1. Introduction
1.1. This Privacy Notice applies to personal information processed by or on behalf of Leicester University Hospitals NHS Trust (“the Trust”). It explains:
2) Who we are and contact details for our Data Protection Officer (DPO)
3) What kinds of personal information about you we collect and process, how we process it, and what the legal grounds for processing are
4) How we keep the information safe and how long we keep it for
5) What your rights are under Data Protection law
6) What you should do if your information changes
7) Who you can speak to for further information or to make a complaint
1.2 Version Control: This is Version 1.3, Revised May 2024
2. Who we are and who our data protection officer (DPO) is
2.1. University Hospitals of Leicester NHS Trust is a registered Data Controller and Data Processor and it’s Information Commissioner Office (ICO) registration number is Z7882087. We collect and process personal information about you to allow us to provide and plan medical treatment for you and to analyse and improve our services on a local, regional and national level.
2.2. We will continually review and update this Privacy Notice to reflect changes in our services and feedback from service users, as well as to comply with changes in the law. When such changes occur, we will revise the ‘last updated’ date as documented in the Version Control section of thisNotice (1.2).
2.3. The DPO for University Hospitals of Leicester Trust is Head of Privacy, Mr Saiful Choudhury. He can be contacted via email at [email protected].
3. Personal information we collect about you and the legal grounds for processing
3.1 Types of date we use
Personal data means any information relating to an identified or identifiable natural, living person. An identifiable person may be someone who can be identified directly or indirectly (when several different pieces of information can be used together to identify an individual.)
Sensitive Personal Data relates to information concerning a data subject’s racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life or details of criminal offences.
Pseudonymised data takes the most identifying fields within a database and replaces them with artificial identifiers or pseudonyms. For example, a name is replaced with a unique number.
Pseudonymised data is not the same as anonymised data. When data has been pseudonymised it still retains a level of details in the replaced data that should allow tracking back of the data to its original state.
Anonymisation is the process of turning data into a form which does not identify individuals and where identification is not likely to take place. This allows for a much wider use of the information as it changes it from personal data to statistical data. Where possible, University Hospitals of Leicester NHS Trust uses and shares anonymised data instead of identifiable data to protect the confidentiality of the subjects involved while still being able to plan services.
3.2. Personal details including your name, date of birth, contact details, phone number, next of kin details are collected and processed by the Trust in accordance with Article 6(1)(e) of GDPR: 1)(e) ‘…for the performance of a task carried out in the public interest or in the exercise of official authority…’
3.3. Sensitive personal data including information regarding your health, treatments we (or other organisations) have given you or plan to give you are collected and processed by the Trust in accordance with 9(2)(h) of the GDPR: ‘…medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems…’
3.4. How We Use Your Personal Information
3.4.1. Direct Care
Direct Care refers to when we use your personal confidential and sensitive data to identify you and to keep an accurate record of your clinic visits and treatment, so that we know what treatments we and others have given you or plan to give you, for example if you are referred to a specialist or another part of the NHS.
We may not be able to provide you with the best or most appropriate service unless we have enough information about you.
3.4.2. Administrative Purposes
We use your contact and address details in order to contact you regarding appointments and to send letters regarding treatments that we have given or plan to give to you.
We use your contact details including your personal phone number to ask for and receive valuable feedback regarding your experience with our services. You can opt out of this feedback service should you wish to do so (see how to opt out at paragraph 5.5 of this Notice)
3.4.3. Training, Service Improvement and Analysis
We sometimes use patient data to train our staff. You will be approached for your consent if we would like to use your information in this way, if characteristics identifying who you are cannot be removed from the training materials.
We gather information about your treatment in order to produce statistics about how our Trust is working and compare these statistics to regional and national NHS targets. This allows us to thoroughly analyse our performance, plan our services and to be paid for the work that we do. Where possible, all information identifying individual patients is removed from statistical data before it is analysed or shared.
We are required by law and contract under the Health and Social Care Act to provide NHS Digital (our national governing body) with information when instructed. Where possible, all information identifying individual patients is removed from the information we share in this way.
Commissioning groups may receive personal data where confidentiality is set aside by provisions under the Control of Patient Information Regulations 2002, commonly known a ‘section 251 support’. This is in addition to following the provisions set out in the GDPR and UK Data Protection Act.
3.4.4. Research and Audit
Researching new and innovative treatments is an essential part of the Trust’s strategy and is of national importance.
In order for your personal information to be used for medical research or clinical audit, the study or audit is assessed by us and, in the case of Research, approved by a Confidentiality Advisory Group, before any information is gathered. Most of the research studies conducted at the Trust will require you to give us your consent before you can be a participant. Some studies may not require information that identifies individual patients at all.
