Data Protection Act 2018 Fair Processing Notices
These fair processing notices explain what information we collect about you, how we store this information, how long we retain it and with whom and for which legal purpose we may share it.
Fair Processing Notice for Service Users
Fair Processing Notice for Staff
The GDPR and Data Protection Act
This legislation will replace current data protection law, giving more rights to individuals and more obligations to organisations holding personal data.
The DPA 2018 sets standards which must be satisfied when obtaining, recording, using or disposing of personal data.
Personal Data must be:
- Processed fairly, lawfully and transparent. Data subjects must be fully informed of why your collecting their information, what you are going to do with it and who you may share it with.
- Processed only for specified purposes
- Adequate, relevant and not excessive in relation to the purpose for which it was processed
- Accurate and where necessary kept up to date.
- Kept for no longer than is necessary for the purpose it was processed.
- Processed in a manner that includes taking appropriate security measures as regards risks that arise from processing personal data.
Your Rights Under The General Data Protection Regulation:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- Rights in relation to automated decision making and profiling.
The leaflet below will explain your rights under GDPR. Please be mindful that not all rights apply within Health and Social Care.
Data Protection Impact Assessments
Under the General Data Protection Regulation (GDPR), the Trust must have a valid lawful basis in order to process personal and special category data. This document details the Trust's approach and which of the six basis we use in specific circumstances.
National Data Opt Out
The Trust is one of many organisations working in the health and care system to improve care for patients and the public. The information collected about you when you are using NHS services can be provided to other approved organisations, where there is a legal basis, to help with planning services, improving care provided, research into developing new treatments and preventing illness.
All of these help to provide better health care for you, your family and future generations. Confidential personal information about your health and care is only used in this way where allowed by law and would never be used for insurance or marketing purposes without your explicit consent.
You have a choice about whether you want your confidential patient information to be used in this way. You can find out more about the wider use of confidential personal information and to register your choice to opt out by visiting www.nhs.uk/your-nhs-data-matters
Information Sharing Agreements
You can contact the Information Governance team for more information:
Information Governance Team
Bath NHS House
Or via firstname.lastname@example.org