This web site (www.alderhey.nhs.uk) is operated by Alder Hey Children’s NHS Foundation Trust.
We abide by the NHS’s strict standards for protecting and processing individuals’ data.
Alder Hey Children’s NHS Foundation Trust will only keep any information you send to them through this web site for as long as necessary to process the request that you have made. Any information you send through this web site may be passed between other NHS organisations in order to deal with your request or comment.
Everyone in the NHS has a legal duty to keep information about their patients confidential, and great care is taken to ensure that high standards of confidentiality are maintained. The Data Protection Act (1998) sets out those standards.
At Alder Hey we take the security of patient information collected very seriously. All staff are required to be trained every year on keeping information secure. We also issue regular reminders to staff and conduct audits to ensure good practice.
What do we collect?
For us to look after patients we must keep a record of their name, address, date of birth and family doctor.
We have to record information about the medical condition, related tests and treatment, drugs given or operations. We may record information about the illnesses of other family members, information from GPs, or other hospitals where treatment has been received.
The Data Protection Act
- All personal information about patients is kept in the hospital case notes or on computer. The Data Protection Act requires all the information is kept safely and also gives all patients certain rights
- Patients, or their guardians, have the right to see the information which we keep
- All information is kept securely and only those who need it to help with treatment, have access to it
- We only pass on the information about our patients if the other person has a genuine need to know or to protect your health
- We only pass on the information which is needed and no more
- The Data Controller is Alder Hey Children’s NHS Foundation Trust
Each type of record is held for a certain amount of time before it is recognised as no longer being needed and can be confidentially destroyed. National time periods are shown in the NHS Records Management: NHS code of practice.
Who might we share your information with?
We may have to share information with GPs, other hospitals, social services or schools. Our patients may be receiving or need care from other organisations who will need information from us in order that they can plan the best treatment.
We have to share information within the NHS to ensure that treatment is properly funded and carried out. The information may not identify individual patients and is usually to help plan future needs of the NHS to check that we are performing satisfactorily, or that a type of treatment is effective.
We also carry out reviews ourselves to help improve investigation and treatment, this is called Clinical Audit.
Some conditions or infectious diseases are required to be added to national registers. Sometimes this does require a patients’ name but if this is the case, we will tell you.
All those who handle this information are fully aware that it has to remain confidential.
We are a teaching hospital
- Teaching and research are very important in the NHS and this hospital is a teaching hospital. We have a responsibility to the students’ universities and colleges to see that they are properly taught and supervised whilst they are with us
- Our patients have the opportunity to refuse to have any students take part in their treatment
Part of the students’ training may involve reviewing some patient records and test results
- If any of our students or staff involved in any research project would like to use information about individual patients, the patient or their guardian will be informed
- Permission from the patient or their guardian will be asked for whenever it may be possible to identify any patient individually
All students are fully aware that it is their duty to keep any information they use during their training confidential.
Some organisations process information for us
Some facilities at Alder Hey are operated in partnership with private contractors, and information about our patients may be seen by their employees. They are required to work to the same standards of confidentiality as all NHS employees, and we have agreements and contracts in place to ensure these standards are maintained.
If we have an incident or complaint
Sometimes we need to use patient information to help us investigate incidents, complaints or legal claims. If a patient is identified, they or their guardian will be informed.
Sharing information to assess compliance with standards
The Care Quality Commission (CQC) monitor, inspect and regulate NHS services to make sure they meet fundamental standards of quality and safety. The CQC currently inspect NHS hospitals at least once a year against a set of agreed standards. More information about the CQC and the inspection process can be found on the CQC website.
As part of the CQC’s inspection, the inspectors may look at a small number of patient notes, incident forms and complaints. None of these documents will be removed from the premises. The aim is to ensure that these documents are managed in accordance with appropriate policies and procedures: for example whether they are written clearly, signed and dated and stored securely. The inspectors are not concerned with individual patient details.
Other reasons to share
We may be required to pass on information from which patients can be identified without the patient’s (or their guardian’s) permission. This may be for emergency treatment or for official Health Service statistics or if the law demands it.
Keeping your records up to date
Please help us to keep our information about you up to date by informing us if you change your address, GP or contact details.
How you can get access to your health record
Patients or their guardian(s) are entitled to apply for copies of their health records. You can do this by completing the form on the Trust website or writing to our Access to Health Records Department (at the address below). Please note that charges may apply.
The Caldicott Guardian is responsible for ensuring information about you is used properly at Alder Hey Children’s NHS Foundation Trust.
If you have any concerns about the use of your information please write to: The Caldicott Guardian (at the address below) or email firstname.lastname@example.org