Saint Catherine’s take our duty to protect your personal information and confidentiality seriously. We place it as an organisation wide priority, and are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible. This applies to both computerised and paper records.

Various roles within the organisation are responsible for this are they include the following the  Senior Information Risk Owner (SIRO), our ‘Caldicott Guardian’, our Data Protection officer and IT manager, who between them are  responsible for the Use, Processing, Security and management of patient information and patient confidentiality.

We also have governance committees that span the activity of Saint Catherine’s. These committee’s meet regularly, with part of their remit being to ensure all staff are aware of their information governance responsibilities, that Saint Catherine’s follow best practice guidelines, ensure the necessary safeguards and appropriate use of person-identifiable and confidential information are in place, followed and maintained

All staff are required to undertake annual information governance training and are provided with an information governance user handbook that they are required to read, understand, agreed and to adhered to.

All of our staff are required to protect your information, and inform you of how your information will be used. This includes, in most circumstances, allowing you to decide if and how your information can be shared.

Additionally all working at, or for Saint Catherine’s is subject to the common law duty of confidentiality. Information provided in confidence will only be used for the purposes advised and consented to by you as the data subject, unless it is required or permitted under the GDPR or other legislation.