Why we share your personal information

We may share your personal information with other organisations for these reasons:

  • Assisting in checking your identity

  • Assessing risks

  • Understanding your requirements

  • Developing, testing, researching and improving products and services

  • Training and business analysis

  • Legal and regulatory compliance

  • Preventing or detecting crime

  • Complaints handling

  • Improving customer service

We would not share information that identifies you unless you have given us permission. However, there are certain circumstances where we will process/share personal information without your consent. This is where we have another lawful basis such as:

  • To protect children and vulnerable adults

  • When a formal court order has been served upon us

  • When we are lawfully required to report certain information to the appropriate authorities e.g. to prevent fraud or a serious crime

  • Emergency planning reasons such as for protecting the health and safety of others

  • When permission is given by the Secretary of State or the Health Research Authority on the advice of the Confidentiality Advisory Group to process confidential information without the explicit consent of individuals – please read Section 251 to find out more.

Where this is necessary, we are required to comply with all aspects of Data Protection law.

Who we may share your personal information with

Where necessary or required we may share information with:

  • Healthcare, welfare and social organisations

  • Central government

  • Local government

  • Business associates

  • Family, associates and representatives of the person whose personal data we are processing

  • Suppliers and service providers

  • Financial organisations

  • Current, past and prospective employers

  • Voluntary and charitable organisations

  • Legal representatives

  • Employment agencies and examining bodies

  • Educators and examining bodies

  • Survey and research organisations

  • Security organisations

  • Police forces

  • Persons making an enquiry or complaint

If you are receiving services from the NHS, we share information that does not identify you (anonymised) with other NHS and social care partner agencies for the purpose of improving local services, research, audit and public health.

We commission a number of organisations (both within and outside the NHS) to provide healthcare services to you. We may also share anonymised statistical information with them for the purpose of improving local services, for example understanding how health conditions spread across our local area compared with other areas.

The law allows some NHS bodies, particularly NHS Digital (Health and Social Care Network), to collect and use patient data which does not identify a person, to help commissioners design and procure the combination of services that best suit the population they serve.

We may also share information with NHS England and NHS Digital. If you do not want your information to be used for purposes beyond providing your care, you can choose to opt-out by contacting your GP practice.

Data processors

In the usual course of our business, we may use other third-party organisations known as ‘data processors’ under data protection law to support the delivery of our services. These organisations process your personal information on our behalf. When we share your information with our approved third-party providers, our contractual relationship with them prevents them from using your information for any other purpose outside of our instructions to them. They may use their own third-party data processors but are always required to meet the same legal requirements as NHS Dorset does.

Currently, the external data processors we work with are:

Data Processor Function
South Central & West Commissioning Support Unit Provision of core DCS services for the Business Intelligence and Commissioning function
BDO Internal Audit related purposes
TIAA Ltd. Counter fraud investigations
NHSLA Claims management
NHS Shared Business Service Invoicing
Dorset Healthcare University NHS Foundation Trust Staff payroll, occupational health services
Capsticks Legal services
Thames Valley and Wessex Leadership Academy Provision of training for specific courses
Giltbyte Provision and management of online expenses system; EASY Expenses
Optum Health Solutions (UK) Ltd. 20 week population health management programme, ending June 2019

Marketing

We may use your personal information to tell you about relevant services offered by NHS Dorset. We can only use your personal information to send you updates about our services if we have your consent.

We will ask for your consent to send you any information about:

  • Updates on the work of Dorset’s health and care services;

  • Updates on how the views of local people are helping shape local services

  • Opportunities to get involved with our work

You can withdraw your consent or ask us to stop sending you any marketing messages at any time. If you want to do so, please contact us by:

  • Following the unsubscribe link on the relevant e-mail

  • Writing to us at: Engagement Team at Vespasian House, Barrack Road, Dorchester, Dorset, DT1 1TG;

  • E-mailing us at: involve@nhsdorset.nhs.uk

  • Telephoning us on: 01202 541946

NHS Dorset will never share or sell your information to external companies for their own marketing purposes.

Keeping your information confidential and secure

Using your personal information

Your rights