Privacy notice

Contents

  1. Introduction
  2. What is NHS Bexley CCG and what is its function in the NHS?
  3. What kind of information does the CCG use?
  4. Legal requirements
  5. How is your personal confidential data used by the CCG?
  6. Use of pseudonymised, anonymised and aggregated data by NHS Bexley CCG 
  7. Where does the CCG obtain information from?
  8. Job applicants, current and former NHS Bexley CCG employees 
  9. How is your information shared?
  10. Transfer of information outside the European Union to third countries or international organisations
  11. Marketing and research
  12. Automated individual decision-making (profiling)
  13. What safeguards are in place to ensure the security of data that identifies me?
  14. How long does the CCG hold confidential information about you?
  15. What are your individual rights?
  16. Setting a national opt-out preference
  17. Mystery shopper and patient engagement scheme opt-out
  18. Caldicott Guardian
  19. Data Protection Officer
  20. Questions or concerns
  21. Information Commissioners Office (ICO)
  22. Personal data breaches
  23. Making health and social care information accessible in Bexley
  24. Website technical details

 

 

1. Introduction

The purpose of this notice is to inform you of the type of information (including personal information) that the NHS Bexley Clinical Commissioning Group (CCG) holds; how that information is used; who it may share that information with; and how it keeps it secure and confidential.

All NHS staff, care professionals and others working in care services have a legal duty to keep information about you confidential and secure and only use it for the purpose of providing and improving care or treatment.

 

2. What is NHS Bexley CCG and what is its function in the NHS?

NHS Bexley CCG is responsible for planning, buying ('commissioning') and monitoring health services from healthcare providers such as hospitals, GP practices, care homes and other organisations. These services are for the residents of Bexley to ensure the highest quality of healthcare. Part of this remit includes responding to any concerns from our patients about those services.

All clinical commissioning groups are overseen by NHS England.

NHS Bexley CCG is a registered data controller and must notify the Information Commissioner’s Office (ICO) of all personal information processing activities. Our ICO Data Protection Register number is Z3619680 and our entry can be found in the Data Protection Register on the ICO website.

 

3. What kind of information does the CCG use?

Personal confidential data’ is a term used in this privacy notice which describes personal information about identified or identifiable individuals, which should be kept private or secret, and includes deceased as well as living people.

The CCG has a duty to ensure that this personal confidential data is kept confidential, secure and used appropriately and will only use personal confidential data when it is necessary to do so.

NHS Bexley CCG uses the following types of information, in line with other similar NHS organisations.

  1. Anonymised data: This is data about you but from which you cannot be personally identified.
  2. De-identified data with pseudonym identifier: This is data about you which can be tracked across different health services but which does not use personal information, and does not allow you to be personally identified.
  3. De-identified data with weakly pseudonym identifier such as the NHS number. This data is used to link information about your care in different health services, for example, if you are treated inside and outside a hospital. No other personal information is used during this process and you will not be personally identified. However, there may be times whereby you may be re-identified in the event of patient safety requirements, or re-identified for direct care purposes, for example, where information is passed to a GP responsible for your care.
  4. Aggregated (for commissioning purposes), which is anonymised data information grouped together so that it does not identify individuals.
  5. Personal data is any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. This can include IP addresses.
  6. Sensitive information/data refers to information that relates to a data subject which is more sensitive and therefore needs more protection. The new data protection law refers to sensitive information as “special categories of personal data”. Examples of special category data can include:
    • Racial
    • Ethnic origin
    • Political opinions
    • Religious beliefs
    • Trade union membership
    • Genetics (inherited or acquired characteristics)
    • Biometrics (where used for ID purposes)
    • Health
    • Sexual orientation
  7. Criminal offence data is personal data about criminal convictions or offences. 

