This is a Privacy Notice – also known as a Fair Processing Notice.
This notice describes how Local Care Direct uses and manages the information it holds about patients, including how the information may be shared with other NHS organisations and non-NHS organisations, and how the confidentiality of patient information is maintained.
Personal data is information that relates to a living individual who can be identified from that data.
Local Care Direct only holds patient’s personal data for the purpose of providing them with appropriate care and treatment. This helps to ensure patients receive the best possible care from Local Care Direct.
It helps patients because:
- accurate, up-to-date information is needed to provide the right care;
- full details of the patient’s healthcare can be shared if they need to see another doctor or are referred to a specialist or to another part of the NHS; and
- it helps Local Care Direct to
- plan, manage and audit the health services it provides;
- prepare information on its performance; and
- teach and train healthcare
Local Care Direct is registered with the Information Commissioner’s Office as a Data Controller reference Z1102561, as required by the Data Protection Act 1998.
Jean Hardman is Local Care Direct’s Data Protection Officer, and you can contact her in writing via
- post to Local Care Direct, Unit 14 Long Bow Close, Bradley, Huddersfield, HD2 1GQ
- email: jean.hardman@lcdwestyorks.nhs.uk
- telephone: 01484 443958
Patients can access their personal information held by Local Care Direct. They can view the information in person or be provided with a copy.
A patient who wishes to access their health records should call the Quality Department on 0113 2206596 for help and information.
Examples of patient records held by Local Care Direct
As an urgent care provider that operates out-of-hours, Local Care Direct makes and receives calls from patients, especially those who have used NHS 111. The calls that come through our Contact Centre are recorded for the reasons listed above.
How patient records are kept confidential
Everyone working for the NHS is subject to the Common Law Duty of Confidence.
Information provided in confidence will only be used for the purposes advised and consented to by the patient, except in circumstances where the law requires or allows LCD to act otherwise.
Under the Confidentiality Code of Conduct, all Local Care Direct staff are required to protect patient information, to keep patients informed of how their information will be used, and to allow patients to decide how their information can be shared.
This will be noted in patients’ records.
How patient records are shared
Local Care Direct shares patient information with a range of organisations or individuals for a variety of lawful purposes, including:
- Disclosure to GPs and other NHS staff for the purposes of providing direct care and treatment to the patient, including administration;
- Disclosure to social workers or to other non-NHS staff involved in providing healthcare;
- Disclosure to those with parental responsibility for patients, including guardians;
- Disclosure to carers without parental responsibility (subject to explicit consent);
- Disclosure to bodies with statutory investigative powers – g. the Care Quality Commission, the GMC, the Audit Commission, the Health Service Ombudsman;
- Disclosure, where necessary and appropriate, to non-statutory investigations – g. Members of Parliament;
- Disclosure to solicitors, to the police, to the Courts (including a Coroner’s Court), and to tribunals and enquiries.
Confidential patient-identifiable information is only shared with other organisations where there is a legal basis for it as follows:
- When there is a Court Order or a statutory duty to share patient data;
- When there is a statutory power to share patient data;
- When the patient has given his/her explicit consent to the sharing;
- When the patient has implicitly consented to the sharing for direct care purposes;
- When the sharing of patient data without consent has been authorised by the Confidentiality Advisory Group of the Health Research Authority (HRA CAG) under Section 251 of the NHS Act
Patient information may be shared, for the purposes of providing direct patient care, with other NHS ‘provider’ organisations, such as NHS Acute Trusts (hospitals), NHS Community Health (primary care), NHS general practitioners (GPs), NHS ambulance services etc.
In such cases, the shared data must always identify the patient for safety reasons.
For the purposes of commissioning and managing healthcare, patient information may also be shared with other types of NHS organisations, such as the local Clinical Commissioning Group (CCG), and the Health & Social Care Information Centre (part of NHS England).
In such cases, the shared data is made anonymous, wherever possible, by removing all patient- identifying details, unless the law requires the patient’s identity to be included.
Refusing or withdrawing consent
If a patient wishes to withdraw consent and would like their records that we hold to be destroyed, a request can be made to our Data Protection Officer. The possible consequences of withdrawing consent should be fully explained to the patient at the time of withdrawal.
In those instances where the legal basis for sharing confidential personal information relies on the patient’s explicit or implied consent, then the patient has the right at any time to refuse their consent to the information sharing or to withdraw their consent previously given.
In instances where the legal basis for sharing information without consent relies on HRA CAG authorisation under Section 251 of the NHS Act 2006, then the patient has the right to register their objection to the disclosure, and the CCG via Local Care Direct is obliged to respect that objection.
In instances where the legal basis for sharing information relies on a statutory duty/power, then the patient cannot refuse or withdraw consent for the disclosure.
How long health records are retained
All patient records are destroyed in accordance with the NHS Retention Schedule, which sets out the appropriate length of time each type of NHS records is retained. Local Care Direct does not keep patient records for longer than necessary.
All records are destroyed confidentially once their retention period has been met, and Local Care Direct has made the decision that the records are no longer required.
Raising a concern
Patients who have a concern about any aspect of their care or treatment by Local Care Direct, or about the way their records have been managed, should contact the Quality Team at 0113 2206596 or via email at info@lcdwestyorks.nhs.uk
Additionally, patients have the right to complain to the Information Commissioner if they should ever be dissatisfied with the way Local Care Direct has handled or shared their personal information:
The Information Commissioner’s Office (ICO) Wycliffe House
Water Lane Wilmslow Cheshire SK9 5AF
Tel: 0303 123 1113 or 01625 545745