Your data and privacy

What is personal information?

Personal information is any material held by Cambridge Children’s concerning you. As we are a hospital, this may also include patient data.

Personal information within any medical organisation is stored in a number of different formats to become your own, unique medical health record. This record will ensure you are correctly identified and receive the appropriate care and treatment for your individual needs.

This information can be stored in several formats including: paper, imaged, electronic and microfiche.

Patient information can also be classed as non-health information including your name, address and any other personal details you may have provided.

Data Protection Act (DPA)

Cambridge Children’s complies with the Data Protection Act 2018 (opens in a new tab), which means you have the right to find out what information we store about you.

Access your health records

Under the General Data Protection Regulation 2018, you, or an authorised representative, are entitled to access your health records.

If you wish to gain access to any other type of recorded information held within the Trust please see the Freedom of Information pages.

Information security

Sharing data is often vital for the progress and quality of your care. At Cambridge Children’s Hospital we have in place a number of policies and procedures to ensure the collection, storage and use of your personal information is secure.

How is the security of personal information enforced?

There are a number of legislations in place to govern the security of information within Cambridge University Hospitals, CPFT and the University of Cambridge, which are the partner organisations of Cambridge Children’s.

As security risks are forever evolving with new technological advances, these policies and procedures are constantly reviewed and updated.

The NHS Confidentiality Code of Practice, the Data Protection Act and Computer Misuse Act all cover Information Security, and are what all NHS organisations must comply with. In addition to these, the NHS has also adopted the British Standards Code of Practice for Information Security Management.

Computer use

We have clear guidelines for computer use which help protect unauthorised access to, and the integrity of, data contained on the hospitals’ computers. In brief: computers are used only for Trust business, are password protected, virus checked, and measures are taken to prevent access via email or the internet. Removable media devices, including laptops and memory sticks, are encrypted.