to assist them to carry out their statutory duties. In these circumstances, where it is not practical to obtain your explicit consent, the CCG will inform you through this notice, which is referred to as a Fair Processing Notice, under the Data Protection Act. NHS Bexley CCG has an information sharing agreement which has been created to ensure information is shared in a way that complies with relevant legislation. 

If you do not want your information to be used for purposes beyond providing your care you can choose to opt-out. If you wish to do so, please inform your GP practice and they will mark your choice in your medical record. You can opt out of your data being used for some purposes. You can withdraw your opt-out choice at any time by informing your GP practice. More information is available on NHS Digital Your personal information choices.

NHS Digital takes the responsibility for looking after care information very seriously. Please follow links on how they look after information for more detailed documentation.

NHS England recognises the importance of protecting personal and confidential information in all that we do, all we direct or commission, and takes care to meet its legal duties. Follow the links on the How we use your information page for more details.


Exceptional circumstances

The opt-out will not apply where there is a mandatory legal requirement or an overriding public interest. These will be areas where there is a legal duty to share information (for example a fraud investigation) or an overriding public interest (for example to tackle the ebola virus).

Linkages with other data sets

Data may be de-identified and linked by these special bodies so that it can be used to improve health care and development and monitor NHS performance. Where data is used for these statistical purposes, stringent measures are taken to ensure individual patients cannot be identified.

When analysing current health services and proposals for developing future services it is sometimes necessary to link separate individual datasets to be able to produce a comprehensive evaluation.  This may involve linking primary care GP data with other data such as secondary uses service (SUS) data (inpatient, outpatient and A&E).  In some cases there may also be a need to link local datasets which could include a range of acute-based services such as radiology, physiotherapy, audiology etc, as well as mental health and community-based services such as Improving Access to Psychological Therapies (IAPT), district nursing, podiatry etc.  When carrying out this analysis, the linkage of these datasets is always done using a unique identifier that does not reveal a person’s identity as the CCG does not have any access to patient identifiable data.

The CCG may also contract with other organisations to process data. These organisations are known as Data Processors. We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.

Currently, the external data processors we work with include (amongst others):






Q Admissions tool

Risk stratification


The Bread Factory, 1A Broughton Street, London SW8 3QJ


Financial payments and invoices

Invoice validation

Shared Business Services

Phoenix House,

Topcliffe Lane



Data Services for Commissioners regional office

Anonymised and pseudonymised data to monitor access to services, waiting times and particular aspects of care

South East London Commissioning Support Unit

1 Lower Marsh




Quality alerts management system

Practices and health care providers to raise quality alerts to the CCG regarding concerns they have.


The Old Mill Fry’s Yard

Bridge Street




Protecting your privacy

What is important is that this information is governed by clear rules and processes about how it is used and protected and that everyone in the organisation understands who has access to personal information and how and why they will use it.

Your personal information is protected under law by the Data Protection Act 1998, the Common Law of Duty of Confidentiality and your right to privacy under the Human Rights Act 1998.   Everyone working for the NHS is subject to the Common Law Duty of Confidence. Information provided in confidence will only be used for the purposes advised and consented to by the patient, unless there are other circumstances covered by law.

Under the NHS Confidentiality Code of Conduct, all NHS Bexley CCG staff are required to be aware of how to protect your information, inform you how your information will be used and allow you to decide if you are happy to have your information shared. All NHS Bexley CCG staff are required to annually undertake mandatory information governance training, which supports this requirement. All personalised information relating to patients and staff will be considered confidential. NHS Bexley CCG will ensure that the information is protected against improper disclosure during receipt, transmission, storage and disposal.

The CCG’s information systems security policies and procedures have been developed and implemented to ensure business continuity and to minimise damage by reducing the threat to security.  Countermeasures are in place to protect information and computing assets by:

  • protecting sensitive information from disclosure
  • safeguarding the accuracy and completeness of information and computer software
  • ensuring that information and vital services are available to users when required, and by
  • ensuring the physical security of the information infrastructure  and systems
  • employs technologies such as encryption, secure authentication, smart cards and firewalls

The CCG is registered with the Information Commissioner’s Office (ICO) as a data controller and collects data for a variety of purposes. A copy of the registration is available through the ICO website (search by CCG name).

Every NHS organisations is required to have a Caldicott Guardian. The Caldicott Guardian has a strategic role which involves representing and championing issues protecting the confidentiality of patient and service user information.


NHS Bexley CCG’s Caldicott Guardian is:


Dr Sid Deshmukh, Frognal locality lead and clinical vice-chair


How long does the CCG hold confidential information about you?

All records held by the CCG will be kept for the duration specified by national guidance from the Department of Health, NHS Records Management Code of Practice.

All confidential information is destroyed in line with the NHS Records Management Code of Practice and shredded on site.


What are your rights?

Where information from which you can be identified is held, you have the right to ask to:

  • View this or request copies of the records by making a subject access request
  • request information is corrected
  • have the information updated where it is no longer accurate
  • ask us to stop processing information about you where we are not required to do so by law – although we will first need to explain how this may affect the care you receive

How you can access your own health records?