Further information on the use of personal data for research can be found on the Research pages of this website.
3.4.5. Digital Recordings
The Trust reserves the right to have Closed Circuit Television (CCTV) systems across all sites that are used by members of the public, and some security staff use Body Worn Cameras (BWC) in the course of their duties, for the purposes of public health and safety and crime prevention and detection. CCTV cameras are also installed on the outside of some of the Trust’s buildings.
The cameras are only used by trained Security operatives. Digital recordings are kept as standard for 30 days unless an incident is captured that may require the footage to be stored for longer, for example, where a crime or security incident is being investigated. The Trust may share digital recordings with relevant agencies such as the Police, in accordance with the codes of practice and safeguards issued by the Information Commissioner’s Office (ICO).
3.4.6. Information Sharing
Information sharing can help to improve the quality of care and treatment, but it must be governed by the legal and ethical framework that protects the interests of service users.
We share your information when we are lawfully obliged to do so, for example when we have a contract or duty to share information in order to provide a service to our patients. We share health data with other NHS Trusts, GP surgeries and private health providers so that we can provide ‘joined up care’ should you need treatment by one or more of these services. We also have a responsibility as a public authority to share information to other agencies such as Social Services, local councils, courts of law, national registries or the Police. This work is completed in accordance with Data Protection law, alongside the common law Duty of Confidence and where possible will either have had any information that identifies you removed, or be shared with your implied or explicit consent.
The Trust co-ordinates the sharing of information with other organisations through the use of official Information Sharing Agreements to ensure that data is handled in accordance with the framework. This framework ensures that the responsibilities of the owner of the data (Controller) and the party processing the data (Processor) are set out, what will happen in the event of a confidentiality breach and who takes responsibility for this.
We use external companies to process personal information for purposes such as archiving or secure destruction of data. These organisations are bound by contractual agreement and the contracts are reviewed regularly.
The Trust will never and has never sold patient data for financial or material gain.
We have a responsibility to safeguard our employees and patients, and on occasion it may be necessary to share your personal confidential data in order to do this, without consent, to protect you or others. Such sharing of information is assessed on a case by case basis and all transfers are encrypted and protected.
3.4.7. Transfers Outside the European Economic Area (EEA)
Some patient data is shared with a health provider in the United States as part of the services offered by Leicester Fertility Centre. The Fertility Centre has it’s own policies on this as part of the private healthcare services it offers. If you are not a patient of the Fertility Centre your data will not be shared in this manner. Leicester’s Fertility Centre’s website is: https://www.leicesterfertilitycentre.org.uk/
4. How we keep your information safe and how long we keep it for
4.1. We keep your information on a strict need to know basis, protecting it with a variety of physical, electronic and organisational measures. Physical measures we use include locks on doors and filing cabinets. Electronic protection includes passwords/passphrases, encrypting files and emails. Organisational measures we use are where only certain members of staff who need access to your information because of their job role are able to see or use it.
4.2. In addition to the provisions set out in data protection law, everyone working for the NHS is subject to the Common Law Duty of Confidence. Staff are required to protect your information under the NHS Confidentiality Code of Conduct as set out in their employment contracts. Staff are contracted to complete mandatory data protection training every year.
4.3. We keep your personal confidential data in identifiable format (where you can tell who a person is) as long as our purpose justifies us doing so. This is called the Retention Period. We follow the Records Management Code of Practice (2021) as a guide to help us work out retention periods for each type of data we use. Once the retention period is up, we review the data that we hold and either justify storing it for longer, delete the data or change it to an anonymized form (make it so that you can’t tell who each person is).
4.4. We use external companies to process personal information for purposes such as archiving or secure destruction of data. These organisations are bound by contractual agreement to use and store patient data under the same high standards we do and the contracts are reviewed regularly.
5. Your rights under data protection law
5.1. Right to be Forgotten
Under the UK Data Protection Act 2018, you have the right to have an organisation erase the data they hold about you, unless that organisation is a public authority entrusted with processing personal confidential data in the public interest. The Trust processes personal confidential data in order to provide healthcare, which is in the public interest. Because of this, we cannot entirely erase data we hold about our patients as then we would not be able to treat them or effectively manage our healthcare system.
5.2. Right to Rectification
You have a right to request that we change or correct the data we hold about you. Within a medical record, only requests that change or remove entirely incorrect data are likely to be upheld, and it is far more likely that we would simply update the medical record to reflect ‘new’ information in addition to what is already there. If the information is factually accurate, it is unlikely that the Trust will remove it, but can instead add explanatory notes to keep the record true and accurate.
Each request will be decided on it’s own merits.
