Everything we do with information about people, such as how we collect it and who we share it with, has to comply with Data Protection legislation. A key part of this is being open about how we use information and what rights you have in respect of information we hold about you.
The information we hold
We hold information about people we directly provide a service to and about people we have a responsibility for in respect of our Public Health and health improvement functions. This will include residents of Cambridgeshire, people receiving health and care services in Cambridgeshire and people who work or attend school in Cambridgeshire.
Under our statutory obligation to provide a public health advice service to our local NHS clinical commissioning group (CCG), this also extends to people resident in Cambridgeshire and Peterborough CCG’s area or registered with one of the CCG’s general practices.
We will process your data on the basis that the processing is necessary in providing services as part of our public task, namely the public health responsibilities set out in law.
Special category data (such as information about your health) will be processed on the basis that it is necessary for the provision of health or social care or treatment or the management of health or social care systems and services, for reasons of public interest in the area of public health or for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
We collect data to enable us to provide direct care services to you where you request this. The precise details held will depend on the services you are receiving from Public Health or an organisation commissioned to provide services on our behalf. The specific details collected will be explained when you start the relevant service. The standard identifiers used are: NHS number, Name, Date of Birth and Postcode.
We also receive some data, containing identifiers, to enable us to carry out Public Health functions that are not related to direct care. Some of these data are provided to us under specific data access agreements and an example of this is provided below in the section about access to NHS Digital Civil Registration Data (covering data about births and deaths in our area).
Information that relates to an identifiable living individual is called personal data. This could be one piece of data, e.g. a person’s name or a collection of data, such as name, address and date of birth.
This information is collected in one of two ways. It may be provided to us directly by a member of the public when they sign up to use a service we are providing. In some cases it may be shared with us by another organisation due to us having a role in a service they are providing, or as part of providing local data analysis to support decisions related to Public Health functions like the commissioning of services or improving and protecting the public’s health. This will include organisations such as national and local NHS bodies,the Office for National Statistics, NHS Digital, other local authorities and schools.
Some services we commission will ask for, or receive from the NHS, your NHS number. This is so that the NHS and the commissioned service are using the same number to identify you whilst providing your service. By using the same number the NHS and commissioned service can work together more closely to improve your care and support. If you wish to opt-out from the use of your NHS Number for these purposes, please talk with your practitioner.
Why do we have it and what do we use it for
Primary use of data (direct care services). This is where a service collects and uses information that identifies individual residents and users of public health services in Cambridgeshire and is known as ‘personal data’. These personal data are required to enable us to carry out specific functions and services. There are 5 public health functions we must deliver by law that can involve the collection of personal data, which are:
- Helping protect people from the dangers of communicable diseases and environmental threats.
- Organising and paying for sexual health services.
- Providing specialist public health advice to primary care services: for example GPs and community health professionals.
- Organising and paying for height and weight checks for primary school children.
- Organising and paying for regular health checks for Cambridgeshire people.
We may commission or provide these services ourselves. Internal to the Public Health Department itself, primary use includes, but is not restricted to, the delivery and management of the following public health services:
- Public health services for gypsies and travellers.
Secondary use of data. The Public Health Directorate also uses data and information as part of the planning, commissioning and monitoring of services. This is to help ensure that services meet the needs of people now and in the future, that we take steps to improve and protect the public’s health, that we work to reduce inequalities in health and that we provide an advisory service to the local NHS commissioner (NHS Cambridgeshire and Peterborough Clinical Commissioning Group). These functions include:
- Producing assessments of the health and care needs of the population, in Particular to support the statutory responsibilities of the: Joint Strategic Needs Assessment (JSNA), the Director of Public Health’s Annual report and the local Health and Wellbeing Strategy.
- Identifying priorities for action
- Informing decisions on (for example) the design and commissioning of services,
- To assess the performance of the local health and care system and to evaluate and develop them.
- To report summary statistics to national organisations
- Undertaking equity analysis of trends, particular for vulnerable groups
- To support clinical audits.
