The Data Protection Act 1998 was brought into force on March 1 2000 and gives legal rights to individuals in respect of personal information held about them by others.
The trust has a duty to protect patient and staff information, and to look at the way it collects, processes and stores information to make sure that we comply with the law. Please read our booklet on the storage of information below for further information.
You will be asked during your time in the hospital for personal information. This will be used so that we can give you the correct care and treatment.
Information about you will be kept on manual records or on computer and will form part of your own medical records. These will be kept in case you need to see us again.
The Hospital is committed to data protection. We have taken great care to make sure that your information is kept confidential and safe. All staff have signed a confidentiality agreement and have a duty to keep information about you confidential. They will be regularly trained to keep them up to date on all relevant legislation.
The right of access to a medical record is principally for the individual who is the subject of the record, but the individual may authorise another person, to make an application for access on his or her behalf. To do this you will need to make a subject access request.
You can do this by contacting our Access to Health Records Department on 01908 995045 and asking them to send you an application form, alternatively you can download the forms below. Or email us atÂ firstname.lastname@example.org
There is a £10.00 fee for access to your records and further fees for copies/CD will be required.
We must by law process your request once we are in receipt of form and fee within 40 days
If you believe the information within your medical record is inaccurate, you can ask for your information to be rectified, erased, blocked or deleted.
The hospital welcomes the opportunity to discuss any questions you may have. Please do not hesitate to contact the Information Governance Team on 01908 660033 ext. 85045/85043.
The GDPR (General Data Protection Regulation) comes into force on 25 May 2018 replacing the Data Protection Act 1998.
The regulations are very similar to the Data Protection Act 1998 and apply to processing carried out by organisations operatingÂ within the EU. It also applies to processing carried out by organisations outside the EU that offer goods and services to individuals in the EU. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.
The Trust has a duty to protect its Patients, Staff and business critical information. It also has an obligation to make sure that we comply with the Regulations.
The Trust and its employees must ensure that the Data Protection Officer for the Trust is:
• Invited to participate regularly in meetings of senior and middle management
• Their presence is recommended where decisions with data protection implications are taken. All relevant information must be passed on to the DPO in a timely manner in order to allow them to provide adequate advice.
• The opinion of the DPO must always be given due weight. In case of disagreement, the Trust should document the reason for not following the DPO’s advice.
• The DPO must be promptly consulted once a data breach or another incident has occurred.
The Trust's Data Protection Officer has an expertise in national and European data protection laws and practices and an in-depth understanding of the General Data Protection Regulations.
Data Protection Officer for Milton Keynes University Hospital NHS Foundation Trust is:
Telephone No. 01908 995041