5.3. Right to Portability
This means that you have the right to access your personal confidential data that the Trust holds and give it to any other Trust, or service provider, should you wish to do so. This right only applies to data that is about you, not about any other person or Trust staff member.
5.4. Right of Access
You have a right to access the information that we hold about you. The most effective way to make a request for a copy of your personal medical record is to contact the Access to Health Records team, based at Leicester Royal Infirmary, at [email protected]. You do not have to fill in an official form to access a copy of your records, but it will assist the team greatly if you do so.
For more information about how to obtain a copy of your medical records, including if you are requesting from outside the European Economic Area visit: https://www.uhleicester.nhs.uk/patients-visitors/commitment/health-records/
For a copy of any information you believe the Trust holds about you that is not a medical record, contact the Privacy Unit at [email protected] to discuss your request with the team.
5.5. Right to Restrict Processing (Opt Out)
You are within your rights under data protection law to say that you do not want us to process your personal confidential data for research, audit, training staff or any other purpose than your direct care. You are unable to opt out of having your information shared for safeguarding purposes or in the public interest as we have a legal obligation to do this in certain circumstances. Further information regarding opting out can be found here:
https://digital.nhs.uk/services/national-data-opt-out
5.6. Freedom of Information (FOI) Act 2000
Any person can request corporate information from University Hospitals of Leicester NHS Trust under the Freedom of Information Act. This Act only refers to corporate information (such as finances, personnel, procedures etc.) and not to personal information (that identifies or is about an individual). For further information, visit our Freedom of Information webpages.
6. Artificial intelligence for radiology diagnostic support
AI-driven technology is used to assist healthcare professionals in interpreting some radiological images. AI systems can help to identify potential anomalies, highlight areas of concern, and support the diagnostic process by providing automated suggestions based on patterns in the images. Healthcare professionals are then able to use this to inform their interpretation. Final clinical decisions remain the responsibility of the healthcare professional.
The data processed by AI technologies are pseudonymised radiological images, including x-rays, CT and MRI scans, and associated metadata. Special Categories of Personal Data, including health data and racial or ethnic origin, may be processed to monitor the performance of the AI technology.
To enable the use of AI technology, we may transfer radiological images and associated metadata to third-party AI vendors for processing. These vendors are located both within and outside of the UK. International transfers are carried out in compliance with UK data protection laws. We ensure that these vendors take appropriate measures to safeguard the confidentiality and security of your data, including the use of encryption, secure transfer protocols, and data protection agreements. Data transferred to AI vendors is pseudoanonymised to minimise any risk to your privacy.
In some cases radiological images and associated metadata may be used to train, evaluate, monitor and improve the AI algorithms, ensuring better performance over time. Data used for this purpose is always pseudonymised.
We will retain your health data, including radiological images, only for as long as necessary to fulfil the purposes for which it was collected, in accordance with medical and legal requirements. Once the retention period has expired, we will securely delete or anonymise the data to prevent further use.
7. What you should do if your information changes
If you are visiting a clinic at the Trust, or having an online or telephone appointment, you will be asked to confirm your contact and address details when you attend clinic or answer the call. It is important that the Trust has up to date information for you, so should these details change, please inform the clinic’s desk clerk, the secretarial staff or the person who is calling you at your appointments.
If your details change and you are expecting to be contacted by the Trust, let the secretarial staff working on the department know to change your details on the central system.
8. Who you can speak to for further information
a. How We Use Your Data
Should you have any concerns about how your information is to be used having read this Privacy Notice, you wish to request the notice in another accessible format or language, or if you do not wish your information to be shared by University Hospitals of Leicester NHS Trust, you can contact the Trust’s Data Protection Officer, the Head of Privacy at [email protected].
b. Complaints
Although we work hard to offer high standards of service and care, things can sometimes go wrong. Should this happen, we will do all that we can to put things right for you and to make sure that the same thing does not happen again. If you would like to know more information on complaints or wish to make a complaint, visit our Patient Advice and Liaison Service webpage.
9. The federated data platform
The NHS uses data every day to manage patient care and plan services. Historically, it’s been held in different systems that don’t always speak to each other, creating burden for staff and delays to patient care. The Federated Data Platform is a solution to that problem. The FDP brings data together from existing IT systems to enable staff in an NHS organisation to access the information that their own IT systems already hold in a single, safe and secure place.
For more information on the FDP visit the NHS England website.
Referral To Treatment (RTT) within FDP
Product Description
NHS Trusts use this Product to support and improve their waiting list times for planned treatment and to provide you with the best care within the most appropriate timeframe.
The Product enables care teams in a hospital to identify the actions they can take to improve and speed up your care pathway. Only members of your care team will have access to your personal information in the Product to provide you with care.
What are the purposes for processing my personal data in this product?
