Privacy

The Trust processes a lot of sensitive personal information about both patients and staff. We have a responsibility to ensure that this information is protected at all times and shared in an appropriate manner.

The EU General Data Protection Regulations (GDPR) came into force on 25 May 2018 and directly applicable as law in the UK. It will replace the Directive that is the basis for the UK Data Protection Act (DPA) 1998. The basic premise of the DPA will remain; the GDPR will be an enhancement of the DPA.

Do these changes impact me and my department?

Yes it does. The Trust’s preparations are well advanced but we still need help from you. Under GDPR, fines that can be administered against organisations will be increased to £17 million or 4% of turnover. The fines can be for any breach of GDPR not just data security breaches.

How can I help?

• Ensure that you and your team are up to date with information governance training
• That any personal identifiable information is kept secure i.e.
  • Patient notes are not left in public places
  • PCs are locked when left unattended
  • All offices and filing cabinets are locked
• Always check that you have the correct recipients contact details before sending
• Always check that you are sending correspondence to the right patient
• Do not open any suspicious looking emails
• If a breach or near miss does occur that it is reported immediately on Datix and your line manager is informed. Under GDPR we will be expected to report any high risk incident within 72 hours to the Information Commissioner’s Office
• The Information Governance Team is continuing to conduct risk assessments to identify information flows and assets. Please provide them with any assistance required
• If suppliers or any third parties contact you about their readiness or the Trust’s for GDPR that the Information Governance team are made aware

Ensuring the Trust is compliant with GDPR doesn’t end on 25 May. Compliance is on-going and will be monitored by the current data protection regulator, the Information Commissioner’s Office (ICO).

All staff need to be aware of their responsibilities under GDPR and over the coming weeks the Information Governance Team will continue to provide updates on GDPR outlining staff responsibility on WeShare.

If you have any queries or concerns please contact the Information Governance Team.

Cookies

Barts Health NHS Trust uses cookies to help us understand how people use our website. We use cookies to capture which pages are most popular, how long people spend on each page and what links they use to access the information they are seeking. We may also use cookies to enable the website to ‘remember’ details that you voluntarily give, such as when you complete online forms, so that you do not have to retype the information next time you use the website.

By using this website you are implying consent for these cookies to be placed on your computer. If you would like to remove these cookies and opt-out of the services that use them you can by selecting the appropriate settings on your browser.

What is a cookie?

A cookie is a simple text file that is stored on your computer or mobile device by a website’s server and only that server will be able to retrieve or read the contents of that cookie. Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier and the site name and some digits and numbers. It allows a website to remember things such as your preferences or remembers your details when filing out a form. They are controlled by your computer. If you visit the Tools section in your browser menu, you will find details of your cookies settings.

Cookies may come with or without an expiry date. Cookies without an expiry date exist until the browser is closed, while cookies with an expiry date may be stored by the device until the expiry date passes.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can set your browser to warn you before accepting cookies, or you can set it to automatically reject them. Please note that by rejecting cookies it may inconvenience you in browsing our website. See your browser 'help' button for how to change your cookie settings.

We will not share personal data about you

When you complete an online form to change an appointment, this form asks you for personal data so that we can complete your request. This information is stored securely and never shared with other organisations or used for marketing purposes.

Google Analytics

The Barts Health website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses cookies, which are text files placed on your computer, to help the website analyse how users use the site.

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Our jobs feed

The Barts Health website uses the Trac recruitment site, provided by Civica UK Ltd, to advertise our current vacancies.

The Trac website, displayed through the use of a code droplet on our website, uses cookies. By accepting our privacy policy, you agree to the use of these cookies. If you choose not to accept cookies, our job roles will not display on our website.

Other third party applications

The Barts Health website uses code droplets to share content from other websites, such as Twitter, YouTube and Google maps. We do this so that our site is easier for you to use, and the content from these other websites is displayed automatically on the page.

We sometimes use code droplets to measure the effectiveness of our recruitment advertising campaigns through third party applications.

These third party applications use cookies. By accepting our privacy policy, you agree to the use of these cookies by third parties.

Links to other websites

Barts Health NHS Trust website contains links to other websites of interest. However, once you have used these links to leave this website, you should note that we do not have any control over that other website. We cannot be responsible for the protection and privacy of any information which you provide while visiting such websites, and such websites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. We recommend that you review the websites privacy policy as a precautionary measure. The trust does not endorse any external sites and is not responsible for their content.