21558-Patient Details and Consent

Under the terms of the Freedom of Information Act we seek the following information:

1 .What policy, protocol or standing order does your Trust operate in relation of the disclosure of patient details without consent in dog bite cases?

2. Please disclose that policy, protocol or standing order.

3. What is the statutory or other legal basis the Trust relies on to facilitate the disclosure of patient details in the absence of patient consent?

  • Reference:
    21558
  • Response:

    Under the terms of the Freedom of Information Act we seek the following information:

    1 .What policy, protocol or standing order does your Trust operate in relation of the disclosure of patient details without consent in dog bite cases?

    The Trust does not have a specific policy for this; we have a Data Protection Policy that covers the release of information. We would only disclose to the police if we receive a Section 29 DPA form stating our legal obligation to provide the data- e.g. in pursuance of a crime.  If they did not provide this we would require consent from the individual.

    2. Please disclose that policy, protocol or standing order.

    The Data Protection Policy can be found on our website: https://www.eastamb.nhs.uk/Policies/corporate/Data-Protection-Policy.pdf as this information is publicly available the Trust is not obliged to provide this again and will be applying exemption s.21 of the Freedom of Information Act to this request.

    3. What is the statutory or other legal basis the Trust relies on to facilitate the disclosure of patient details in the absence of patient consent?

    The Trust may make use of all of the legal bases provided for under the DPA 2018 and the GDPR. Within an NHS ambulance service, providing emergency and unscheduled care, the provisions would/could be Vital Interests, Public Task or Legal Obligation. The Trust looks at where data is to be disclosed and make the decisions required by data protection legislation and good practice; we also take into consideration the Caldicott Principle.  

    4. Has that policy, protocol or standing order been reviewed so as ensure compliance with the General Data Protection Regulations and if so how is that policy, protocol or standing order compliant with those regulations?

    Yes, the policy has been reviewed and ratified since the introduction of the DPA 2018 and the GDPR. This policy was also reviewed by the ICO as part of an audit of EEAST undertaken earlier this year.  No issues were raised in relation to this policy.  The Trust has also completed its mandatory Data Security Protection Toolkit submission and this policy (in conjunction with others) forms part of that submission.  NHS Digital has not raised any concerns in relation to our policies and procedures covering data protection.

    5. Has your policy, protocol or standing order been reviewed by your practitioners regulators and been certified as being complaint with their professional duty of confidentiality and if so by whom and with what result?

    A number of policies were submitted to the Care Quality Commission as part of a Pre Inspection Information request and no issues have been raised.  The Trust has not been asked to submit any policies to specific practitioner regulators i.e. General Medical Council, Health Care Professionals Council, Nursing and Midwifery Council.

  • Area:
    Trust wide
  • Category:
    Risk and Governance
  • Month:
  • Year: