To provide best care possible, sometimes we will need to share information about you with others.
We may share your information with a range of Health and Social Care organisations and regulatory bodies. You may be contacted by any one of these organisations for a specific reason; they will have a duty to tell you why they have contacted you.
We will share information about you if:
- you ask us to do so
- you consent to us sharing your information
- a formal court order has been served on us
- to assist the police in the prevention and detection of crime
- to protect children and vulnerable adults
- we have special permission for health and research purposes (granted by the Health Research Authority) or
- it's for the health and safety of others, for example to report an infectious disease such as meningitis or measles
- you order an iCaSH Express Test, when the information you provide will be passed to our (third party) lab provider, who will process this information in line with the requirements of confidentiality.
We work with a number of other NHS, partner agencies and other organisations to provide healthcare and other services for you. We may also share de-identified statistical information with them for the purpose of improving local services, for example understanding how conditions spread across our local area compared against other areas.
We also contract with other organisations to provide a range of services for us, for example providing some human resource services for our staff. In these instances we ensure that our partner agencies handle our information under strict conditions and in line with the law.
All CCS staff have contractual obligations of confidentiality, enforceable through disciplinary procedures. Staff with access to patient identifiable information receive appropriate ongoing training to ensure they are aware of their responsibilities. Our staff are granted access to personal data on a need-to-know basis only.
We may also be asked to share basic information about you, such as your name and parts of your address, which does not include sensitive information from your health records. Generally, we would only do this to assist non-NHS organisations to carry out their statutory duties (such as usages of healthcare services, public health or national audits).In these circumstances, where it is not practical to obtain your explicit consent, we are informing you through this notice, which is referred to as a Privacy Notice, under the Data Protection Act and GDPR.
Where patient information is shared with other non-NHS organisations, an information sharing agreement is drawn up to ensure information is shared in a way that complies with relevant legislation.
Non-NHS organisations may include, but are not restricted to:
- social services,
- education services,
- local authorities,
- the police,
- ·voluntary sector providers and
- private sector providers.