- To provide the mandated healthcare public health advice service to the local Clinical Commissioning Group (CCG).
In secondary use cases, the information is used in such a way that individuals cannot be identified and personal identifiable details are removed as soon as possible in the processing of the data. There is clear separation of data resources between those people nominated to process these data and those that use the data for secondary analysis. Depending on the circumstances, the data will be anonymised or de-identified (pseudonymised).
Anonymised data is information which does not identify an individual directly and which cannot reasonably be used to determine identity. Anonymisation does not allow information about the same individual to be linked in the same way that pseudonymisation does and is therefore more likely to be used for ‘one-off queries’ of data rather than consistent trend analysis.
Pseudonymisation (also known as de-identification) refers to the process of replacing personally identifiable information relating to a patient/service user with an alternative ‘identifier’ (such as a randomised reference number instead of their unique NHS number) in order that their data can be analysed appropriately (for example as part of trend analysis) without their personal identifiable data being disclosed unnecessarily.
Our policy on Pseudonymisation and Anonymisation can be found here.
Whenever we use information, we always limit this to only the details that are needed and we ensure that it is used safely and securely. We require anyone we share information with, or who uses it on our behalf, to do so too. All staff and councillors receive training on data protection and information security.
Who we share information with and why
Information is only shared with other organisations where their involvement is required to provide a service, for us to comply with our Public Health responsibilities or where we are under a legal requirement to share it. The organisations we may need to share information with include organisations such as national and local NHS bodies, the Office for National Statistics, NHS Digital, other local authorities and schools. Any sharing will be assessed to ensure the organisations will meet the same standards of security and confidentiality as we do
All information sharing is done with reference to the principles set out in the Cambridgeshire and Peterborough Information Sharing Framework.
We participate in the Cabinet Office's National Fraud Initiative, a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office for matching for each exercise.
Access to NHS Digital Civil Registration Data
NHS Digital require us to include further specific detail in our Privacy Notice about access to, and use of, NHS Digital Civil Registration Data (data about births and deaths in our area). Deaths data are supplied to us via the Primary Care Mortality Database (PCMD) and the PCMD holds data about people who have died in our area, as provided at the time of registration of the death, along with additional general practice details, geographical information, details about the cause of death and associated administrative details. Births data holds information about births in our area, which is collected at birth registration. Both datasets are supplied to us over a secure file transfer mechanism.
Our access to these data is by application to NHS Digital and is available for use by Public Health analysts in local authorities for statistical purposes to support Public Health functions. Data supply and management is covered by this agreement with NHS Digital.
The terms of this agreement stipulates that data are supplied to us under specific legislation and for specific purposes. The legal basis for processing the data is covered by the Other (General Data Protection Regulation Article 9 (2) (h)), General Data Protection Regulation Article 6 (1) (e) and dissemination is covered by the Health and Social Care Act 2012 - s261(5)(d).
Access is permitted under section 42 (4) of the Statistics and Registration Service Act 2007, as amended by section 287 of the Health and Social Care Act 2012, for the purpose of statistical analysis for Local Authority Public Health purposes. NHS Personal Confidential Data (PCD) is released under regulation 3 of the Health Service (Control of Patient Information) Regulations 2002 and can only be used for public health purposes.
This Civil Registration Data are of significant value to the Local Authority as they enable our analysts to respond to local public health needs. Evaluations of births and deaths in our local area allows us to perform the following:
- Measuring the health, mortality or care needs of the population, for specific geographical area or population group;
- Planning, evaluating or monitoring health and social care policies, services or interventions; and,
- Protecting or improving the public health, including such subjects as the incidence of disease, the characteristics (e.g. age, gender, occupation) of persons with disease, the risk factors pertaining to sections of the population, or the effectiveness of medical treatments.
