Safe and secure use of personal health information

Similar documents
How To Share Your Health Records With The National Health Service

Giving feedback or making a complaint. about the NHS. Giving feedback about the NHS. Making a complaint. about the NHS. How can I give my feedback?

NHS HDL (2006)41 abcdefghijklm. = eé~äíü=aéé~êíãéåí= = aáêéåíçê~íé=çñ=mêáã~êó=`~êé=~åç=`çããìåáíó=`~êé

WSIC Integrated Care Record FAQs

Information Governance Policy

The Care Record Guarantee Our Guarantee for NHS Care Records in England

Your Rights when you are at the Police Station Easy Read

Personal Data Handling and Sharing Policy

How to see your Health Records

Deputy Director, Mental Health and Protection of Rights Division, Scottish Government

Information Governance Policy

JOB TITLE: Data Quality/IT Manager

Information about hepatitis C for patients and carers

Your health, your rights Feedback and complaints: how to have a say about your care and have any concerns and complaints dealt with

Policy Document Control Page

Pandemic Influenza. NHS guidance on the current and future preparedness in support of an outbreak. October 2013 Gateway reference 00560

NHS number. Frequently Asked Questions For Patients

Appendix 3 INDIVIDUAL PATIENT DRUG TREATMENT. POLICY AND PROCESS FOR DECISION MAKING September 2007

The Care Record Guarantee Our Guarantee for NHS Care Records in England

HEALTH SYSTEM. Introduction. The. jurisdictions and we. Health Protection. Health Improvement. Health Services. Academic Public

De-identification of Data using Pseudonyms (Pseudonymisation) Policy

Clinical Solutions - A Case Study on the Future of Cancer

Direct Recruitment Privacy Policy

BEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE

Essentials of RESEARCH GOVERNANCE

Children and young people s nursing: a philosophy of care. Guidance for nursing staff

Data Protection Policy

ASPEN AUSTRALIA BRANCH PRIVACY POLICY

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework

The State Hospital s Board for Scotland

Interpreting and Translation in NHS Lothian Policy for Meeting the Needs of People with Limited English Proficiency

Complaining about Private Healthcare

The New Mental Health Act

High Oak Surgery Complaints Policy Document Description Lead Author(s) Change History Document complies with the Equality Act 2010

epcs Products Application Form

As Required by the Privacy Regulations Created as a Result of the Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Practice Briefing 1 The role of the Named Person

2. The background and details of the new arrangements are attached at Annex A.

HEALTH MONITORING UNDER THE HEALTH AND SAFETY AT WORK (GENERAL RISK AND WORKPLACE MANAGEMENT) REGULATIONS 2016

AASA Online Privacy Policy CRP.020

Informatics Policy. Information Governance. Network Account and Password Management Policy

TNS UK PRIVACY & COOKIE POLICY FOR SURVEYS ( Policy )

UK-Edinburgh: software development services 2009/S CONTRACT AWARD NOTICE. Services

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.

Privacy Policy Draft

CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH

NHS Commissioning Board: Information governance policy

Health Care Practitioners and The Education (Additional Support for Learning) (Scotland) Act 2004

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

EMERGENCY PREPAREDNESS POLICY

3. Consent for the Collection, Use or Disclosure of Personal Information

Information Governance Policy

PATIENT INFORMATION SHEET

JOB DESCRIPTION. Information Governance Manager

NOTICE OF PRIVACY PRACTICES Allergy Treatment Center of New Jersey, P.C. Effective Date: April 14, 2003

School Pupil Data Capture Form (Primary)

Handbook for the Management of Health Information in Private Medical Practice

(13) - CHILD HEALTH POLICY

Commissioning fact sheet for clinical commissioning groups

Information Governance Policy

The Sharing Intelligence for Health & Care Group Inaugural report

Personal Accident Claim Form

Cord blood donation is a painless and free gesture, helping others and saving lives.

