• Search for:

    This page explains why information is collected about you and the ways in which this information may be used: this is called a Fair Processing Notice or Privacy Notice.

    It is designed to inform you about how we are complying with the General Data Protection Regulation (GDPR) 2018 and the UK Data Protection Act 2018.

    We aim to update this information from time to time to reflect any changes. It also explains how you can access or get copies of your information.

    Who we are

    Staffordshire and Shropshire Health Informatics Service (S&SHIS) are part of Midlands Partnership NHS Foundation Trust (the Trust) who are a data controller. Our address for communications is:

    Lawton House
    Bellringer Road
    Trentham
    Staffordshire
    ST4 8HH

    The Trust are registered to process personal and sensitive information under the Data Protection Act 2018.

    We operate under MPFT’s Information Governance Framework, which includes having a nominated Senior Information Risk Owner (SIRO) and a Data Protection Officer (DPO)

    What Personal Data We Collect and Use

    The S&SHIS only collect very limited personal data and only for the purpose of promoting our services.

    The information we collect includes:

    Email Address
    Photographs, audio and video recordings

    We do not share any personal data with third-parties or transfer it overseas.

    The Lawful Basis of Processing

    We use ‘consent’ as the legal basis for processing personal data. This requires us to obtain clear consent from the data subject for processing data for a specific purpose.

    Cookies

    This website uses cookies. We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

    Cookies are small text files that can be used by websites to make a user’s experience more efficient.

    The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.

    This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.

    You can at any time change or withdraw your consent from the Cookie Declaration on our website.

    Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy.

    Please state your consent ID and date when you contact us regarding your consent.

    Your consent applies to the following domains: www.sshis.nhs.uk

    Individual Rights

    You have the right to see or have a copy of your personal information.

    You do not need to give a reason; and normally there will be no charge.

    If you want to access your records, you should make a written request to the MPFT subject access team at the following address:

    Access to Records Team
    Health Records
    St Georges Hospital
    Mellor House
    Corporation Street
    Stafford
    ST16 3SR

    Email: health.records@mpft.nhs.uk
    Telephone: 0300 790 7000

    We will normally provide your information within one month (four weeks) of receiving all the information we need to respond to your request.

    Before providing any information we will need to verify your identity and may request further information from you so we may progress your query as quickly as possible.

    Your right to be informed
    This means you have a right to be informed about the way we collect and use your data.

    Your right to rectification
    This means you have the right to have inaccurate (incorrect or misleading as to any matter of fact) personal data corrected or completed.

    Your right to have your personal information erased
    This right is not absolute and only applies in certain circumstances.

    You have the right to restrict the processing of your information in the following circumstances:
    You contest the accuracy of your personal data and we are verifying the accuracy of the data.

    Your right to data portability
    This means that you can request a secure transfer of your data to another Data Controller.

    The right to data portability only applies when:

    the data is about you and that it was provided by you to the Trust
    where the processing is based on your consent or for the performance of a contract; and
    when processing is carried out by automated means

    Your right to object
    This means that you have the right to object to us processing your data where the processing is based on:

    legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
    direct marketing (including profiling); and
    processing for purposes of scientific/historical research and statistics
    You must have an objection on “grounds relating to your particular situation”.

    Your right to withdraw your consent
    This means that once you have given your explicit consent for your information to be processed you have the right to:

    Withdraw your explicit consent for the processing of your information
    You can withdraw your consent by informing the department / team that took your consent. You can do this in writing or verbally.

    Closed Circuit Television

    The S&SHIS make use of CCTV systems. You have a right of access if you wish to request your data captured on CCTV.

    Security of Information

    We take our duty to protect personal information and confidentiality very seriously and we are committed to comply with all relevant legislation and to take all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper.

    Complaints and your Right to Complain to the Regulator

    If you feel that we have not adequately dealt with your complaint regarding how we process your information you can raise the issue with the Information Commissioner who is the supervisory authority for the United Kingdom (the Regulator) at the address below:

    Information Commissioner’s Office

    By phone: 0303 123 1113

    By letter:

    Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF

    By email casework@ico.org.uk

    Website: ico.org.uk (opens in a new window)