The Data Protection Act 1998 gives you the right to see or have a copy of your health records.

If you wish to have sight of, or obtain copies of your of your own personal health care records you will need to apply to your GP Practice, the hospital or NHS Organisation which provided your health care.

Everybody has the right to see, or have a copy, of data we hold that can identify you, with some exceptions. You do not need to give a reason to see your data, but you may be charged a fee.

If you wish to have a copy of the information that the CCG hold about you, you will need to complete a Subject Access Request form and send it to the address below. There may be a charge for this (of up to £50).

Pin Bhandal,

Data Protection Officer,

Civic offices,

Second floor west

2 Watling Street 





GP online services

Alternatively, patients can view part of the GP health record by accessing GP online services.  

GP online services allow you to access a range of services via your computer or mobile. Once you have signed up, you will be able to:

  • book or cancel appointments online with a GP or nurse
  • renew or order repeat prescription online
  • view parts of your GP health record, including information about medication, allergies, vaccinations, previous illnesses and test results

For more information, please visit NHS Choices.


Making health and social care information accessible in Bexley

All organisations that provide NHS services or adult social care must follow the Accessible Information Standard (AIS) by law. The AIS aims to make sure that disabled people have access to information they can understand and any communication support they might need. The standard tells organisations how to make information accessible to patients, service users and their carers and parents. This includes making sure that people get information in different formats if they need it, such as large print, braille, easy read and by email. The AIS also tells organisations how to support people’s communication needs, for example by offering support from a British Sign Language (BSL) interpreter, deafblind manual interpreter or an advocate.  As part of the standard, organisations that provide NHS or social care must do five things:

  • Ask people if they have any information or communication needs, and find out how to meet their needs
  • Record those needs in a set way
  • Highlight a person’s file, so it is clear that they have information or communication needs, and clearly explain how these should be met
  • Share information about a person’s needs with other NHS and adult social care providers, when they have consent or permission to do so
  • Act to make sure that people get information in an accessible way and communication support if they need it.

NHS Bexley CCG is committed to supporting local health and care organisations in meeting the AIS. The CCG is working with those departments that come into contact with direct patient care to meet the AIS. 

More information on the AIS can be found on the NHS England website


Complaints or questions

We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring concerns to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.

You can contact patient experience team by free phone on 0800 328 9712, or email


People who make a complaint to NHS Bexley CCG

When NHS Bexley CCG receives a complaint, a file is created containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. Personal information is only used to process a complaint and to check on the level of service the CCG commissions. The CCG does publish statistics showing the number of complaints received but not in a form which identifies anyone. Usually the CCG has to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, the CCG will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis. Personal information is contained in complaint files in line with the CCG’s retention policy. This means that information relating to a complaint will be retained for eight years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ basis. Similarly, where enquiries are submitted to the CCG  this will only be used to deal with the enquiry and any subsequent issues and to check on the level of service we provide.


Information Commissioners Office (ICO)


The Information Commissioners Office (ICO) is a UK independent authority established to uphold information rights in the public interest promoting openness by public bodies and data privacy for individuals


For independent advice about data protection, privacy, data sharing issues and your rights you can contact:


Information Commissioner’s Office

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF 

Telephone: 0303 123 1113 (local rate) or 01625 545 745


Visit the ICO website


Job applicants, current and former NHS Bexley CCG employees

When individuals apply to work at NHS Bexley CCG, information supplied to us is used to process applications and to monitor recruitment statistics. Where the CCG needs to disclose information to a third party, for example a reference or to obtain a ‘disclosure’ from the Criminal Records Bureau, the CCG will not do so without informing the applicant beforehand, unless the disclosure is required by law. Personal information about unsuccessful candidates will be held for 12 months after the recruitment exercise has been completed, it will then be destroyed or deleted. The CCG retains statistical information about applicants to help inform its recruitment activities, but no individuals are identifiable from that data. Once a person has taken up employment with NHS Bexley CCG an electronic employment file is compiled and held by the South East Commissioning Support Unit (the provider of human resources to the CCG). The information contained in this file will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once employment with NHS Bexley CCG has ended, the file will be retained in accordance with the requirements of the retention schedule and then delete it.


Invoice validation

To ensure that public money is spent accurately, the CCG checks healthcare invoices to ensure that they are accurate and genuine. To do this the CCG needs to match the care provided against the patient who received the care to ensure that the correct funding is issued. Validating invoices is undertaken within a controlled environment for finance (CEfF) and is undertaken by a dedicated team. Once your personal details have been used to check the validity of your care invoice, your personal details are deleted from our system before the invoice is processed for payment.


Information governance

Information Governance is about the way organisations ‘process’ or handle information. This covers personal information, for example information relating to patients/service users and employees, and corporate information such as financial and accounting records.

An information governance toolkit produced by the Department of Health draws together the legal rules and central guidance and presents them in one place as a set of information governance requirements.

Various organisations, including CCGs, are required to undertake a self-assessment of their compliance against the information governance requirements using the toolkit.