 

4. Legal requirements

Below are just some of the legislation that applies to CCGs when processing and handling personal confidential data:

  • General Data Protection Regulations/ subsequent UK Data Protection legislation 2018 (Previously Data Protection Act 1998)
  • Health and Social Care Act 2012
  • Freedom of Information Act 2000
  • Common Law of Duty
  • Access to Health Records Act 1990
  • Care Act 2014
  • Mental Health Act 2014
  • Mental Capacity Act 2005
  • Computer misuse Act 1998

 

5. How is your personal confidential data used by the CCG?

CCG statutory processes that require the use of personal confidential data are as follows:

  • Individual funding requests – a process where patients and their GPs can request special treatments not routinely funded by the NHS.
  • Continuing Healthcare Assessments (a package of care for those with complex medical needs).
  • Responding to your queries, concerns or complaints.
  • Incident investigations.
  • To ensure that public money is spent accurately, the CCG checks healthcare invoices to ensure that they are accurate and genuine. This is known as invoice validation.
  • Assessment and evaluation of safeguarding concerns for individuals.
  • If you are a member of our patient participation group, or have asked us to keep you up to date about our work and involved in our engagement and public consultations.
  • Registered as a member of the CCG’s mystery shopper scheme and this could include holding details of your IP address.
  • Employment and education details, as part of staff personnel records and job applications (temporary/permanent).

In the majority of its work, the CCG does not need to know the personal details of borough residents, and therefore, this information is not routinely held. Exceptions to this include the following circumstances:

  • The information is necessary for facilitating direct healthcare for patients the CCG has received consent from individuals to be able to use their information for a specific purpose
  •  There is an overriding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime
  •  There is a legal requirement that allows the CCG to use or provide information (e.g. a formal court order)
  •  The CCG has special permission for health purposes (granted by the Health Research Authority Section 251).
  •  For the health and safety of others, for example to report an infectious disease such as meningitis or measles.


Data held in these circumstances may include personal confidential data such as an individual’s name, address and NHS number. Sensitive information may include information such as health information, outcomes of a care needs assessment, a funding request or details relating to your complaint.

 

6. Use of pseudonymised, anonymised and aggregated data by NHS Bexley CCG

Stringent measures are in place to ensure individual patients cannot be identified. This type of data may be used by the CCG in the following circumstances:

  • Plan healthcare services
  • Check the equality, quality and efficiency of the health services commissioned
  • Prepare performance reports on the services commissioned
  • Work out what illnesses people will have in the future, so that the CCG can plan and prioritise services to meet identified need

 

7. Where does the CCG obtain information from?

Many people's first point of contact with the NHS, is through interaction with primary care services. Primary care services can be GP practices, dental practices, community pharmacies and high street optometrists. Primary care data relates to information which has been sourced from these types of services.

Secondary care covers treatment and care for a specialised medical service by a clinician or community service provider. For example, clinical specialist within hospitals and healthcare facilities or support services from social care or voluntary sector as well as referrals made by primary care (as above).

As described above, most of the information the CCG obtains is de-identified or anonymised. Personal confidential data is only used at the CCG when necessary.

 

8. Job applicants, current and former NHS Bexley CCG employees

When individuals apply to work at NHS Bexley CCG, information supplied to us is used to process applications and to monitor recruitment statistics. Where the CCG needs to disclose information to a third party, for example a reference or to obtain a ‘disclosure’ from the Disclosure and Barring Service, the CCG will not do so without informing the applicant beforehand, unless the disclosure is required by law.

Personal information about unsuccessful candidates will be held for 12 months after the recruitment exercise has been completed, it will then be destroyed or deleted. The CCG retains statistical information about applicants to help inform its recruitment activities, but no individuals are identifiable from that data.

Once a person has taken up employment with NHS Bexley CCG an electronic employment file is compiled and held by the North East London Commissioning Support Unit (the provider of human resources to the CCG). The information contained in this file will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once employment with NHS Bexley CCG has ended, the file will be retained in accordance with the requirements of the NHS records retention schedule.

 

9. How is your information shared?

Information is (securely) shared in a range of ways, including verbally, face-to-face, letters, by email, by secure electronic systems internally and externally.

In recent years, health and care organisations have made use of more electronic and connected digital systems, which have improved safety, security and speed of information sharing, reduced duplication and waste and improved quality. 

These IT systems have been developed and monitored according to stringent rules to share your personal data more securely and lawfully.

The CCG commissions a number of organisations (both within and outside the NHS) to provide healthcare services to you. The CCG may share anonymised statistical information with them for the purpose of improving local services, for example understanding how health conditions spread across our local area compare against other areas. Information may also be shared for your benefit with other third parties or non NHS organisations, such as care homes, and social services.

