By law we are expected to be open with you about how we use your personal information.
Being open with you shows you that we care about you and your personal information.
Explaining to you in advance what we will be doing with your personal information helps to build trust, avoid confusion, and lets you know what to expect.
Personal information means any information that could be used to identify you.
This could be just your name and address; or it could include a telephone number, email address, a picture or recording of you.
When we collect your personal information, we must let you know what we use your information for and how we protect it.
This is to let you know what happens when we collect your personal information and the rights you have under information protection law.
You have rights under Information Protection Law
- To know and understand why we process your personal information
- To know and understand what lawful purpose we have for processing your information
- The categories of personal information we will collect from you
- Who and what we would share your information with
- How long we keep your information
- The rights you have that may determine how we handle your information.
- The right to withdraw consent, however this would make caring for you difficult, and you should speak with your health professional.
- If we collect information about you from somewhere else
- Let you know that we will not make decisions on your care by automated decision-making.
Why we use your personal information
We need to collect information about you to make sure we know who you are, and how to contact you.
We collect the information to give you the best possible care.
Each time you use our services (visit us) we will need to add your information to your Health Record.
We need to record the things we have told you, and things you have told us.
What lawful purpose we have for using your information
By law we must have a lawful purpose before we can handle your personal information.
Providing you with healthcare allows us to process your personal information.
If we wanted to use the information, we have collected from you for another purpose other than for health care, we would need to ask you for permission (consent).
Personal information we will collect from you
We keep the information we collect from you altogether in one record, this is called your health record and is either electronic (on a computer) or on paper.
The health professional involved in caring for you at Bridgewater will be able see what information has been collected all in one place and continue to care for you.
Sometimes the people who do the administration functions like sending you an appointment will need to go into your record, but they will only see your name and address, they will never see your health information.
The type of information we will collect
- Your first and second name
- Your date of birth
- Your address
- The name of the person who will bring you to your appointments.
- The name of your doctor (GP)
- The reason for your visit to one of our clinics
- What we do to care for you
- Any information that your doctor (GP) you or your family gives us.
More sensitive information
To provide you with healthcare we need to collect information about you which is more sensitive than your name and address.
As well have having measures in place to protect your information we have extra measures in place to protect sensitive information
- information concerning health
- information revealing racial or ethnic origin
- information concerning a person’s sex life
- information concerning a person’s sexual orientation
- information revealing religious or philosophical beliefs.
Who and what we would share your information with
There are times when we need to share information about you and your healthcare with others.
We may share your information with:
- GPs
- Health Authorities
- NHS Trusts
- NHS England.
If you are receiving care from other people (such as Social Services) as well as the NHS, we may also need to share information to help us work together for your benefit.
We may also collect information from other healthcare providers to enable us to see what treatment if any you have already received and continue to provide you with the best possible care.
We may need to collect and share information about you to investigate a complaint.
If you have agreed to participate in research, your information will still be protected, and you can withdraw your permission at any time.
You can read the Research Authorities Privacy Notice for more information on how your information will be handled using this link:
How long we keep your information
Information protection law tells us how long we can keep your information for.
While we are not allowed to keep your information indefinitely, sometimes we are asked to keep information for longer than is necessary to support public enquiries such as the recent infected blood enquiry.
The NHS schedule for how long information should be kept can be found on the transform.england.nhs.uk website.
How will we look after your information and keep it confidential?
All people working in the NHS must keep your information confidential.
Each year, everyone working in the NHS must be trained on information security.
They are given a card (smartcard) which allows them to see your information.
Only health professional/s who are caring for you can see your health information.
We undertake regular audits to make sure your information has not been accessed by someone who isn’t providing your healthcare.
Can you ask to see the information we collect about you?
You have the right to see the information we collect and hold about you.
This is known as a subject access request.
To make a subject access request you should speak with your health professional or submit a request using the information on our health records page.
We must provide you with your information within one month of us receiving your request, unless your request is excessive, in which case we will work with you to provide you with the information your need.
You can find more information on your right to ask to request copies of your information on the ico.org.uk website.
To make a subject access we will ask you for identification and this will include a photo ID.
Complaints and contact details
All NHS organisations must have a information protection officer, whose role is to make sure all our staff understand the information protection laws and we handle your personal information securely and legally.
If you are not happy with how we handle your information or you believe your information rights have been breached, please email bchft.dpo@nhs.net.
Information Protection Officer (DPO) for Bridgewater Community Healthcare NHS Foundation Trust is:
Jan McCartney – Trust Secretary
Bridgewater Community Healthcare NHS Foundation Trust
Ground Floor
Spencer House
Birchwood
Warrington
Cheshire
WA3 7PG
Telephone: 01925 946400
Email: bchft.enquiries@nhs.net / bchft.dpo@nhs.net
If you are not happy with how we handle your information you can also complain to the Information Commissioners Office (ICO).
The ICO is the UK’s independent body set up to uphold information rights:
ICO Helpline: 0303 123 1113
ICO website: https://ico.org.uk
NHS Cheshire and Merseyside
Bridgewater is in Cheshire and Merseyside and as such your treatment may involve NHS Cheshire and Merseyside, which means we will need to share some of your personal information with them.
All NHS trusts must protect your information and respect your data protection rights.
The NHS Cheshire and Merseyside privacy notice explains how they protect your information Privacy Notice – NHS Cheshire and Merseyside
Page first published: 14 February 2024
Page updated: 14 February 2024