Information Protection at St Luke's

Information protection

Here at St Luke’s we are committed to ensuring that your personal information is kept safe.

How we manage your personal information

St Luke’s keeps personal information about you, your health and any treatment and care that you receive to help ensure that you receive the best possible care from us. St Luke’s also keeps records about the fundraising you have done for us or are interested in, whether you play our lottery or if you are eligible for Gift Aid. These records may be written down (paper records), or held on a computer.

• Your telephone number or email address
• Your bank details if you donate directly from your bank account
• Demographic information about you, such as your name, date of birth and address
• Identifiers, such as your personal hospital number and NHS number
• Information about your health
• Information about the care and treatment you receive
• Results of investigations
• Information supplied by health care professionals who are involved in your care

We ask for information about you so you can receive proper care and treatment. This personal information forms part of your health record and will need to be kept in case we need to see you again.

We may also ask for other information, e.g. whether you have a disability, your religion or beliefs, sexuality and race. If you follow a particular religion, there may be ways in which we can help you observe these during any treatment you have or if you have a disability we will know that you may require additional support. It is important we have as complete a picture of you as possible to ensure that we are aware of and can plan to meet any particular care needs.

Some of the information we ask for allows us to answer any questions you may have, accurately. We also use it to manage your lottery account and to allow us to claim Gift Aid on your donations. Finally, we may use it to be able to thank you for your generosity and keep you informed about other relevant campaigns.

St Luke’s must manage your personal information in line with the Data Protection Act 2018.

Staff involved in your treatment need to have accurate and up to date information to assess your health and provide you with care.
You may receive care from non St Luke’s staff (e.g. NHS or Social Services) with whom it is necessary to share information about you in order to provide your care. Your information will only be made available for direct care purposes and where your consent is needed we will contact you for permission.

Sometimes we need to pass on your information by law, for example:

• When an infectious disease is encountered that may endanger the safety of others (such as meningitis or measles (but not HIV/AIDS)
• Where a formal court order has been issued

All hospices are assessed by the CQC (Care Quality Commission), which is an independent regulator of health and social care in England. As part of this process, the professional assessors will visit and look at a small number of health records and incident report forms. The assessors are not concerned with individual patient details and they don’t take them away.  If you wish to object to your records being made available during an assessment, please notify us.

We may use your information to help look after the health of the general public and to make sure that our services can meet future patient needs.

Your information may also be used to help us to:

• Review the care we provide to ensure it is of the highest standard
• Teach and train healthcare professionals
• Conduct health research and development
• Investigate complaints, legal claims or untoward incidents

When your information is used for service improvement, it will always be anonymised, which means it is impossible to identify you personally.

Your personal information is valuable, so you should treat it just as you would any valuable item.

We must comply with the principles of the Data Protection Act 2018 and take the confidentiality of your information very seriously.  All our staff undertake regular training and maintaining confidentiality is outlined in job descriptions and contracts of employment.

We ensure the security of your information held on our computer systems and areas where paper records are held are robust to prevent unauthorised access or modification.

You have the right to know how we will use your personal information and ask us to consider changing the way we use it.
The information we hold about you is to care effectively, if you have any concerns about the information held or shared please speak to your St Lukes Health Care professional

The Data Protection Act 2018 gives you the right to apply to see any personal information held or anything written about you in your health record.

The Access to Health Records Act 1990 gives a patient’s representative the right to access the health records of that patient if they have died.

St Luke’s Hospice Plymouth uses third parties to process information we collect from our supporters. These are:

Organisation (purpose)
Access ThankQ CRM (Registration and donation information)
FR Systems (Event fulfilment)
PFC Group (Direct mail)
Combase Pty Ltd. (Lottery software)
Lottery Fundraising Services Secure Collections (Society lottery services)
CRS Business Systems Pepper Communications Ltd. (EPOS, Cash Registers and Software solutions Direct mail)
One Post (Direct mail)
Whittington Moor Printing Works Ltd (Direct mail)
Abbey Marketing Communications Ltd (Direct mail)
Whistl Group Holdings Limited (Direct mail)
Eight Days a Week Print Solutions (Direct Mail)

Protected Information