Our Trust is one of many organisations working in the health and care system to improve care for patients and the public.

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.

You may also be receiving care from other organisations as well as the NHS so we may need to share your information with them, for example with:

• Other healthcare professionals e.g. doctors, nurses, ambulance service
• Partner organisations who contribute to your long term care e.g. GPs, social services, private sector providers
• Carers or guardians with carer or parental responsibilities
• Disclosure to NHS Managers and the Department of Health for the purposes of planning, commissioning services, managing and auditing healthcare services
• Disclosure to bodies with statutory investigative powers such as the Care Quality Commission (CQC), the General Medical Council (GMC), the Audit Commission or the Health Service Ombudsman
• Government departments such as the Department of Health or the Home Office
• Disclosure to Solicitors, to the police, to the courts (including the Coroner’s court, and to tribunals and enquiries.

The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:

• improving the quality and standards of care provided
• research into the development of new treatments
• preventing illness and diseases
• monitoring safety
• planning services

This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.

Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.

To find out more or to register your choice to opt out, please visit the NHS website.  On this web page you will:

• See what is meant by confidential patient information
• Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
• Find out more about the benefits of sharing data
• Understand more about who uses the data
• Find out how your data is protected
• Be able to access the system to view, set or change your opt-out setting
• Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
• See the situations where the opt-out will not apply

You can also find out more about how patient information is used at:

• Health Research Authority (which covers health and care research);
• Use and share information with confidence – NHSX

You can change your mind about your choice at any time.

Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.

Health and care organisations have until 2020 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. Our organisation is currently working towards being compliant with the national data opt-out policy by 30^th September 2020 in line with NHS Digital guidance.

Coronavirus (COVID-19)

Information about patients’ coronavirus (COVID-19) status and other confidential patient information (in relation to your health record) may be shared with other partners involved in your care and treatment, along with:

• NHS England
• Public Health England
• the Department of Health
• other government departments where it’s legally required, or where it’s necessary for the protection of public health or management of the outbreak

For more information please read our COVID-19 Supplementary Privacy Notice.

One Health and Care

Across Shropshire, Telford & Wrekin we are establishing a shared care record to ensure that the people who care for you have the information that they need to do their best for you. We call our shared care record “One Health and Care” which includes many organisations providing care. Information will only be shared for your direct care and will only be accessible by professionals providing your care.

Completely confidential and secure, it’s designed to help doctors, nurses and other registered health and social care professionals directly involved in your care to make better, safer decisions.

The information that they will be able to see includes:

• Your name, date of birth, sex, address, telephone number, NHS number
• The name of your GP Practice and GP
• Medications, allergies, ongoing and historic conditions, immunisations and diagnoses
• Test results, hospital referrals, admissions, discharges and clinics attended
• Social and mental health information and care plans

Sensitive information such as attendance at sexual health clinics, fertility treatment records, and records relating to gender reassignment will not be included.

The following organisations will have access to One Health and Care:

• Shropshire Community Health NHS Trust
• Midlands Partnership NHS Foundation Trust
• Shropshire Council (Social care)
• Telford & Wrekin Council (Social care)
• Shrewsbury and Telford Hospital NHS Trust
• Robert Jones & Agnes Hunt Orthopaedic Hospital NHS Foundation Trust

Your information will be processed in accordance with the requirements of data protection legislation. The legal basis under the UK Data Protection Act 2018 used to process your information are:

Article 6(1)(e) – performance of a task carried out in the public interest

Article 9(2)(h) – medical diagnosis, the provision of health or social care or treatment or management of health or social care systems.

If you’re happy for your records to be available on One Health and Care to health and social care professionals, you don’t need to do anything. Alternatively, if you wish to object, you need to contact your GP Practice.For more information, contact:

W: Shropshire, Telford & Wrekin Integrated Care System and Privacy Notice

E: onehealthandcare@nhs.net

GDPR

The lawful basis is GDPR Article 6(1)(c), compliance with a legal obligation, or Article 6(1)(e), that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority (the provision of statutory health care services).

The exemptions in GDPR Article 9(1)(g) and 9(2)(h) will be applied, that processing is necessary for matters of substantial public interest or for the management of health care systems.

The conditions in paragraphs 2 (management of health care systems), 3 (public health) and 6 (statutory and government purposes) of schedule 1 of the Data Protection Act 2018 are engaged.

For further information on this please refer to the Information Commissioners Office