Addenbrooke's Hospital
Research and Development
The Rosie Hospital
For patients
Inpatients
Outpatients
Ward information
Facilities
Patient Advice and Liaison Service (PALS)
Confidentiality, data protection and patient health records
About Information Governance
What is personal information?
About patient confidentiality
About the Data Protection Act
Access to health records
What happens to information held about you?
Information charter
Information sharing
Information security
Records retention, destruction and archive
Good record keeping guidance for staff
Patient information leaflets & consent forms
18-week wait
Patient Choice Information security
at Addenbrooke's
The personal information held about you in both electronic and paper format can be shared in a number of ways including post, email or spoken conversation. Sharing data is often vital for the progress and quality of your care. At Cambridge University Hospitals we have in place a number of policies and procedures to ensure the collection, storage and use of your personal information is secure.
What is Information Security?
Information security involves assessing any risk of unauthorised disclosure, modification or destruction of personal information. If any risks are identified then measures are put in place to protect the information without compromising the need for it to remain accessible to those people involved in your care.
There are three main principles governing information security including:
Confidentiality
Information must be secured against unauthorised access.
Integrity
Information must be safeguarded against unauthorised modification and is updated regularly.
Availability
Information must be accessible to authorised users at times when they require it.
How is the security of personal information enforced?
There are a number of legislations in place to govern the security of information within Cambridge University Hospitals. As security risks are forever evolving with new technological advances, these policies and procedures are constantly reviewed and updated. The NHS Confidentiality Code of Practice, the Data Protection Act and Computer Misuse Act all cover Information Security, and are what all NHS organisations must comply with. In addition to these, the NHS has also adopted the British Standards Code of Practice for Information Security Management.
Computer Use
The Trust has clear guidelines for computer use which help protect unauthorised access to, and the integrity of, data contained on the hospitals computers. In brief: computers are used only for Trust business, are password protected, virus checked, and measures are taken to prevent access via email or the internet. Removable media devices, including laptops and memory sticks, are encrypted.
For more information please read the Information Security Policy.
On this website:
> Patient Advice & Liaison Services (PALS)
On other sites:
To improve the service and quality of your care a new computer network is being developed nationally that will phase out the need for paper and film records. The network will hold your entire patient record to allow Hospitals, GP’s and chemist’s secure access to your health records to improve information sharing across the NHS.
> The Information Commissioner
