How your information is used - fair processing notice (FPN)
The purpose of this notice is to inform you of the type of information (including personal information) that our clinical commissioning group (CCG) holds, how that information is used, who we may share that information with, and how we keep it secure and confidential.
What we do
Our CCG is a membership organisation comprising of 27 GP practices within the CCG’s geographical boundaries and is responsible for planning, buying and monitoring (also known as commissioning) health services from healthcare providers such as hospitals and GP practices for our local population to ensure the highest quality of healthcare. We also have a performance monitoring role of these services, which includes responding to any concerns from our patients on services offered.
How we use your information
- CCG’s are classed as a Data controller. Data controllers are any organisation responsible for providing access to, or using, identifiable information.
Our CCG holds some information about you and this document outlines how that information is used, who we may share that information with, how we keep it secure (confidential) and what your rights are in relation to this.
Records are retained in accordance with the retention and disposal schedule in the Records Management Code of Practice for Health and Social Care 2016. Further information is available here.
Destruction of personal confidential information
It is the responsibility of all staff to ensure information they are handling is destroyed effectively and securely in line with current data protection law as well as in compliance with the British Security Industry Association code (BS15713) for the secure destruction of confidential waste best practice guidelines.
All paper records that have reached the end of their life cycle (see Records Management and Information Lifecycle Policy) should be destroyed using one of the following methods:-
- internal shredding: cross cut shredder compliant with the requirements of BS EN 15713:2009 recommended for the destruction of sensitive information using cross-cut technology.
- external confidential waste disposal company compliant with the British Security Industry Association code (BS15713).
What kind of information we use
We use three types of information/data:
Anonymised data, which is data about you but from which you cannot be personally identified. Anonymised data is any personal data which has been processed so that all identifiers (such as name or NHS number) are removed minimising the likelihood that the data will identify individuals.
Pseudonymised data is any personal data which has been processed so that all identifiers such as name, address, date of birth and NHS number is removed and replaced with a code which makes it anonymous to the CCG, but would allow others such as those responsible for providing care to identify an individual.
Personal data, is data which relates to a living individual who:
- can be identified either from that data; or
- from that data in conjunction with other information that is in, could be in the possession of the data controller (for the purposes of this Fair Processing Notice, this would be the CCG)
Sensitive personal data is personal data which also contains one or more of the following:
- the racial or ethnic origin of the data subject,
- the data subject's political opinions,
- the data subject's religious beliefs or other beliefs of a similar nature,
- whether the data subject is a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992),
- the data subject's physical or mental health or condition,
- the data subject's sexual life,
- the commission or alleged commission by the data subject of any offence, or
- any proceedings for any offence committed or alleged to have been committed by the data subject, the disposal of such proceedings or the sentence of any court in such proceedings.
What do we use anonymised data for?
We use anonymised data to plan health care services. Specifically we use it to:
- check the quality and efficiency of the health services we commission
- prepare performance reports on the services we commission.
- work out what illnesses people will have in the future, so we can plan and prioritise services and ensure these meet the needs of patients in the future
- review the care being provided to make sure it is of the highest standard
What do we use your sensitive and personal information for?
There are some limited exceptions where we may collect, hold and use sensitive personal information about you. For example the CCG has been required by law to perform certain services that involve the processing of sensitive personal information
The areas where we regularly use sensitive personal information (details such as your name, address, date of birth and NHS Number along with information relating to your health) include:
- a process where you or your GP can request special treatments that is not routinely funded by the NHS, which are known as Individual Funding Requests
- assessments for continuing healthcare and appeals
- responding to your queries, compliments or concerns
- assessment and evaluation of safeguarding concerns
- where there is a Section 251 exemption permitting the use of sensitive personal information under specific conditions, for example to:
- understand the local population needs and plan for future requirements, which is known as “Risk Stratification for commissioning". Information from health and social care records is looked at anonymously by the CCG, alongside that of others, to identify groups of patients who would benefit from some additional help from their GP or care team. The aim is to prevent ill health and possible future hospital stays, rather than wait for you to become sick. Only the GP/care team is able to see who actually requires additional help and all processing of information is carried out under strict rules to make sure this is the case. Typically, we only use the NHS number to identify patients in this work .Risk stratification is undertaken by eMBED Health Consortium using the King's Fund Combined Predictive Model. Further information is available here.
- ensure that the CCG is billed accurately for the treatment of its patients, which is known as “invoice validation”. Information such as your NHS Number, name, address and date of treatment may be passed on to enable the billing process. These details are held in a secure environment and kept confidential. This information will only be used to validate invoices, and will not be shared for any further commissioning purposes. Invoice validation is undertaken by North of England Commissioning Support Unit (NECS). Further information is available here.
- monitor access to services, waiting times and particular aspects of care, for which the CCG is considered to be an “accredited safe haven”.
More detail on the type of areas where sensitive personal information may be used is set out below:
- the information is necessary for your direct healthcare
- CCGs responding to patients, carers or Member of Parliament communication
- you have freely given your informed agreement (consent) for us to use your information for a specific purpose
- there is an overriding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime
- there is a legal requirement that will allow us to use or provide information (e.g. a formal court order).
What safeguards are in place to ensure data that identifies me is secure?
