you are here: FOI home page > Access to personal information

Access to personal information

Accessing information in accordance with the Data Protection Act 1998

The Data Protection Act allows you to ask to see personal information held about you (by sending a 'subject access request') and get it corrected if it is wrong.

Under section 7 of the Data Protection Act 1998, you have a right to apply for access to your personal information, including your medical records, held by this Trust, or held by our predecessor organisations prior to April 2007.

The request must be made in writing and a fee is payable.

By law and upon receipt of a written application, proof of identity and payment of the fee, the organisation is obliged to follow certain procedures and, subject to certain conditions, to provide you with a copy of your personal information within 40 days.

How to make a subject access request

If you wish to make a Subject Access Request you should write to:

The Data Protection Office,
Patient Records Department,
QMC Campus,
Derby Road,
Nottingham
NG7 2UH

Alternatively you can telephone the office on 0115 924 9924 extension 63975 to request an application form.

When you apply, you will be asked to specify the kind of information you wish to be made available to you, provide proof of your identity such as a photocopy of a formal document with your name and address on it (for example, a utility bill or your driving licence or passport), and a cheque for £10 made payable to Nottingham University Hospitals NHS Trust. You may also be required to pay an additional fee up to a maximum of £40.00 for photocopying and postal costs however you will be advised of any charges that apply to your request beforehand.

If you make a request and are not satisfied with the way in which we deal with it, you may ask us to review any decision we make. If you wish to undertake such a review you should write to:

Patient Advice and Liaison Service
NUH NHS Trust
c/o PALS
Freepost
NEA 14614
Nottingham
NG7 1BR

Any review will normally be under the control and direction of the Caldicott Guardian, who is a senior clinician appointed by the Medical Director to take responsibility to ensure the protection of patient confidentiality throughout the Trust in accordance with your legal rights (See Confidentiality)

If you remain dissatisfied at the conclusion of any review, you may complain to the Information Commissioner whose address is

The Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Or, if you feel we have failed to comply with the Act without good reason, you may apply to a Court. The Information Commissioner has produced a series of guidance about your subject access rights, which is available on the website http://www.ico.gov.uk/for_the_public.aspx

Confidentiality

The Freedom of Information Act does not change the right of our patients or staff to protection of their confidentiality in accordance with Article 8 of the Human Rights Act 1998, the Data Protection Act 1998 and at common law. Maintaining the legal right to personal confidentiality continues to be an important commitment on our part.

To help with this, we have appointed someone who is called a Caldicott Guardian, and who has responsibility to ensure the protection of patient confidentiality throughout the Trust in accordance with your legal rights. Our Caldicott Guardian is Dr John Somers.

Dr John Somers
Caldicott Guardian
Consultant Radiologist
Nottingham University Hospitals NHS Trust
Queen's Medical Centre Campus
Derby Road
Nottingham
NG7 2UH

Telephone 0115 924 9924 Ext. 61764

Email:  john.somers@nuh.nhs.uk

The term 'Caldicott' refers to the NHS Guidance on Patient Confidentiality. More information about Caldicott and patient confidentiality can be found in our Information Sharing Protocol in our policies and procedures section.

Useful Links and Documents

	NUH Governance Policies and Procedures

You can also write to:

Department of Health
PO Box 777,
London SE1 6XH,
fax:01623 724524

E-mail: doh@prolog.uk.com

Information Governance

Information Governance is a framework of standards that allows organisations and individuals to ensure that personal information is handled legally, securely, efficiently and effectively in order to deliver the best possible care. It additionally allows the organisation to put in place procedures and processes to manage corporate information that supports the efficient location and retrieval of corporate records when needed to meet requests for information and assist compliance with corporate governance standards.

All NHS organisations are required to assess their Information Governance performance annually by conducting a self-assessment audit using the Information Governance Toolkit. The results of which are published on the Connecting for Health website and are used to inform the public, the National Information Governance Board and principle regulatory bodies concerned with assessing performance such as the Healthcare Commission Standards for Better Health.

The Trust's Information Governance policies are available on our FOI website.

Useful Links and Documents

	NUH Governance Policies and Procedures

Further Information about Information Governance can be found on the NHS Connecting for Health website at:

http://www.connectingforhealth.nhs.uk/systemsandservices/infogov

The Trust's annual Information Governance report is available here by selecting "Reports" and searching for "Acute Hospitals" "Nottingham University Hospitals" or organisation code RX1:

https://www.igt.connectingforhealth.nhs.uk/

Further information about the National Information Governance Board for Health and Social Care is available at:  http://www.connectingforhealth.nhs.uk/nigb