How we use your personal information
Patient and personal information
Information we record about you
The London Ambulance Service NHS Trust provides an emergency pre-hospital care and non-emergency transport service throughout Greater London as well as an urgent care 111 service in South East London (to be followed by North East London) .
When you contact us as a patient, we collect information about you and keep records about the service we provide. We may also record information about you if you contact us for any other reason. This guidance explains the type of information we record about you, why this is necessary, and the ways in which this information may be used by the Service.
What is the legal basis for processing my information?
The legal basis (under the EU General Data Protection Regulation and the Data Protection Act 2018) for the processing of data for these purposes is that the NHS is an official authority with a public duty to care for its patients, as guided by the Department of Health, and Data Protection legislation says it is appropriate to do so for health and social care treatment of patients, and the management of health or social care systems and services.
If we need to use your personal information for any reason beyond those stated above and below, we will discuss this with you. You have the right to ask us not to use your information for certain purposes but there are exceptions to this which are listed below under ‘Disclosure to third parties’.
What type of information will we record about you?
We log details electronically when we receive a call for help to our emergency control centres or our 111 service, or a booking for non-emergency transport services that we operate.
If one of our ambulances attends you, or you are transferred between hospitals by ambulance, we will collect information about you to help us identify and treat you. This will be written on a patient clinical record along with details of your symptoms and condition, and any treatment we give you. We are also required to record details of your ethnicity and other information to help us monitor the equality of the services we provide.
If you speak to one of our 111 call handlers or clinical advisors we will record your details and access your clinical information in order to provide the advice or care you require which may require transferring you to the out of hours service, requesting an ambulance or, if it is in hours, putting you in touch with your dentist or GP.
If you receive non-emergency transport services, we will record details about where you live, where we will be taking you and some details about your circumstances.
If you make a complaint or an enquiry about the service we have provided, or have contact with us on another matter, we will keep a record of all the relevant details in a file for case management purposes. In some cases, we may need to obtain information from the hospital we have taken you to in order to investigate a complaint or deal with an enquiry.
What happens to your clinical records?
If an ambulance takes you to hospital, we will give the hospital staff a copy of the written patient clinical record so that they have details of your condition and the treatment we have provided.
Where necessary we do use a limited number of private contractors to supplement our emergency and non-emergency transport services. Where this happens they are under contract to us to comply with Data Protection legislation in the same way as we do, their performance in this respect is monitored and all the information they collect about you is transferred securely to us.
Other health and social care professionals involved in your treatment or care may ask us for information about your use of our services or the treatment you received. Provided we are satisfied that they do need this information for your care, or you have given permission, we will provide this to them.
In some circumstances, particularly if we do not take you to hospital or provide 111 advice, we may share information or clinical records with other healthcare professionals. Most commonly, this will be to your GP, but we may also pass your details to other specialist healthcare teams which might include people from other organisations, such as social services, to assess whether they can offer you support that may help to prevent a similar situation arising again.
We are sometimes also asked by the Clinical Commissioning Groups (CCGs) that fund our services to provide information about incidents attended so they can identify and provide more appropriate care pathways for patients but the information we provide will not identify you.
Where another NHS organisation is funding a non-emergency transport service journey, we have to confirm this information – although we will provide only the details that are needed.
Helping us to train our staff and monitor their work
Clinicians may need to copy patient clinical records they have completed for their training, but they will blank out information which could identify you before they do this.
Monitoring the standard of care we provide and undertaking research
Anonymised information from patient clinical records is used for internal audit purposes and details of the emergency treatment and care we provide is sometimes used for research. We make sure ethical approval has been obtained in accordance with NHS guidelines before we release any information outside the organisation for research purposes and do not release information that could identify patients unless there is a legal basis for doing so.
Monitoring the standard of care provided within the NHS overall
We pass information to other NHS organisations as part of national initiatives to monitor the standard of care provided within the NHS as a whole. In all cases, we supply only the details that are needed for these purposes and, wherever possible, the information will be anonymised.
Disclosure to third parties
We will not disclose your information to third parties outside the NHS without your permission unless it is required for your direct care or there are exceptional circumstances, such as when it is justified in the public interest; for example:
- When a serious crime has been committed
- if there are risks to the public or NHS staff
- to protect vulnerable children or adults who are not able to decide for themselves whether their information should be shared.
- We have a legal duty, for example reporting some infectious diseases, wounding by firearms and court orders
- We need to use the information for medical research. We have to ask permission from the Confidentiality Advisory Group (appointed by the NHS Health Research Authority)
or where the law requires information to be passed on; for example-
- Where a formal court order has been issued.
We will seek your consent before we release information that identifies you to any third party for any other reason than direct patient care and those set out in this guidance and the regulations.
Your information is never collected for direct marketing purposes, and is not sold on to any other third parties. Your information is not processed overseas.
How do you know your records will be kept confidential?
All NHS organisations have a legal duty of confidence to their patients and Data Protection legislation further defines how we can collect and handle personal information. The NHS also has an additional set of guidelines, known as the Caldicott principles, which apply to the use of patient information. All NHS organisations are required to appoint a Caldicott Guardian to ensure patient information is handled in accordance with legal and NHS regulations and the Caldicott Guardian for the London Ambulance Service is the Medical Director.
When we pass on any information we will ensure that the recipient is aware that it must be kept confidential and secure.
How long do we keep your records?
Information is held for specified periods of time as set out in the Records Management Code of Practice for Health and Social Care 2016.
We retain medical records for 25 years and clinical details of 999 and 111 calls made by adults for 10 years. Other records that may contain information about you are kept for varying lengths of time, up to ten years.
Your rights over your information
Data Protection legislation gives individuals rights in respect of the personal information that we hold about you. These are:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to erasure (does not apply to medical records) or restriction of processing, such as for research purposes.
- Right of portability – you have the right to have the data we hold about you transferred from one IT system to another in a safe and secure way, without impacting the quality of the information.
- To ask us to restrict the use of your information.
- To ask us to copy or transfer your information from one IT system to another in a safe and secure way, without impacting the quality of the information.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to any decisions made without human intervention (automated decision making).
How to obtain your personal information or request further details about the use of your information
If you believe any of the information we hold about you may not be accurate, or if you have any concerns about us collecting and using information about you as outlined here, you should contact our Patient Experiences Department.
If you want to make a subject access request for personal data held in respect of any services provided by the Trust you should make a written request (fax, email or letter) to:
Patient Experiences Department
Units 1&2 Datapoint Business Centre
6 South Crescent
Tel: 020 3069 0240
Fax: 020 3069 0239
Complaints and enquiries
Files relating to complaints or enquiries we receive will only be seen by the staff who are dealing with the matter. We will only pass this to another organisation or body if you ask us to do this, for example, if you request that our response to your complaint is reviewed by a separate regulating body.
We may sometimes be asked for information about the service we have provided you with by other organisations investigating a complaint or enquiry you have made to them, or if you are pursuing a legal claim against them.
Should you wish to lodge a complaint about the use of your information, please contact our Patient Experiences Team at the above address.
Should you have any further queries on the uses of your information, please speak to a member of staff or alternatively contact our Data Protection Officer.
If you are still unhappy with the outcome of your enquiry you can write to: The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF – Telephone: 01625 545700.