Personal Data we hold about you

Your information is held by the Trust so we can ensure we give you the correct care and treatment.

There are many definitions of personal data, please see below which may be of use to you.

Personal Data

This refers to any information relating to an identified living individual.

Directly or indirectly, in particular, by reference to an identifier such as a name
An identification number
Location data
An online identifier e.g. including IP address and internet cookies
One or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person

Special Categories

This is defined in the Data Protection Act as information about an identifiable factor.

Racial and ethnic origin
Political opinions
Religious or philosophical beliefs
Trade Union Membership
The processing of genetic data
Biometric data for uniquely identifying an individual
Data concerning health
Data concerning an individual’s sex life or sexual orientation

Processing Personal Data

This means any operation or set of operations which are undertaken on personal data, whether by automated means or not.

Collection, recording, organisation, structuring 0r storage
Retrieval, consultation or use
adaptation or alteration
disclosure by transmission, dissemination or making available
alignment or combination
restriction, erasure or destruction

Personal Confidential Data

This is personal information about identified or identifiable individuals which is also confidential. ‘Personal’ includes the Data Protection Act definition of personal data, but is also includes the deceased as well as the living. ‘Confidential’ includes both information ‘given in confidence’ and ‘that which is owed a duty of confidence’ e.g. health records. It is adapted to include ‘special categories’ data as defined in the Data Protection Act.

Pseudonymised Information

This means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific individual without the use of additional information, provided that information is kept separately.

Anonymised Information – this is data that has been changed into a form which does not identify individuals or where there is little risk of identification.

Aggregated Information

This is anonymised data that is grouped together so that it does not identify any individuals

Retention Schedules

The Trust ensures that information is not kept for any longer than is necessary in line with the Data Protection Act 2018 – incorporating GDPR. The Trust abides by the NHS Retention Schedules which can be found here.