The East of England Ambulance Service NHS Trust (also referred to on this site as “EEAST” or “the Trust” or “we” or “our”) are committed to preserving the privacy of all visitors to this website.
By using this website you consent to the collection, use and transfer of the information that you provide to us in accordance with the terms of this policy.
We want you to feel secure and informed when visiting the site. We are committed to respecting your privacy. Below we give an overview of how we do that.
We may collect the following information:
If you register with the website, or if you fill in a form on the website, you may be asked to provide information about yourself (including your name and necessary contact details) to allow us to process your request. The individual form will explain what we will do with your data and how long we will keep this for.
We collect information indirectly and directly. When you access www.eastamb.nhs.uk, we use technology to collect information indirectly, such as your Internet address, which is then kept in our Internet access logs. (see paragraph below about our webserver log files).
We also collect information when you give it to us. When we collect this type of information, we will notify you as to why we are asking for information and how this information will be used. It is completely up to you whether you provide it.
We analyse it to see what is most effective about our site, to help us identify ways to improve it, and to make it more effective. We may also use data for other purposes, which we would identify to you at the point we collect the information and request you to formally opt-in and agree to your data being used for that specific purpose.
We do not pass on any personal information you have given us to any other website operators. The social media sites that we link to are third-party sites and the Trust does not have any control over the way that these sites use your information.
As a government department, we do not share data with other organisations unless the law permits us to do so. We do not sell individual information. We will share it only with our authorised Data processors, who must act at all times on our instructions as the Data Controller under the Data Protection Act (2018).
Before you submit any information, we will notify you as to why we are asking for specific information and it is up to you whether you provide it. For more information please view our privacy notice.
You are entitled to know whether we hold information about you and, if we do, to have access to that information and require it to be corrected if it is inaccurate. You can do this by contacting email@example.com.
You are entitled to withdraw your consent regarding any personal data you have provided us at any time. This also applies to any photographs where you can be identified, even if you may have consented to its use previously. You have the right to be forgotten on our systems.
There are some limitations to this right, if you wish to discuss this or withdraw your consent to the Trust processing your personal data please contact firstname.lastname@example.org.
We take appropriate steps to maintain the security of your data on our website. Unfortunately, the transmission of information via the Internet is not completely secure. Although we employ security measures to protect the information provided by you, we cannot guarantee the security of your data transmitted to our site and any transmission is at your own risk.
Once we have received your information, we will use appropriate security procedures and features aimed at preventing any unauthorised access, unlawful processing, accidental loss, destruction or damage.
IP addresses are used by your computer every time you are connected to the Internet. Your IP address is a number that is used by computers on the network to identify your computer. IP addresses are automatically collected by our web servers so that data (such as the web pages you request) can be sent to you.
Webserver log files are used to record information about our site, such as system errors. The Trust also uses log files to monitor site traffic. Log files do not contain any personal information or information about which other sites you have visited.
We routinely collect information from the initial contact when we receive a call in the 999 Emergency Operations Centre (EOC) through to completing an electronic patient record (EPR) with information about the patient and care we provide, when we attend an incident. Some of this information goes on to form part of the Ambulance Data Set (ADS).
If a patient is transferred from ambulance services to the care of an Emergency Department, information within the Ambulance Data Set is subsequently linked with key information collected in Emergency Departments as part of the Emergency Care Data Set (ECDS).
The purpose of this is to fully understand the patient’s journey from the ambulance service to other urgent and emergency healthcare settings. This will enable clinicians, ambulance services and the NHS to learn from patient journeys and further improve the care they provide in the future.
Data collected by ambulance services and emergency departments is securely linked and transferred to us. Data collected as part of the Ambulance Data Set is shared with NHS Digital* – a section of NHS England specialised in data and IT systems – where it is linked with key relevant information in the Emergency Care Data Set and securely returned to us.
This linked information includes a unique number generated by us during the initial 999 call, as well as a unique vehicle reference which will help us re-identify the original care record for the incident and the patient.
Appropriate access to this information will enable us to help develop the skills of our clinicians to improve the care they provide and support us in delivering service improvements to improve patient experience.
The lawful basis for the ambulance service to process this information under General Data Protection Regulation (GDPR) is Article 6 (1)(e) – “...exercise of official authority” and for processing special categories (health) data the basis is: Article 9(2)(h) – ‘...health or social care...’ of the GDPR Regulations.
To lawfully process information in the manner described, NHS England on behalf of ambulance services have obtained a section 251 approval, as required by the NHS Act 2006 and Health Service (Control of Patient Information) Regulations 2002. This provides a legal basis for patient information to be processed for these purposes.
*= NHS Digital officially merged with NHS England on 1st Feb 2023, therefore the organisation previously known as NHS Digital is legally known as NHS England and data held by NHS Digital is now held within NHS England.
If you wish to contact our Data Protection Officer, please email email@example.com.
The national data opt-out policy was introduced on 25 May 2018, following recommendations from Dame Fiona Caldicott in the 'Review of data security, consent and opt-outs'. National data opt-out is a service which allows the public to opt out of their confidential information being used for purposes beyond their individual care and treatment.
This review aimed to ensure the public can make choices on how their data is used for research and planning purposes.
The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:
This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations.
Confidential patient information about your health and care is only used like this where allowed by law. Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.
You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.