Tier One - Overview of information held and shared
Information that the Trust holds about patients include:
- Identity details - name, date of birth, NHS Number
- Contact details - address, telephone, email address
- 'Next of kin' - the contact details of a close relative or friend
- Details of any A&E visits, in-patient stays or clinic appointments
- Results of any scans, X-rays and pathology tests
- Details of any diagnosis and treatment given
- Information about any allergies and health conditions
- Information about any DNAR decisions, living wills etc.
Dorset County Hospital NHS Foundation Trust works with a number of NHS organisations and independent treatment centres in order to provide the best possible care. Your information may therefore be securely shared to provide continuity of care.
Sharing your information
We know that good communication with other healthcare professionals involved in your care is beneficial to you, and so we work closely with many organisations in order to provide you with the best possible care. This means that if another healthcare professional or service is involved in your care, it might be appropriate to share information with them in order that you can receive the required care.
Your information will be shared between those involved in providing care to you. This includes doctors, nurses and allied health professionals, but may also include administrative staff who deal with booking appointments or typing clinic letters.
Access to information is strictly controlled and restricted to those who need it in order to do their jobs. All Trust staff receive annual training on confidentiality and data security and also have strict contractual clauses within their employment contracts which oblige them to respect data protection and confidentiality.
The Trust shares and obtains patient information with a range of organisations or individuals for a variety of lawful purposes, including:
- Disclosure to GPs and other NHS staff for the purposes of providing direct care and treatment to the patient, including administration;
- Disclosure to social workers or to other non-NHS staff involved in providing health and social care;
- Disclosure to specialist employees or organisations for the purposes of clinical auditing;
- Disclosure to those with parental responsibility for patients, including guardians;
- Disclosure to carers without parental responsibility;
- Disclosure to medical researchers for research purposes (subject to explicit consent, unless the data is anonymous);
- Disclosure to NHS managers and the Department of Health for the purposes of planning, commissioning, managing and auditing healthcare services;
- Disclosure to bodies with statutory investigative powers - e.g. the Care Quality Commission, the GMC, the Audit Commission, the Health Service Ombudsman;
- Disclosure to national generic registries - e.g. the UK Association of Cancer Registries;
- Disclosure to solicitors, to the police, to the Courts (including a Coroner's Court), and to tribunals and enquiries;
Confidential patient-identifiable information is only shared with other organisations where there is a legal basis for it, such as:
- When there is a Court Order or a statutory duty to share patient data;
- When there is a statutory power to share patient data;
- When the patient has given his/her explicit consent to the sharing;
- When the patient has implicitly consented to the sharing for direct care purposes;
- When the sharing of patient data without consent has been authorised by the Confidentiality Advisory Group of the Health Research Authority (HRA CAG) under Section 251 of the NHS Act 2006
Patient information may be shared, for the purposes of providing direct patient care, with other NHS provider organisations, such as NHS Acute Trusts (hospitals), NHS Community Health (primary care), NHS general practitioners (GPs), NHS ambulance services etc. To maintain patient safety, this data will always be identifiable. For the purposes of commissioning and managing healthcare, patient information may also be shared with other types of NHS organisations, such as the local Clinical Commissioning Group (CCG), and NHS England. In such cases, the shared data is made anonymous, wherever possible, by removing all patient-identifying details, unless the law requires the patient's identity to be included.
For the benefit of the patient, the Trust may also need to share patient health information with non-NHS organisations which are also providing care to the patient. The Trust will not disclose confidential health information to third parties without the patient's explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk or where the law requires disclosure. These non-NHS organisations may include, but are not restricted to: social services, education services, local authorities, the police, voluntary sector providers, and private sector providers.
Where patient information is shared with other non-NHS organisations, or for reasons other than direct patient care, it is good practice for an information sharing agreement to be drawn up to ensure that information is shared in a way that complies with all relevant legislation.
Patients are not legally or contractually obliged to share information with their healthcare provider however, your care will be affected if your clinicians do not have the relevant information that they need to diagnose and treat you.