The assessment enables CCGs to measure their compliance against the requirements and see whether information is handled correctly and protected from unauthorised access, loss, damage and destruction.

Where partial or non-compliance is revealed, CCGs must take appropriate measures, for example assign responsibility, put in place policies, procedures, processes and guidance for staff, with the aim of making cultural changes and raising information governance standards through year on year improvements.

NHS Bexley CCG’s current assessment report can be found here. On the linked page click on ‘Report’; then on the next screen then select 'Show report’.

Every year the CCG must produce a year end report for its audit and assurance committee that outlines its achievements against the IG Toolkit and any recommendations to take forward to the following year's IG development plan.  The CCG’s current annual IG report can be found here.


Changes to this privacy notice

NHS Bexley CCG regularly reviews its privacy notice. This privacy notice was last updated on October 2016.


Useful links

  • NHS Care record guarantee for England set out the rules that govern how patient information is used in the NHS ad what control the patient can have over this.
  • The NHS Constitution - The Constitution sets out rights for patients, public and staff. It outlines NHS commitments to patients and staff, and the responsibilities that the public, patients and staff owe to one another to ensure that the NHS operates fairly and effectively.
  • Confidentiality guideNHS Digital guide to confidentiality and information sharing throughout health and social care services.
  • National Data Guardain for Health and Care – Review of Data Security Consent and Opt-Outs.
  • Health Research Authority – Protects and promotes the interests of patients and the public in health and social care research,
  • Information Commissioners Officer – The UKs independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  • Accessible Information Standard – Defines a specific, consistent approach for meeting information and communication support needs for patients, service users, carers and parents, where those needs relate to a disability, impairment of sensory loss.
  • NHS Digital (Previously the Health and Social Care Information Centre)
  • NHS Digital exist to help patients, clinicians, commissioners, analysts and researchers to improve health and social care in England by making better use of technology, data and information.

Changes to this privacy notice

NHS Bexley CCG regularly reviews its privacy notice. This privacy notice was last updated on 12 October 2016

For further information please contact:

Data Protection Officer

NHS Bexley Clinical Commissioning Group

Civic offices

Second floor west

2 Watling Street




020 8298 6120


Website technical details



We do use  electronic forms on the website making use of an available ‘forms module’ which has a number of built-in features to help ensure privacy. We  also aim to use secure forms where appropriate.



Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

We do not make use of cookies to collect any private or personally identifiable information.
The technical platform of this website, Sitekit CMS, does use cookies soley to aid the proper technical functioning of the website. The cookies used by Sitekit CMS contain random strings of characters alongside minimal information about the state and session of the website – which in no way collects or discloses any personal information about you as a visitor.

If you chose to, for any secure pages of this website, you can elect to save login information in a cookie to facilitate faster login to a private area of this site.  A notification is given before any such cookie is dropped, and the process is ultimately within your control. Even where this is used, the cookie still contains minimal authentication information, and does not contain any private or personal data. 

Advanced areas of this site may use cookies to store your presentation preferences in a purely technical fashion with no individually identifiable information. Note also our statement on analytics software below – as analytics software also uses cookies to function.

In compliance with EU legislation, the following table lists the use of cookies on this web site:

Cookie Name


More information


This is used to store whether you are in textOnly mode or not.

Persistent for three months.



This is used to store user preferences for viewing sites in textOnly mode e.g. font-size and colour.

Persistent for one month.



This is used to store the username and password for ‘remember my login’ feature on extranets.

Persistent for one month.



This cookie has two functions.

Firstly it serves as a session cookie for extranet users. Without this cookie, an extranet user will have to login to each individual page in the extranet.

It also enables us to track the pages that a user visits while they navigate around the site.



This is used to store whether you have agreed to receive cookies.

Persistent for one year.


Google Analytics


These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

Click here for an overview of privacy at Google

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit

To opt out of being tracked by Google Analytics across all websites visit


Data retention policy

Our platform, Sitekit CMS, operates with a clear data-retention policy in order to comply with the Privacy Enhancing Technology guidance from the Information Commissioner. This means that data has predefined time limits for storage and is only retained by the system for as long as it is considered useful.


Server statistics

Like almost all websites, we have access to server statistics which provide aggregate statistics on bandwidth and server load. This load data is used to manage bandwidth effectively and for billing purposes. It is important for us to collect and monitor this information because we pay for a server bandwidth allowance and are liable for the costs of increases beyond our allowance.
The server statistics are not designed to collect any individually identifiable information and the reports we receive are generally numerical and in graph format.

Alongside the server statistics, our Content Management System, Sitekit CMS, collects information on: popular search terms used on the website, which we have access to in order to arrange our pages better; visitor path information, which we have access to for future design considerations; and download popularity (numerical by month), which we use to organise the file libraries better.



Like most websites, we make use of analytics software in order to help us understand the trends in popularity of our website and of different sections. We make no use of personally identifiable information in any of the statistical reports we use from this package.

We use an analytics package called Google Analytics who provide details of their privacy policy on the Google website.