Where information-sharing is required by such organisations, the CCG will not disclose any health information without your explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk or where there is a lawful basis to do so.

The CCG may be asked to share basic information about you, such as your name and address which does not include sensitive information. In these circumstances, and where it is not practical to obtain your explicit consent, the CCG will inform you through this privacy notice.

The CCG may also contract with other organisations to process data. These organisations are known as data processors. Data processors used by NHS Bexley CCG, which use data that could or does identify a person, are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.

Examples where data processors are used by the CCG’s are:

  • Mystery shopper registration via the CCG’s website
  • NHS Shared business services for financial processes
  • Electronic Staff Record (ESR) and Workforce for employment registration and payroll

 

10. Transfer of information outside the European Union to third countries or international organisations

There are legal restrictions imposed on health and care organisations regarding the transfer of personal data outside the European Union, to third countries or international organisations. The CCG does not share or transfer information outside of the European Union, to third countries or international organisations.

 

11. Marketing and research

The CCG will never sell any information about you to other organisations for marketing purposes. As a commissioning organisation there are very minimal circumstances whereby your information would be used for research. In the event that the CCG is required to share information for this purpose, it would be only be carried out with your explicit consent. 

 

12. Automated individual decision-making (profiling)

Automated individual decision-making is defined as making decisions or evaluating things about an individual solely by automated means without any human involvement. The CCG does not use any automated individual decision-making when processing information.

 

13. What safeguards are in place to ensure the security of data that identifies me?

The CCG has a legal duty to protect any information it collects from users of the health services it commissions. The use of personal confidential data in NHS Bexley CCG is governed by clear rules and processes, which sets out how this information is used and protected, which personnel has access to personal information, and how and why they use it.

All staff have contractual obligations of confidentiality, enforceable through disciplinary procedures. All staff receives appropriate training, including annual mandatory data security awareness training. All relevant organisational and technical measures are in place to make sure that the information held by the CCG is secure, for example:

  • Personal confidential data is held in secure locations
  • Access is restricted to authorised personnel on a need to know only basis
  • Computer systems and mobile devices are protected with leading encryption technology and anti-virus software
  • The CCG is a registered member of the Care Computer Emergency Response Team (CareCERT) – which supports cyber security in health and care organisations
  • The CCG reviews and audits the information collection, storage and processing practices, including physical security measures to guard against unauthorised access to systems. This includes disaster recovery and business continuity arrangements
  • Secure encrypted email facilities
  • Password management and protocols
  • Staff training, awareness and policies

 

14. How long does the CCG hold confidential information about you?

All records held by the CCG will be kept for the duration specified by national guidance from the Department of Health, NHS Records Management Code of Practice. All confidential information is destroyed in line with the NHS Records Management Code of Practice and shredded on site.

 

15. What are your individual rights?

You have a number of rights under the Data Protection law.

In summary your rights are:

You have a right to be informed about uses of your information with an emphasis on transparency. This privacy notice is to ensure you are made aware of how information is used and why it is needed. It ensures that your right to be informed is upheld.

Right of access: You have a right to receive:

    • Confirmation of what information is recorded about you
    • Confirmation of how your information is used
    • Access to your personal confidential data
    • Receive the information in an electronic format, hardcopy or other formats if possible

Your request can be made verbally or in writing, however, NHS Bexley CCG has a legal responsibility to identify the person requesting the information is validated. To assist in this process, NHS Bexley CCG will ask you to complete a Subject Access Request (SAR) form, provide proof of identification. You will not be charged for this service.

If you wish to have sight of, or obtain copies of your of your own personal health care records you will need to apply to your GP practice, the hospital or NHS organisation which provided your healthcare.

Subject access requests form should be sent to the NHS Bexley CCG Data Protection Officer:

 

Data Protection Officer
NHS Bexley CCG
Second floor, west wing
2 Watling Street
Bexleyheath
Kent
DA6 7AT

bexccg.dpo@nhs.net 

Other people can also apply to access your health records on your behalf. These include anyone authorised by you in writing (such as a solicitor), or any person appointed by a court to manage your affairs if it decides you cannot manage them yourself.

Right to rectification: Rectification refers to correcting inaccuracies or incomplete data we hold about you. This often applies to factual information only – such as identifiers and next of kin. We are unable to remove or alter professional opinions which you may disagree with. You do however have the right to include your personal statements alongside professional opinions. To rectify your information please contact the organisation that is responsible for your care.

