We must ensure that personal and sensitive information is:
- Held securely and confidentially
- Obtained fairly and efficiently
- Recorded accurately and reliably
- Used effectively and ethically
- Shared appropriately and lawfully
The organisation complies with the following legislation to ensure your personal information is safeguarded:
- Data Protection Act 1998
- Caldicott Principles
- Freedom of Information Act 2000
- Privacy and Electronic Communications
- Environmental Information Regulations
Caldicott Guardian: Dr Naz Kamal
The Caldicott Guardian is responsible for protecting the confidentiality of your information and enabling appropriate information sharing. The Caldicott Guardian is responsible for providing advice within the organisation on the lawful and ethical processing of your information. The Caldicott Guardian plays a key role in ensuring that the organisation satisfies the highest practical standards for handling patient identifiable information.
Data Protection Officer: DPO team (Dr Naz Kamal, Anna Morton and Charlotte Redgrave)
The Data Protection Officer is responsible for the provision of advice on data protection compliance obligations, data protection impact assessment and monitoring of data protection compliance.
This role is undertaken as a team comprising the Caldicott Guardian, Operations Director and Operations Team Leader in order to undertake the responsibilities holistically in the organisation. The Operations Director, Anna Morton, is nominally the named Data Protection Officer.
Information Governance Lead: Anna Morton
The Information Governance Lead is responsible for ensuring effective management, compliance and assurance of all aspects of information governance.
They are also responsible for reviewing this policy and associated work plans and ensuring these are updated in line with any changes to legislation, national or local policy and guidance.
For more information about information sharing and how we keep your data safe, the following documents may be useful: