How we use your information
The Clinical Commissioning Group (CCG) is responsible for commissioning (buying) health services from providers, such as hospitals and General Practitioners (GPs), to provide the highest quality of healthcare to people living and working within our area.
The Clinical Commissioning Group (CCG) is responsible for commissioning (buying) health services from healthcare providers, such as hospitals and General Practitioners (GPs), to provide the highest quality of healthcare to people living and working within our area.
The support the CCG in fulfilling its statutory role, it may hold some information about you. This document (which is also known as a privacy notice or fair processing notice) outlines how that information is used, who we may share that information with, how we keep it secure (confidential) and what your rights are in relation to this.
- What kind of information do you use?
- What do we use anonymised data for?
- What do we use pseudonymised information for?
- What do we use your sensitive and personal information for?
- Data linkages
- Do you share my information with other organisations?
- National Fraud Initiative 2016/17
- Declarations of Interests, Gifts, and Hospitality
- Data Processors
- What safeguards are in place to ensure data that identifies me is secure?
- How long do you hold confidential information for?
- What are your rights?
- Freedom of Information
- Queries, Requests and Complaints
This document is separated into the following sections:
What kind of information do you use?
We use four types of information/data:
1.1 Anonymised data (definition) which is data about you but from which you cannot be personally identified
1.2 Pseudonymised data (sometimes described as ‘deidentified data’) where any identifiable information (examples include name, address, date of birth) has been removed and replaced with a unique code (to represent an individual) to make it practically impossible to identify individual(s) from the remaining data (which may include information about an individuals’ health)
1.3 Personal data (definition) from which you can be personally identified
1.4 Sensitive personal data (definition) about you, such as data relating to your healthcare, from which you can be identified
What do we use anonymised data for?
We use anonymised data to plan health care services. Specifically we use it to:
- Check how well/good and successful the health services we commission are
- Check that the services we commission are performing as intended
- Work out what illnesses people will have in the future, to plan and prioritise services and ensure these meet the needs of patients in the future
- Review the care being provided to make sure it is of the highest standard
- Look at care being provided to see where improvements could be made
Please see details of privacy notice information collection for specific purposes
What do we use pseudonymised information for?
For example, a GP practice provides information to us to check the care of people living in our area, we receive that information as pseudonymised data. Data that has been pseudonymised ensures that:
- Only the GP practice (organisation sending us in data) are able to identify you. They securely maintain a record of the unique codes that represent each patient. Using a code in this way is useful where information about the same patients is being compared over two different time periods. Exploring whether a course of treatment has benefited patients by checking how they are the start and end of treatment is an example of this.
- The information we receive is unidentifiable to us – we have no means to determine who the data relates to. Names, address, dates of birth and NHS number have been removed before we see the data
- There should only be an negligible risk that the pseudonymised data can reveal a suspected identity – the unique codes are meaningless outside of this purpose
- We ensure that there are other measures in place to prevent us (or anybody else) from being able to reidentify individuals from the data – for example, reporting on rare conditions is subject to extra precautions to minimise this possibility
- Using this type of information improves the CCG’s ability to work out the care needs of people within the local area. Examples of where pseudonymised data have been used include care
- Identify where and why delays in care occur to help ensure patients are treated in a timely manner
- Identify gaps in services so to explore how new services may improve care
- Check patients health is improving and to explore how successful services are at improving health
The CCG utilises pseudonymised data is used across a variety of areas, such as Inpatient, Outpatient, Accident and Emergency, Out of Hours, Urgent Care, Community Nursing, Community Mental Health, General Practice and Social Care from a variety of health and care providers data. This data is pseudonymised by the Data Services for Commissioning Regional Office (DSCRO) based at North of England Commissioning Support (NECS) in accordance with the requirements of the Health and Social Care Act 2012 or by the healthcare provider themselves.
The same pseudonymised code is used across these services so that the data may be linked together without revealing the identity of the patient. The pseudonymised code is not used outside of these sets of data. The CCG handles pseudonymised data to the same level of scrutiny and confidentiality as if it were sensitive personal data. No further data linkages are undertaken outside of the above process.
Please see details of information collected and used for specific purposes for further information.
What do we use your sensitive and personal information for?
There are some limited exceptions where we may hold and use sensitive personal information about you. For example the CCG has been required by law to perform certain tasks that involve the processing of sensitive personal information.
The CCG only has access to identifiable information when individuals have consented to this, a law or direction from the Secretary of State for Health explicitly permits this.
The areas where we regularly use sensitive personal information include:
- Facilitating the process where you or your GP may request special treatments is not routinely funded by the NHS (known as Individual Funding Requests)
- Assessments for continuing healthcare (for those with complex medical needs) and appeals
- Responding to your queries, compliments or concerns
- Assessment and evaluation of safeguarding concerns
- The information is necessary for your direct care
- Out of area specialised care case management
- Management of patient medication, as a service provided to GP practices
- Responding to patients, carers or Member of Parliament communication
- Investigating incidents
- Investigating the causes of an infection, sometimes contagious, which may be a risk to the public (a Post Infection Review). We do not need to always ask your permission to access your information is there is a wider risk to the public
- You have freely given your informed agreement (consent) for us to use your information for a specific reason (purpose or project)
- This is required to perform Human Resource, recruitment and payroll functions
- To process claims for patients travel costs
- There is an overriding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime
- There is a legal requirement that will allow us to use or provide information (e.g. a formal court order)
- For the purposes of security, crime prevention and detection CCTV is in operation on the CCG premises
- Where there is a Section 251 exemption permitting the use of sensitive personal information under specific conditions, for example to:
Understand the local population needs and plan for future requirements, which is known as “Risk Stratification for commissioning”:
Information health and social care records are looked at by the CCG to identify groups of patients who would benefit from some additional help from their GP or care team. The aim is to prevent ill health and possible future hospital visits, rather than wait for patients to become more poorly. Typically, the CCG only use the NHS number to identify patients for this purpose. Only the GP/care team is able to see who actually requires additional help and there are strict rules in place to ensure this.
Ensure that the CCG is billed accurately for the treatment of its patients, which is known as “Invoice Validation”:
Where the CCG pay for care, particularly where different providers are caring for the same patient, we may ask for evidence before paying, or we may design a service where the payment is all or partly based on the providers ensuring the service user’s health improves. When processing invoices for payment of treatment or procedures you have received – information such as NHS number, name, address and date of treatment might be used by the CCG. Where this happens, these details are held within a secure environment and kept confidential; such information is only used to validate invoices and not shared for any other purpose
Monitor access to services, waiting times and particular aspects of care, for which the CCG is considered to be an “Accredited Safe Haven”
Please see details of information collected and used for specific purposes for further information.
Data linkage is the process of linking data together from different places. Within the CCG, this only done using pseudonymised codes. This allows the CCG to see the wider patient experience and outcomes through the different types of care that are provided to identify issues and improvements. An example of this is where hospital and primary care (GP) data is linked to better understand patterns in healthcare provision and to plan and evaluate services. For example, the CCG might look at whether certain newly introduced falls services for older people have reduced this need to attend Accident and Emergency.
The CCG utilises NHS Digital and their Data Services for Commissioners Regional Office (DSCRO), which presides within North of England Commissioning Support to process information to perform these data linkages. The Health and Social Act 2012 and later directions of NHS Digital established the Data Services for Commissioners (DSfC) programme (whereby the DSCRO act as an accredited secure facility to collect, hold and process personal confidential data (PCD) for purposes beyond direct patient care). This approach ensures that the CCG does not receive any identifiable information. The CCG does not perform any data linkages of identifiable information and the only data linkages performed on its behalf are processed within the DSCRO.
For further information, please see examples included within the What do we use pseudonymised information for section.
Do you share my information with other organisations?
We commission a number of organisations (both within and outside the NHS) to provide healthcare services and work with other NHS organisations. We may share anonymised statistical information with them for the purpose of improving local services, for example to understand how health conditions in across our local area compare against other areas.
Laws are in place that permit NHS Digital and some other NHS bodies to process identifiable patient data. Such data is provided to organisations, such as CCGs, normally in a pseudonymised/deidentified format (see What do we use pseudonymised information for). This flow of information assists CCGs to design and buy the combination of services that best suit the local area.
For more information please see our leaflet Sharing Healthcare Records.
National Fraud Initiative 2016/17
The CCG has a duty to protect the public funds it administers and as such participates in the National Fraud Initiative. This is an electronic data matching exercise conducted by the Cabinet Office, under statutory powers, for the purposes of preventing and detecting fraudulent and erroneous payments from the public purse. The exercise is run every two years.
The Cabinet Office’s data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.
Participation in the data matching exercise assists in the prevention and detection of fraud and involves the provision of particular sets of data to the Minister for the Cabinet Office for matching for each exercise, and these are set out in the Cabinet Office’s guidance, which can be found at https://www.gov.uk/guidance/national-fraud-initiative-public-sector-data-requirements
The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under the Data Protection Act 1998.
Data matching by the Cabinet Office is subject to a Code of Practice. This may be found at https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/401669/Code_of_data_matching_practice_July08.pdf. For further information on the Cabinet Office’s legal powers and the reasons why it matches particular information see https://www.gov.uk/government/collections/national-fraud-initiative
The key contact for the CCG is Steven Moss, Counter Fraud Manager, and if you have any queries regarding the exercise he can be contacted by:
Post: Steven Moss, Park House, Bridge Lane, Wigginton Road, York, YO31 8ZZ
Phone: 01904 725145 or 01423 554548
Declarations of Interests, Gifts, and Hospitality
The CCG is required to maintain and publish on its website registers of interests, gifts and hospitality for all staff of the CCG, as well as its Members, Governing Body and Committee Members.
In exceptional circumstances, where the public disclosure of information could lead to a real risk of harm or is prohibited by law, a person’s name or other information may be withheld from the published registers. If staff feel that substantial damage or distress may be caused to them or somebody else by the publication of information in the registers, they are entitled to request that the information is not published. Such requests are made in writing to the CCG via the contact details provided below.
As a data controller, we may also contract other organisations to process data. We ensure that these organisations handle information under strict conditions and in line with the law. We will have in place agreements and contracts to ensure this.
Please see details of information collected and used for specific purposes for further information.
What safeguards are in place to ensure data that identifies me is secure?
We only use information that may identify you in accordance with the Data Protection Act 1998. The Data Protection Act requires us to have an appropriate justification (lawful basis) if we wish to use/process any personal information. This means that we cannot collect information without the purpose of this being clearly identified and we can only do this where a law that gives us permission to do this.
As required by the Data Protection Act, when processing personal data we are obliged to ensure that we keep patients and staff ware of how we are using their information.
Within the health sector, we also have to follow the common law duty of confidence, which means that identifiable information about patients provided or collected during their care should be treated as confidential and only shared for the purpose of providing direct care.
We handle information in accordance with the Confidentiality NHS Code of Practice, Guide to Confidentiality, Caldicott Principles and professional standards in addition to the above legal requirements.
We also ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only, protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot see or make sense of it).
All CCG staff are expected to make sure information is kept confidential and receive annual training on how to do this. This is monitored by the CCG and can be enforced through disciplinary procedures.
The CCG has an executive director responsible for protecting the confidentiality of patient information. This person is called the Caldicott Guardian, they can be contacted using the details below.
The CCG is registered with the Information Commissioner’s Office (ICO) as a data controller and collects data for a variety of purposes. A copy of the registration is available through the ICO website – by searching for “NHS Leeds North Clinical Commissioning Group”.
