Each time that you use or visit an NHS or social care service they record information about your health, care or treatment. These records are normally held electronically.

These records are held by GP surgeries, hospitals, local authority social care services and other health and care services including pharmacies, opticians, dentists and care homes. Each NHS or social care service that you use keeps its own record about you. 

NHS and social care services share information from your records with each other to provide you with care and treatment. Only health and care staff who are providing this care can see the confidential information in your records. 

They may also share information, called data, from people’s health and care records to help plan and improve health and care services, find new ways to prevent people becoming ill, and develop new cures and treatments. This data does not normally contain information that you can be identified from.

NHS and social care services have a legal basis to share information from your health and care records for these purposes. This is set out in the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (GDPR). You have the right to object to your records being shared.

We take respecting your privacy and keeping your information and data safe and secure very seriously. Strict rules and processes are followed to protect your information and data which is shared using secure IT systems and protected from cybersecurity threats.

If you have any questions, you will find more information in these detailed Frequently Asked Questions or contact hiowicb-hsi.hsiow-dpo@nhs.net.

An Easy Read guide on how the NHS uses personal health and care information is also available. This has been produced by Understanding Patient Data in partnership with Thinklusive.

Find out more on how health and care services share information from your records, and the steps taken to keep it confidential and secure, below.

You might also be interested in...