Right to erasure: In some circumstances you can request that we delete the information we hold about you. This right will apply only if the processing has been undertaken on the basis of consent which is withdrawn, the processing of data is determined not to be lawful or the information is no longer required. You will be informed of activities to which this right applies.

There are exceptions to the right to erasure. Your care providers are legally required to maintain your records in accordance with the retention guide referenced at this link.

Right to object: You do not have a general right to object to processing of your personal information for your individual care, however you can object if the information is used for:

  • Marketing (not applicable to the CCG)
  • Scientific or historical research
  • Statistical purposes
  • Public patient involvement groups (including Mystery Shopper Scheme)

For further information, please see opt-out preferences below.

Right to restrict processing: The right to restrict processing means that if you have disputed the accuracy of information, objected to its use or require data due for destruction to be maintained for a legal claim, you can have the data stored by a care organisation, but no other uses are then permitted until the dispute is settled. To request restriction to processing, please contact the Data Protection Officer.

For further information about individual’s rights and other data protection information, please visit the Information Commissioners Office website.

 

16. Setting a national opt-out preference

Commissioned by the Secretary of State for Health, Dame Fiona Caldicott, the National Data Guardian for Health Care (NDG) has reviewed data security and data sharing in the health and social care system. The so-called ‘Caldicott review’ provides for people to be able to make an informed choice about whether to share data or not.

Patients and public who decide they do not want their personally identifiable data used for planning and research purposes will be able to set their national opt-out preference.

As of the 25 May 2018, residents have the right to opt-out of their personal confidential information being used for the following purposes.

  • Providing local services and running the NHS and social care
  • Supporting research and improving treatment of care

To set an opt-out preference, NHS Digital will offer digital (online) and non-digital national data opt-out systems.

For further information and support relating to opt-outs, please contact NHS Digital

 

Exceptional circumstances

The opt-out will not apply where there is a mandatory legal requirement or an overriding public interest. These will be areas where there is a legal duty to share information (for example a fraud investigation) or an overriding public interest (for example to tackle the ebola virus).

Anonymised information is not subject to opt-out.

 

17. Mystery shopper and patient engagement scheme opt-out

If you are registered member of the CCG’s mystery shopper or patient engagement scheme you can withdraw your membership registration at any time by contacting: bexccg.contactus@nhs.net.

 

18. Caldicott Guardian

The Caldicott Guardian has a strategic role which involves representing and championing issues protecting the confidentiality of patient and service user information. NHS Bexley CCG’s Caldicott Guardian is:

Dr Sid Deshmukh, CCG Chair
Contact: BEXCCG.Caldicott@nhs.net

 

19. Data Protection Officer

It is a legal requirement that the CCG has a designated data protection officer. This role supports the CCG to ensure that the organisation and staff meet their obligations to comply with the General Data Protection Regulations and other data protection laws. The CCG’s data protection officer is:

Pin Bhandal, assistant director of ICT and information governance
Contact: bexccg.dpo@nhs.net

 

20. Questions or concerns

The CCG aims to meet the highest standards when collecting and using personal information and complaints that the CCG’s collection or use of information is unfair, misleading or inappropriate will be taken very seriously.

Any concerns in this respect should be directed to the patient experience team by free phone on 0800 328 9712, or email bexccg.contactus@nhs.net. 

 

21. Information Commissioners Office (ICO)

The Information Commissioners Office (ICO) is a UK independent authority established to uphold information rights in the public interest promoting openness by public bodies and data privacy for individuals.

For independent advice about data protection, privacy, data sharing issues and your rights you can contact:

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Visit the ICO website

 

22. Personal data breaches

All organisations that process personal data have a duty to report certain types of personal data breach to the Information Commissioner's Office within 72 hours of an incident occurring.

A personal data breach that is likely to result in a high risk of adversely affecting individual’s rights and freedoms, for example resulting in discrimination, damage to reputation, financial loss, identity theft must be reported without delay.

Where a personal data breach occurs that results to the above, the CCG will inform those individuals concerned without undue delay.

