Terms and Conditions

In the National Health Service (NHS), we aim to provide you with the highest quality healthcare. To do this we must keep information about you, your health and the care we have provided to you or plan to provide to you. This privacy statement provides a summary of how we use your information.

The Data Protection Act and General Data Protection Regulation (GDPR) 2018 controls how your personal information is used by organisations, businesses or the government. Under the Act Northampton General Hospital NHS Trust is defined as a ‘data controller’ of your personal information. We collect information to help us provide and manage healthcare to our patients. The trust is registered with the Information Commissioners Office. Our Registration number is Z4694847.

How will we meet the principles of GDPR?

We will process your personal information fairly and lawfully by;

a) Only using it if we have a lawful reason and when we do, we make sure you know how we intend to use it and tell you about your rights;

We do not rely on consent to use your information as a ‘legal basis for processing’. We rely on specific provisions under Article 6 and 9 of the General Data Protection Regulation, such as ‘…a task carried out in the public interest or in the exercise of official authority vested in the controller.’

This means we can use your personal information to provide you with your care without seeking your consent. However, you do have the right to say ‘NO’ to our use of your information but this could have an impact on our ability to provide you with care

b) Only collecting and using your information to provide you with your care and treatment and not using it for anything else that is not considered by law to be for this purpose;

We would never share information for marketing or insurance purposes.

c) Only using enough of your personal information that will be relevant and necessary for us to carry out various tasks for the delivery of your care;

d) Keeping your information accurate and up to date when using it and if it is found to be wrong, we will make it right, where appropriate, as soon as we can;

e) Only keeping your information in a way that it will identify you for as long as we are legally required to, whilst ensuring your rights;

f) Having secure processes in place to keep your personal information safe when it is being used, shared, and stored.

How do we keep your information safe?

We are committed to keeping your information secure and have operational policies and procedures in place to protect your information whether it is in a hardcopy or electronic format. This Trust is registered to the Information Commissioner’s Office. Our registration number: Z4694847

How do I make a request for information or make a complaint?

If you wish to ask the Trust about a data protection issue, request information on data we process, request a copy of your data, make a request for data to be erased, rectified or you have concerns about the processing of your personal data by us you may contact our Information Governance Team at:

The Data Controller
The Chief Information Officer & SIRO
Northampton General Hospital NHS Trust
Cliftonville
Northampton
NN1 5BD

Telephone: 01604 634 700

Data Security and Protection Team
Northampton General Hospital
Cliftonville
Northampton
NN1 5BD

Telephone: 01604 543881
Email: ngh-tr.data.protectionact@nhs.net

Patient Advice and Liaison Service (PALS) for complaints
Northampton General Hospital
Cliftonville
Northampton
NN1 5BD

Telephone: 01604 545784
Email: pals.ngh@ngh.nhs.uk

Data Protection Officer
Northampton General Hospital
Cliftonville
Northampton
NN1 5BD

Telephone: 01604 523224
Email: dpo@ngh.nhs.uk

Freedom of Information Officer
Northampton General Hospital
Cliftonville
Northampton
NN1 5BD

Telephone: 01604 548661
Email: foi.dept@ngh.nhs.uk