Addenbrooke's Hospital
Research and Development
The Rosie Hospital
For patients
Inpatients
Outpatients
Ward information
Facilities
Patient Advice and Liaison Service (PALS)
Confidentiality, data protection and patient health records
About Information Governance
What is personal information?
About patient confidentiality
About the Data Protection Act
Access to health records
What happens to information held about you?
Information charter
Information sharing
Information security
Records retention, destruction and archive
Good record keeping guidance for staff
Patient information leaflets & consent forms
18-week wait
Patient Choice About the Data Protection Act
at Addenbrooke's
The Data Protection Act is a law designed to protect and maintain personal identifiable information, and to enable those wishing to, to gain access to their records. When Cambridge University Hospitals Trust staff handle personal patient data they are under obligation to adhere to standards set by the Data Protection Act. Whether they are using, holding, disclosing or disposing of information, staff must abide by the eight principles detailed in the act.
The Trust is registered as a data controller with the Information Commissioners Office.
> Information Commissioner’s Office
Data protection principles
Principle 1: Data must be processed fairly and lawfully
Principle 2: Personal data shall be obtained only for one or more specific and lawful purposes.
Principle 3: Personal data shall be adequate, relevant and not excessive in relation to the purpose(s) for which they are processed.
Principle 4: Personal data shall be accurate and where necessary kept up to date.
Principle 5: Personal data processed for any purpose(s) shall not be kept any longer than is necessary for that purpose.
Principle 6: Personal data shall be processed in accordance with the rights of data subjects under the 1998 data protection act.
Principle 7: Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
Principle 8: Personal data shall not be transferred to a country outside the EEA, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
What does this mean for you, the patient?
- The act ensures any records held about you are kept secure at all times (both physically and electronically) so that only those people concerned with your medical care have access to them.
- It gives you the right to access, or prevents access to your records if it is likely to cause distress.
- You can claim compensation if you suffer in any way from misuse of your information.
- You can ask for a record to be corrected if you believe factual information is incorrect.
How do I access my health records?
If you wish to see your health records under the Data Protection act please see Access to Health Records where you can find an online request form.
Trust Data Protection Officer
The Data Protection Officer for Cambridge University Hospitals can be contacted at:
Cambridge University Hospitals NHS Foundation Trust
Box 153
Addenbrooke's Hospital
Hills Road
Cambridge
CB2 2QQ
Tel: 01223 245151 ext. 3768/56141
For more information please see the download below:
Back to top
On this website:
> Patient Advice & Liaison Services (PALS)
On other sites:
To improve the service and quality of your care a new computer network is being developed nationally that will phase out the need for paper and film records. The network will hold your entire patient record to allow Hospitals, GP’s and chemist’s secure access to your health records to improve information sharing across the NHS.
> The Information Commissioner
