NHS Medway Clinical Commissioning Group (CCG) is responsible for buying (also known as commissioning) health services from healthcare providers such as hospitals and GPs, for our local population in Medway. We also monitor the performance and quality of these services. In general we only use data that has been anonymised or pseudonymised for these purposes. For further information on who the CCG are and what we do please visit our About Us page

NHS Medway Clinical Commissioning Group (CCG) is responsible for buying (also known as commissioning) health services from healthcare providers such as hospitals and GPs, for our local population in Medway. We also monitor the performance and quality of these services. In general we only use data that has been anonymised or pseudonymised for these purposes. For further information on who the CCG are and what we do please visit our About Us page

The NHS aims to provide you with the highest quality health care. To do this we must keep records about you, your health and the care we have provided or plan to provide to you.

Under the Data Protection Act 2018, the CCG is required to register with the Information Commissioner’s Office (ICO) and detail all purposes for which personal confidential data is collected, held and processed. The CCG’s ICO registration number is Z358488X and further information on our registration can be found on the ICO’s Register of Data Controllers using the following link: http://www.ico.org.uk/esdwebpages/search.

For information on how to contact the CCG’s Data Protection Officer, Caldicott Guardian or Senior Information Risk Owner, please see the contact details in the complaints and questions section below.

NHS Medway CCG works with a number of other NHS and partner agencies to provide health and social care services. As part of this work we may share anonymised statistical information with them for the purpose of improving local services, for example understanding how conditions spread across our local area compared against other areas (see further information above regarding anonymisation).

Under the GDPR / Data Protection Act 2018, you have the right to make a request to see or obtain copies of the information that NHS Medway CCG holds about you; this is referred to as a Subject Access Request. Under the Act you are entitled to be told if any personal information is held about you, and if it is, to be given:

Retention

Any information obtained by the CCG will be retained (kept) for as long as is necessary for the purpose we collected it for.

The law provides some NHS bodies, such as NHS Digital, the ability to collect and use patient data that cannot identify a person which they can then provide to help commissioners (CCGs) to design and acquire the combination of services that best suit the population they serve.

The GDPR / DPA 2018 provides the following rights for individuals depending on the legal basis for processing as identified within the data flows map within the section below. Further information on these rights can be accessed here.

Changes to this page and the Privacy Notice

Complaints or questions

This notice is not exhaustive. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the CCGs Data Protection Officer, Emma Nicholls, at this email address: This email address is being protected from spambots. You need JavaScript enabled to view it..