Medical Surveillance Form - Licensed Work

Requesting amendments to health and social care records

Transcription:

Safe and secure use of personal health information

Who is this leaflet for? This leaflet is for anyone who uses any of the services provided by the NHS in Scotland. It has been produced by Health Protection Scotland and the Information Services Division of NHS National Services Scotland. What do we do? Deliver official health statistics and provides an expert public health protection service to the people of Scotland. Help a wide range of organisations working in health and care to perform more effectively through the provision of intelligence. Co-ordinate national health protection activity, provides specialist support for public health incidents and outbreaks. Act as a key adviser to Scottish Government and other public bodies. What is this leaflet about? This leaflet explains: what is personal health information; why personal health information is needed, collected and held; what this information is used for, who it is shared with and why; what your rights are. 1

What is personal health information? It is information that identifies you. It includes things like: your name, address, date of birth and postcode; information about any care and treatment you have received and results of tests you have had; information about your health and lifestyle. This information is kept securely by NHS staff in health records. These health records can be written on paper or held on a computer. Why does the NHS need to collect and hold personal health information? NHS staff collect information about patients in order to understand the health of Scottish people so that best quality health and care services can be provided. How does collecting this information help NHS Scotland? Having this information means that the NHS can: look at how safe and effective a treatment is; check that the NHS is providing a good service and spending public money properly; plan how many beds, clinics and staff are needed; monitor particular illnesses or diseases; carry out public health or clinical research. 2

What organisations are involved in providing NHSScotland with information? In Scotland some of the information collected when providing treatment and care (including personal health information) is brought together and managed for the NHS by the Information Services Division. They are part of NHS National Services Scotland and work with staff in organisations such as NHS Boards, GPs, hospitals, local authorities and voluntary groups to do this. Health Protection Scotland collects and analyses information about infectious disease and environmental hazards to health. This information is used to investigate outbreaks of illness, to monitor the effectiveness of health interventions such as vaccination programmes, and to identify new infectious or environmental threats to the health of the population. 3

How do we keep information secure? We have systems and controls in place to ensure that information is managed, stored and used securely. All of our staff have a legal and contractual duty to keep personal information secure and confidential. We employ an individual known as a Caldicott Guardian whose job is to make sure that information is handled properly. Access to personal health information can only be given with special authorisation, and use of that information is closely monitored. There are strict rules that govern how information should be managed eg to make sure names, addresses and any other information that might identify an individual are removed wherever possible. The next section explains circumstances when we have to use personal health information. 4

When we have to use personal health information There are times when we have to use information that could identify an individual. Here are some examples. Reviewing samples of health records to make sure the information held is accurate. Linking information together so that the outcomes of a particular illness or disease can be monitored. Providing information to an NHS Board about their patients or residents who have had treatment in other locations. Monitoring health hazards for the people of Scotland by gathering surveillance information provided by laboratories, hospitals, GPs, NHS Boards and Local Authorities. Managing exposure to health hazards and large outbreaks of infectious illness that may affect many people across Scotland, such as large flu outbreaks. When another organisation requests information, it will only be released after removing as much information that could identify you as possible. We only release information that could identify you directly when required or permitted by law or when it can be shown that you gave your permission, for example, where you have signed a consent form to allow its use for clinical trials. 5

We take advice on sharing information from the Public Benefit and Privacy Panel for Health and Social Care which includes patients and doctors. This group help to make sure we protect personal information and meet our legal obligations of data protection and confidentiality. What are your rights? The Data Protection Act 1998 governs the use of personal information. The Data Protection Act 1998 gives you the right: to know how we use your personal health information; to object to our use of information; to access any personal information that we may hold on you. If you wish to see or obtain a copy of your personal information, you can contact our team. If you think any of the information held is inaccurate, incomplete or out of date, you can ask to have this information amended. Our organisation is the legal data controller of the personal health information we hold. NHS National Services Scotland has notified the Office of the Information Commissioner of its use of personal information. A copy of the notification is available on-line at the Information Commissioner s website at: www.ico.org.uk. 6

For more information The people responsible for overseeing our use of personal information are the Caldicott Guardian and the Information Governance team. Gyle Square 1 South Gyle Crescent Edinburgh EH12 9EB Email: nss.isdinfogovernance@nhs.net Switchboard: 0131 275 6000 Further information is available at: www.isdscotland.org www.hps.scot.nhs.uk Translation If you would like this leaflet in a different language, large print or Braille (English only), or would like information on how it can be translated into your community language, please phone 0131 275 6665. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information