This Product processes personal information (called ‘personal data’ under data protection laws) about patients who require who require planned treatment in a hospital. This includes information about your health, medical condition and treatment. The Product enables your care team in the hospital to more effectively coordinate your treatment and care.
The use of the Product by NHS Trusts will improve the delivery of planned treatment through better use of the information that the hospital holds. This will include bringing together all required information into one place.
The Product enables your care team to identify the actions they can take to improve and speed up your care pathway. Hospitals will use this Product to provide you with the best care within the most appropriate timeframe. This will also help hospitals to improve their waiting lists times for planned treatment for all patients, following the increase in waiting times caused by the COVID-19 pandemic.
What personal data about me is processed in this product?
Personal data which directly identifies you (we call this directly identifiable data) will be processed by NHS Trusts about patients who are on a waiting list for planned treatment, for the purposes above. Data that is processed by hospitals that use this Product may include your:
- name
- address
- telephone number (mobile and home)
- email address
- date of birth
- sex
- NHS number or hospital record number
- health information, including information about your medical condition, symptoms, diagnosis and treatment
- race or ethnicity
Personal data about members of staff involved in the delivery of care may also be processed when using this Product, including the names of staff involved in providing care, their email address, their role/profession and planned absence information, so that your outpatient care and treatment can be scheduled.
Who is my personal data shared with?
Your personal data is accessed and used by health care professionals in the hospital who are providing you with individual care and treatment, and support staff who need to support health care professionals to administer your care journey.
Your personal data will not be shared with any other organisations as part of this Product. The Product will enable the NHS Trust to share anonymous aggregated data with other organisations. This is statistical counts of data that don’t identify you. It is therefore not personal data. Anonymous aggregated data will be shared through a dashboard in the Product and reports to the local Integrated Care Board in your local area and NHS England to help plan and improve services.
UK GDPR Information
Controllers of your personal data
Under data protection law the NHS Trusts using the Product are the legal controllers of your personal data under data protection laws. The specific NHS Trusts using the Product are listed on the Product Description page of the NHS England website.
Legal grounds for processing your personal data
The processing of personal data by NHS Trusts for the purposes explained above is permitted under the following legal grounds under data protection law (this is UK GDPR and the Data Protection Act 2018 (DPA2018)):
- Public Task – Article 6(1)(e) of UK GDPR ‘necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’.
- Health Care – Article 9(2)(h) of UK GDPR ‘necessary for the purposes of preventative or occupational medicine for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services…” In addition, the legal grounds under paragraph 2 of Part 1 of the DPA 2018 apply (health care purposes).
The personal data processed about patients by the NHS Trust for the purposes above is also confidential data. As the NHS Trust is processing your confidential data to provide you with individual care, it is relying on your implied consent to do this, as you would reasonably expect the hospital to process your personal information this way to provide you with care. The NHS Trust will keep your personal data confidential and only use and share it with other members of the care team to provide you with care, where you would reasonably expect them to, and subject to strict confidentiality controls to ensure your information remains confidential.
Processor acting on behalf of NHS Trusts
The data platform contractor, Palantir Technologies UK LTD is a processor acting on behalf of the NHS Trusts who are using this Product. They provide the data platform and the technology that the Product uses and only act on the instructions of the NHS Trust.
Your rights under UK GDPR
You have the following rights under UK GDPR in relation to the processing of your personal data by the NHS Trust for the purposes above:
- Right to be informed
- Right of access
- Right to rectify
- Right to object
Further information about these rights is in the NHS Federated Data Platform Privacy Notice. Your NHS Trust will also have a Privacy Notice on its own website which will explain more about how the Trust processes your personal data, your rights and how to exercise them.
Contact details for data protection officers in the NHS Trusts using this Product are here.
Does the National Data Opt Out or any other opt out apply to this Product?
The National Data Opt Out and Type 1 Opt Outs do not apply to the processing of your personal data by the NHS Trust for the purposes explained above. This is because the NHS Trust is processing your personal data to provide you with individual care and treatment and these opt-outs don’t apply in these circumstances.
More information
For more information about how personal data is processed within the Federated Data Platform please see the NHS Federated Data Platform Privacy Notice here.
10. Wayfinder
Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS England. NHS England is the controller for any personal information you provided to NHS England to get an NHS login account and verify your identity and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS England (as the “controller”) when verifying your identity. To see NHS login’s Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.
11. Information Commissioner’s Office
University Hospitals of Leicester NHS Trust makes every effort to ensure that your data is used in an appropriate manner. However, if you feel you would like to take matters further, you may contact the Information Commissioner’s Office (ICO).
The Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone number 0845 306 060 or 01625 545 745
Website: https://ico.org.uk/