How long do you hold confidential information for?
All records held by the CCG will be kept for the duration specified by national guidance from the Information Governance Alliance (see Records Management Code of Practice for Health and Social Care 2016 Retention Schedule for further information). Upon the end of the retention period, data will be reviewed as to whether it can then be securely destroyed.
What are your rights?
You have the right to have information about you processed fairly and lawfully, and to be able to access any personal information about you held by the NHS. You also have the right to privacy, and can expect the NHS to keep information confidential and secure. You have the right to request that your confidential information is not used for purposes other than your own care and treatment, and to have your objections considered. These rights are set out in the NHS Constitution.
12.1 Opt-out (stop) of information about you being processed beyond direct care
If you do not want the NHS to use information about you, collected by your GP then you can opt out by completing an opt-out form and returning it to your GP practice. There are different types or levels of opt-out available – type 1 and type 2. If you do not want information that identifies you to be shared outside your GP practice, for purposes beyond your direct care, you can register a type 1 opt-out with your GP practice. NHS Digital collects information from a range of places where people receive care, such as hospitals and community services. If you do not want your personal confidential information to be shared outside of the NHS Digital, for purposes other than for your direct care you can register a type 2 opt-out with your GP practice. Further information about these types is available from the NHS Digital Information Choices webpage.
Depending on the type of opt out you may choose, this will prevent your information being shared outside of your GP practice or NHS Digital for purposes beyond your direct care (except in special circumstances allowed by law, such as when there is a public health emergency or safeguarding issue).
Please be aware that the CCG does not hold or commission the retention of identifiable historical data (such as in a ‘data warehouse’) and therefore any opt-out will already be applied to the data provided by NHS Digital and the Data Services for Commissioner’s Regional Office (DSCRO).
It is entirely up to you whether the NHS can use your information or not – and if you choose to opt out this will not in any way affect the care or treatment they receive as a patient. Please note that if you choose to opt-out of your information being used for Risk Stratification, this could affect your direct care (as they use this data for ‘case management’ to assist GPs in identifying the care needs of their patients), you will need to discuss this with your GP to be clear of the possible consequences of this.
Please contact your GP practice, the hospital or healthcare provider if you wish for them to stop processing about you that is not for your direct care. It is not possible to request a care provider a patient has been seen by stop processing data as this would prevent them from providing such care and may prevent important information being shared with other professional involved in providing care.
If you wish for the CCG to stop processing information about you then please contact email@example.com.
12.2 View the information we hold about you (Subject Access Request)
The CCG does not directly provide health care services and therefore you may need to contact your GP Practice or healthcare provider to see or be provided with copies of your medical record.
You can view or request copies of the records about you that we may hold (by making a “Subject Access Request”) however, by emailing firstname.lastname@example.org (or using the contact details below). If you wish to have a copy of the information we hold about you, please note that there may be a charge for this (up to a maximum of £50).
12.3 Request updates or corrections are made to the information held about you
You can request information is corrected which is factually inaccurate or incorrect.
12.4 Withdraw your consent to information being processed about you
You are able at any time to withdraw any previous consent where you permitted the CCG to process information about you.
Freedom of Information
The Freedom of Information Act 2000 (FOIA) provides the public with the right to access information held by the CCG (subject to a number of exemptions). To make a request for information please email
eMBED.FOI@nhs.net or telephone 01274 256089.
Queries, Requests and Complaints
If you have any questions or complaints regarding the information we hold on you or the use of your information, please contact us:
NHS Leeds North Clinical Commissioning Group
Leafield House, 107-109 King Lane, LEEDS, LS17 5BP
Telephone: 0113 843 2900
For independent advice about data protection, privacy, data sharing issues and your rights you can contact:
Information Commissioner’s Office
Wycliffe House, Water Lane, WILMSLOW, Cheshire, SK9 5AF
Telephone: 0303 123 1113 (local rate) or 01625 545 745