The General Data Protection Regulations 2016 (GDPR), requires Saint Catherine’s Hospice to describe how it collects, uses, retains and discloses personal information. We call this Saint Catherine’s ‘Privacy Notice’. This can also be called a privacy statement, a fair processing notice or a privacy Policy.

Our Privacy Notice sets out:
• Why we need to record or access your data
• How it will be used and
• Who it will be shared with and
• How to access your information

To show you how we ensure that we process your personal data fairly and lawfully within the relevant Legal Acts and other legislation. This Privacy Notice also explains what rights you have to control how we use your information.

The relevant Legal Acts and other legislation: The law determines how organisations can use personal information. The key laws are: The General Data Protection Regulation (GDPR) (which replaces the DPA in May 2018). The Data Protection Act 1998 (DPA), The Human Rights Act 1998 (HRA), relevant health service legislation, and the ‘common law duty of confidentiality’, which refers to the obligation that we have to respect the confidentiality of our patients’ affairs. Information that we obtain about our patients’ affairs may be confidential, and must not be used for the benefit of persons not authorised by the patient.

Modern Day Healthcare is complex, it relies on recording, holding and sharing accurate Personal data and Health Data, to treat and provide services to every one of us. Almost all of this data is now computerised, it is mainly recorded and held on digital systems, typically this is at your Doctors, Dentist or Hospital, and in fact anywhere you receive any form of health care.

Saint Catherine’s is no exception to this, and in order to provide you with the best service, and optimal care, we need to record, use, exchange and act on information about you, your family and carers and other services involved with your care.