Identifiers included in data relating to deaths (PCMD)
Data relate to the deceased, the family of the deceased, people involved in the care of the deceased and people involved in the administration of the death and include:
- Deceased’s address
- Postcode of usual residence of the deceased
- Post code of place of death
- NHS number
- Date of birth
- Dare of death
- Maiden name (PID field specified by NHS Digital / ONS but not present in current PCMD).
- Name of certifier
- Name of coroner
- Cause of death (ICD10 coded cause of death will be retained in the data set used by PCMD data processors and analysts, all having completed the relevant approvals).
Identifiers included in data relating to births
Data relate to the birth, the mother of the new born and administrative details about the birth and include:
- Address of usual residence of mother
- Place of birth
- Postcode of usual residence of mother and postcode of birth of child
- NHS number of child
- Date of birth of child
Data processing and secondary analysis
In order to gain access to, process, store and analyse births and deaths data appropriately and safely we do the following:
- Data are transmitted to us from NHS Digital using a secure file transfer mechanism.
- Access to the births and deaths data, whether identifiable data or anonymised data, is restricted to those staff members who have signed the appropriate NHS Digital data access agreements. The data are stored on our IT network at a location that is restricted to those staff.
- Data are encrypted and are password protected.
- Access to the source identifiable data is restricted to those staff who have been nominated as data processors for the births and deaths data.
- For those staff engaged in secondary analysis, we have removed the identifiable data, as this is not routinely required for the permitted uses of the data.
- We have created a link identifier between the de-identified data and the identifiable source data, but access to re-identification is restricted to our nominated data processors.
- Publication of the outcome of secondary analysis is limited to permitted purposes, is derived from de-identified data and is restricted to the aggregate results of that analysis in line with our Data Access Agreement and NHS Digital/ONS rules on the uses of health based statistical data and disclosure.
- We are not permitted to, or have no business need to, link the deaths and births data directly with any other data. We do, however, assimilate the data with other sources of data, information and evidence in order to carry out our Public Health responsibilities.
Further details about the deaths data (PCMD) can be found on the NHS Digital website.
How long we keep hold of information for
We only keep information for as long as it is needed. This will be based on either a legal requirement (where a law says we have to keep information for a specific period of time) or accepted business practice. This is set out in our retention schedule on our Privacy page.
What rights you have
You have various rights around the data we hold about you.
- Right of access (to receive a copy of your personal data)
- Right to rectification (to request data is corrected if inaccurate)
- Right to erasure (to request that data is deleted)
- Right to restrict processing (to request we don’t use your data in a certain way)
- Right to data portability (in some cases, you can ask to receive a copy of your data in a commonly-used electronic format so that it can be given to someone else)
- Right to object (generally to make a complaint about any aspect of our use of your data)
- Right to have explained if there will be any automated decision-making, including profiling, based on your data and for the logic behind this to be explained to you.
Any such request can be submitted to the Data Protection Officer. Whether we can agree to your request will depend on the specific circumstances and if we cannot then we will explain the reasons why.
If we are processing your information based on you giving us consent to do so, you have the right to withdraw your consent at any time. Doing so may mean we are unable to provide the service you are hoping to receive and the implications of you giving or withdrawing your consent will be explained at the time.
National Data Opt-out
Alongside your Right to Object, the NHS National Data Opt-out Programme gives you the right to opt out of your confidential patient information being used for reasons other than their individual care and treatment (such as for research and planning purposes). Patients and the public will be able to use the national system from 25 May 2018. All health and care organisations will be required to uphold patient and public choices by March 2020.
If you are unhappy with any aspect of how your information has been collected and/or used, you can make a complaint to the Data Protection Officer. You can also report concerns to the national regulator, the Information Commissioner’s Office. Their details can be found on their website.
Data Protection Officer Contact Details
If anything in this notice is not clear, or if you have further queries, please get in contact with the Data Protection Officer.
Email: [email protected]
Tel. No: 01223 699137.
Post: Info and Records Team, OCT1224, Cambridgeshire County Council, Shire Hall, Cambridge, CB3 0AP
Version 3 – 31 May 2018