Information in the CCG is held for a specific length of time depending on the type of information it is. The length of time we retain your information for is defined by the NHS retention schedule which can be viewed online here: NHS Digital Records Management Code of Practice for Health and Social Care 2016
Once information has been reviewed and is no longer required to be kept by a retention period the information will be securely destroyed.
West Lancashire CCG take our duty to protect your personal information and confidentiality seriously. We are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper.
Alongside the Data Protection Officer (DPO), we have appointed a Senior Information Risk Owner (SIRO) who is accountable for the management of all information assets and any associated risks and incidents, and a ‘Caldicott Guardian’ who is responsible for the management of patient information and patient confidentiality.
All staff are required to undertake annual information governance training and are provided with an information governance handbook that they are required to read and agree to adhere to. The handbook ensures that staff are aware of their information governance responsibilities and follow best practice guidelines ensuring the necessary safeguards and appropriate use of person-identifiable and confidential information.
Under the NHS Confidentiality Code of Conduct, all our staff are also required to protect your information and inform you of how your information will be used. This includes, in most circumstances, allowing you to decide if and how your information can be shared.
Everyone working for the NHS is subject to the common law duty of confidentiality. Information provided in confidence will only be used for the purposes advised and consented to by the service user, unless it is required or permitted by the law.