 

23. Making health and social care information accessible in Bexley

All organisations that provide NHS services or adult social care must follow the Accessible Information Standard (AIS) by law. The AIS aims to make sure that disabled people have access to information they can understand and any communication support they might need. The standard tells organisations how to make information accessible to patients, service users and their carers and parents, including in different formats, such as large print, braille, easy read and by email. The AIS also enables organisations to support people’s communication needs, for example, by offering support from a British Sign Language (BSL) interpreter, deaf-blind manual interpreter or an advocate.  As part of the standard, organisations that provide NHS or social care must do five things:

  • Ask people if they have any information or communication needs, and find out how to meet their needs
  • Record those needs in a set way
  • Highlight a person’s file, so it is clear that they have information or communication needs, and clearly explain how these should be met
  • Share information about a person’s needs with other NHS and adult social care providers, when they have consent or permission to do so
  • Act to make sure that people get information in an accessible way and communication support if they need it.  

NHS Bexley CCG is committed to supporting local health and care organisations in meeting the AIS. The CCG is working with those departments that come into contact with direct patient care to meet the AIS.  More information on the AIS can be found on the NHS England website.

 

Changes to this privacy notice

NHS Bexley CCG regularly review its privacy notice. This privacy notice was lasted updated in May 2018.

 

24. Website technical details

 

Forms

We do use  electronic forms on the website making use of an available ‘forms module’ which has a number of built-in features to help ensure privacy. We  also aim to use secure forms where appropriate.

 

Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

We do not make use of cookies to collect any private or personally identifiable information.
The technical platform of this website, Sitekit CMS, does use cookies soley to aid the proper technical functioning of the website. The cookies used by Sitekit CMS contain random strings of characters alongside minimal information about the state and session of the website – which in no way collects or discloses any personal information about you as a visitor.

If you chose to, for any secure pages of this website, you can elect to save login information in a cookie to facilitate faster login to a private area of this site.  A notification is given before any such cookie is dropped, and the process is ultimately within your control. Even where this is used, the cookie still contains minimal authentication information, and does not contain any private or personal data. 

Advanced areas of this site may use cookies to store your presentation preferences in a purely technical fashion with no individually identifiable information. Note also our statement on analytics software below – as analytics software also uses cookies to function.

In compliance with EU legislation, the following table lists the use of cookies on this web site:

Cookie Name

Purpose

More information

useTextOnly

This is used to store whether you are in textOnly mode or not.

Persistent for three months.

N/A

setString

This is used to store user preferences for viewing sites in textOnly mode e.g. font-size and colour.

Persistent for one month.

N/A

SitekitLogin

This is used to store the username and password for ‘remember my login’ feature on extranets.

Persistent for one month.

N/A

SKSession

This cookie has two functions.

Firstly it serves as a session cookie for extranet users. Without this cookie, an extranet user will have to login to each individual page in the extranet.

It also enables us to track the pages that a user visits while they navigate around the site.

N/A

AcceptCookies

This is used to store whether you have agreed to receive cookies.

Persistent for one year.

N/A

Google Analytics

_utma
_utmb
_utmc
_utmz

These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

Click here for an overview of privacy at Google

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.

To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

 

Data retention policy

Our platform, Sitekit CMS, operates with a clear data-retention policy in order to comply with the Privacy Enhancing Technology guidance from the Information Commissioner. This means that data has predefined time limits for storage. For further informaiotn, please read the Sitekit data retention policy

 

Server statistics

Like almost all websites, we have access to server statistics which provide aggregate statistics on bandwidth and server load. This load data is used to manage bandwidth effectively and for billing purposes. It is important for us to collect and monitor this information because we pay for a server bandwidth allowance and are liable for the costs of increases beyond our allowance.

The server statistics are not designed to collect any individually identifiable information and the reports we receive are generally numerical and in graph format.

Alongside the server statistics, our Content Management System, Sitekit CMS, collects information on: popular search terms used on the website, which we have access to in order to arrange our pages better; visitor path information, which we have access to for future design considerations; and download popularity (numerical by month), which we use to organise the file libraries better.

 

Analytics

Like most websites, we make use of analytics software in order to help us understand the trends in popularity of our website and of different sections. We make no use of personally identifiable information in any of the statistical reports we use from this package.

We use an analytics package called Google Analytics who provide details of their privacy policy on the Google website.
 

 

Feedback