Informaon can be further used to help:
• Improve individual care.
• Understand more about disease risks and causes.
• Improve diagnosis.
• Develop new treatments and prevent disease.
• Plan services.
• Improve paent safety.
• Evaluate Government, NHS and Social Care policy.
Your rights
The GDPR provides the following rights for
individuals:
1. The right to be informed – we will tell you what
we do with your informaon. We do this through
noces like this one, through service informaon
leaets, and though our trust website: www.
dbth.nhs.uk
2. The right of access – see secon on Subject
Access Rights below
3. The right to reccaon – we will correct any
personal informaon that is inaccurate or recfy
and data that is incomplete
4. The right to erasure; the right to be forgoen
might not apply to your health data (see UK Data
Protecon Legislaon)
5. The right to restrict processing – we will only re-
strict the processing of your personal data where
it is clinically safe to do so
6. The right to data portability – we will provide
copy notes and copy images however, any oth-
er copy eData will only be provided where and
when our eData Systems allow us to extract a full
and accurate copy of the data held which is about
you
7. The right to object - your objecon will be con-
sidered in relaon to your parcular situaon
8. Rights in relaon to automated decision making
and proling
Our lawful basis for processing
Accurate and up-to-date informaon assists us in
providing you with the best possible care. If you see
another healthcare professional, specialist or an-
other part of the NHS, they can readily access the
informaon they need to provide you with the best
possible care.
Everyone working within the NHS has a legal duty to
keep informaon about you condenal, including
anyone in the NHS who receives condenal infor-
maon from us.
This includes:
• Public task: the data processing is necessary
to perform a task in the public interest, or our
ocial funcons, which have a clear basis in Law.
Arcle 6 (e) - GDPR/DPA 18
• The processing is necessary for the purpose of
preventave or occupaonal medicine, the
assessment of the working capacity of
employees, medical diagnosis, the providion of
health or social care or treatment or
management of health or social care system.
Arcle 9 (2) (h) ) - GDPR/DPA 18
• The processing is necessary for the purposes of
carrying out the obligaons and exercising
specic rights of the controller or of the data
subject in the eld of employment and social
security and social protecon Law. Arcle 9 (2)
(b) ) - GDPR/DPA 18
Personal data are used lawfully by many people in
the course of their work. We employ over 6,500 sta
covering a considerable range of clinical experse
and specialisms, with 3 Main Hospital sites and a
number of local Outpaent Service clinics:
• Doncaster Royal Inrmary (DRI)
• Bassetlaw Hospital (BH)
• Mexborough Montagu Hospital (MMH)
• Outpaent Services at Reord Hospital
• Tri-health GUM services on East Laith Gate,
Doncaster
• Tri-health GUM services on Ryton Street,
Worksop
• Outpaent Services at our Chequer Road Clinic,
Doncaster
Where possible, when using informaon to inform
future services and provision, non-idenable
informaon will be used.
How informaon is retained and kept
safe
Informaon is retained in secure electronic and
paper records and access is restricted to only those
who need to know. It is important that informaon is
kept safe and secure, to protect your condenality.
There are a number of ways in which your privacy is
shielded; by removing your idenfying informaon,
using an independent review process, adhering to
strict contractual condions and ensuring strict
sharing or processing agreements are in place.
GDPR and Data Protecon Legislaon regulates the