We only use information that may identify you in accordance with the Data Protection Act 1998. The Data Protection Act requires us to have an appropriate justification (lawful basis) if we wish to use/process any personal information. This means that we cannot collect information without the purpose of this being clearly identified and we can only do this where a law that gives us permission to do this.
Within the health sector, we also have to follow the common law duty of confidence, which means that identifiable information about you provided or collected during your care should be treated as confidential and only shared for the purpose of providing direct care. We handle information in accordance with the Confidentiality NHS Code of Practice, NHS Digital Guide to Confidentiality, Caldicott Principles and professional standards in addition to the above legal requirements.
We also ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only, protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot see or make sense of it). All CCG staff are expected to make sure information is kept confidential and receive annual training on how to do this. This is monitored by the CCG and can be enforced through disciplinary procedures.
The CCG has an executive director responsible for protecting the confidentiality of patient information. This person is called the Caldicott Guardian, they can be contacted using the details below.
The CCG is registered with the Information Commissioner’s Office (ICO) as a data controller and collects data for a variety of purposes. A copy of the registration is available through the ICO website.
Do you share my information with other organisations?
We commission a number of organisations (both within and outside the NHS) to provide healthcare services to you. We may also share anonymised statistical information with them for the purpose of improving local services, for example understanding how health conditions spread across our local area compared against other areas.
The law provides some NHS bodies, particularly NHS Digital, ways of collecting and using patient data that cannot identify a person to help Commissioners to design and procure the combination of services that best suit the population they serve.
Data may be linked and de-identified by these special bodies so that it can be used to improve health care and develop and monitor NHS performance. Where data is used for these statistical purposes, stringent measures are taken to ensure individual patients cannot be identified.
When analysing current health services and proposals for developing future services it is sometimes necessary to link separate individual datasets to be able to produce a comprehensive evaluation. This may involve linking primary care GP data with secondary care SUS (secondary uses service) data (inpatient, outpatient and A&E). In some cases there may also be a need to link local datasets which could include a range of acute-based services such as radiology, physiotherapy, audiology etc, as well as mental health and community-based services such as IAPT, district nursing, podiatry etc. When carrying out this analysis, the linkage of these datasets is always done using a pseudonym in the form of a unique code as the CCG does not have any access to patient identifiable data.
We may also contract with other organisations to process data. We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.
Currently, the external data processors we work with include (amongst others):
- North East of England Commissioning Support Unit (NECS); and
- eMBED Health Consortium
What are your rights?
You have the right to have information about you processed fairly and lawfully, and to be able to access any personal information about you held by the NHS. You also have the right to privacy, and can expect the NHS to keep information confidential and secure. You have the right to request that your confidential information is not used for purposes other than your own care and treatment, and to have your objections considered. These rights are set out in the NHS Constitution.
Opt-out of (stop) information about you being processed
If you do not want the NHS to use information about you, collected by your GP then you can opt out by completing an opt-out form and returning it to your GP practice. There are different types or levels of opt-out available, further information about these types are explained below:
Type 1 opt-outs
If you do not want information that identifies you to be shared outside your GP practice, for purposes beyond your direct care you can register a type 1 opt-out with your GP practice. This prevents your personal confidential information from being used other than in particular circumstances required by law, such as a public health emergency like an outbreak of a pandemic disease.
Type 2 opt-outs
NHS Digital collects information from a range of places where people receive care, such as hospitals and community services. If you do not want your personal confidential information to be shared outside of NHS Digital for purposes other than for your direct care you can register a type 2 opt-out with your GP practice.
Depending on the type of opt out you may choose, this will prevent your information being shared outside of your GP practice or NHS Digital for purposes beyond your direct care (except in special circumstances allowed by law, such as when there is a public health emergency or safeguarding issue).
Please be aware that the CCG does not hold or commission the retention of identifiable historical data (such as a data warehouse) and therefore any opt-out will be applied to the data provided by NHS Digital and the Data Services for Commissioner’s Regional Office (DSCRO).
It is entirely up to you whether the NHS can use your information or not – and if you choose to opt out this will not in any way affect the care or treatment you receive as a patient.
Please note that you may opt-out of your information being used for Risk Stratification. However, where this could affect your direct care (through case management, where this data assists GPs to identify the care needs of their patients), you will need to discuss this with your GP to be clear of the possible consequences.
Please contact your GP practice, the hospital or healthcare provider if you wish for them to stop processing information about you that is not for your direct care.
How to view the information we hold about you (Subject Access Request)
The CCG does not directly provide health care services and therefore you may need to contact your GP Practice or healthcare provider to see or be provided with copies of your medical record.
You can view or request copies of the records about you that we may hold (by making a “Subject Access Request”) by using the contact details below. If you wish to have a copy of the information we hold about you, please note that there may be a charge for this (up to a maximum of £50).
Request updates or corrections be made to the information held about you
You can request information is corrected which is factually inaccurate or incorrect.
Withdraw your consent to information being processed about you
You are able at any time to withdraw any previous consent you gave to permit the CCG to process information about you.
If you wish for the CCG to stop processing information about you or require any information as to how information is used then please contact us, marking your message for the attention of the Caldicott Guardian, who is responsible for protecting the confidentiality of a patient and service-user information and enabling appropriate information-sharing.
For independent advice, you can visit the Information Commissioners Office (ICO) website here. The ICO is the UK's independent body set up to uphold information rights.