The Trust must comply with legislation governing the access to and management of information, including the Data Protection Act 2018 and the Freedom of Information Act 2000. Both of these acts provide the public with various rights of access to information that we hold.
Personal information is information about you. It can be your name, address or telephone number. It can be the type of job you do, the things you buy and the place you went to school.
The Act works in two ways. Firstly, it helps to protect your interests by obliging the Trust to manage the information they hold in a proper way.
The second area covered by the Act gives you important rights, including the right to know what information is held about you and the right to correct information that is wrong.
Everyone in the NHS has a legal duty to keep information about their patients confidential, and great care is taken to ensure that we keep high standards of confidentiality. The Data Protection Act 2018 sets out those standards.
Here at our Trust we take the security of patient information that we collect very seriously. All staff are trained every year on keeping information secure. We also issue regular reminders to staff and conduct audits to ensure good practice.
The Trust has a Data Protection Officer who you can contact if you would like to discuss how the Trust uses your information:
Data Protection Officer
Information Governance Department
Birmingham and Solihull Mental Health NHS Foundation Trust
52 Queensbridge Road, Moseley, Birmingham. B13 8QY.
The Freedom of Information Act provides public access to recorded information that we hold. It does this in two ways:
- We are obliged to proactively publish certain information about our activities through a publicly available publication scheme
- Giving anyone the right to request recorded information that we hold, and we must provide this information within 20 working days unless there is a good reason not to disclose as permitted under the Act.
Freedom of Information requests can be emailed to firstname.lastname@example.org.
The Act does not give people access to their own personal data (information about themselves) such as their health records. You will need to make a subject access request under the Data Protection Act if you want to access information which we hold about you.
Requests for information from the Police
All Police requests for information should be made in writing to: email@example.com
The Information Requests Team will need a signed and counter signed Data Protection form (WA170) stating what information you require.
All Police requests for information must include:
- The Data Protection form (WA170) must state that you are requesting the information under the Data Protection Act
- The form must also state the purpose of why you are requesting the information e.g., the prevention or detection of crime and apprehension or prosecution of offenders and the nature/seriousness of the investigation
- Date, time, and location of the incident
- The information that you require from the Trust e.g., patient care record and any specific time frame or document
- Consent of the individual if applicable
- Your contact details – phone number and email address.
Please note that without this information, we are unable to process any police requests for information.
Once the Information Requests Team receives the completed Data Protection form, we will send you an acknowledgment and action your request.