Privacy and your data

• visitors to our websites
• complainants and other individuals in relation to a data protection, or freedom of information enquiry.

Website

Privacy

The Trust is committed to the privacy of individuals using this website. This privacy statement discloses the privacy practices for tavistockconsulting.co.uk and its subdomains.

Some features of this website, for example our contact forms, collect personal information submitted by users. Any information submitted will be kept in the strictest confidence and will never be passed on to a third party, unless there is a legal obligation on us to do so.

Content

We strive to offer accurate and up to date web content. However, the ever-changing nature of healthcare means that inaccuracies are sometimes unavoidable. Whilst we welcome feedback to correct errors, responsibility for the use of any information found here lies solely with the user. You also assume the risk of computer viruses, worms, Trojan horses and other destructive code by downloading files from this website. To report an error or inaccuracy please contact website@tavi-port.nhs.uk

Links

The Trust is not responsible for the content or reliability of linked websites and does not necessarily endorse the views expressed within them. Listing should not be taken as endorsement of any kind. While we endeavour to keep all links up to date we cannot guarantee that these links will work all of the time and we have no control over the availability of linked pages. To report a broken or dead link please contact website@tavi-port.nhs.uk

Availability

We cannot guarantee uninterrupted access to this website or the sites to which it links. We accept no responsibility for any damages arising from the loss of access to information.

Copyright

Different copyright restrictions apply to individual documents on this website. Unless otherwise stated, the following copyright statement applies to content found on this site:

The Trust reserves its right to retain its intellectual property.  Visitors to this website are welcome to access this copyright material and view for any purpose, or to download onto electronic, magnetic, optical or similar storage media provided that such activities are for personal use or private research.  Content downloaded from this website may not be used for income generating activity without prior consent from the Tavistock and Portman NHS Foundation Trust Communications team.

Cookies

Cookies are small files that are placed on your computer or mobile device by websites that you visit.  Our cookies help us:

• Make our website work as you would expect
• Remember your settings during and between visits
• Improve the speed/security of the site
• Allow you to share pages with social networks like Facebook, LinkedIn and Twitter
• Continuously improve our website for you
• Make our marketing more efficient

We do not use cookies to:

• Collect any personally identifiable information
• Collect any sensitive information
• Pass data to advertising networks
• Pass personally identifiable data to third parties

Most web browsers allow some control of cookies.  To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.

To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

The cookie we use on this site i:

Google Analytics (_utma, _utmb, _utmc, _utmz): These cookies are used to collect information about how visitors use our site.  We use the information to compile reports and to help us improve the site.  The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.  It is not possible to identify or gather individual’s personal information through the collection of these cookies.

We occasionally use our records of the pages users have visited on this website to analyse trends, administer the site and track users’ movements.  Our records do not contain any personal information about users.

Changing your cookie settings in your browser

To control the way your device manages cookies, go to your browser settings.  The links below are designed to help but are not exhaustive:

Changing cookie settings in Firefox

Changing cookie settings in Internet Explorer

Changing cookie settings in Google Chrome

Changing cookie settings in Safari (OS X)

Changing cookie settings in Safari (iOS)

Changing cookie settings in Android

Notification of changes

If we alter any of the above, we will post notification of the changes on our homepage.

People who telephone us

When you call the switchboard we collect Calling Line Identification (CLI) information. We log this information to help improve its efficiency and effectiveness.

People who email us

We are part of the NHS network. Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with our procedures.  Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.

People who make a complaint to us

When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.

We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.

We usually have to disclose the complainant’s identity to whoever the complaint is about and to those involved in the investigation. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.

We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for eight years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.

Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.

Job applicants, current and former Trust employees

When individuals apply to work at the Trust, we will only use the information they supply to us to process their application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Disclosure and Barring Service we will not do so without informing them beforehand unless the disclosure is required by law.

Personal information about unsuccessful candidates not shortlisted for interview will be held for 6 months on the NHS jobs system after the recruitment exercise has been completed, it will then be destroyed or deleted. Personal information for those that attended interview but not successful is held 6 months after and then destroyed. We retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.

Once a person has taken up employment with the Trust, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with the Trust has ended, we will retain the file in accordance with the requirements of our retention schedule and then delete it.

The Trust is required to protect the public funds it administers. It may share information provided to it with other bodies responsible for; auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.  Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

Students

The details of people who are enrolled on a course of study and following completion of the programme of study, for the requisite period of time as set out in the Trust’s retention schedule.

A list of the third parties to whom the Trust may disclose personal data of students, including sensitive personal data, is given below:

Local Authorities – in order to administer exemptions of properties from council tax a student’s personal data will be shared with the relevant local authority from which the exemption is being sought.

Higher Education Statistics Agency (HESA) and HE funding councils: students’ personal data will be provided to HE funding councils and HESA. Further details about the data shared with HESA can be found in the HESA-Student collection notice on the HESA website.

Higher Education Academy – the Trust is required to pass data to the Higher Education Academy as part of participation in the Post-Graduate Research Experience Survey.   This survey gives students the chance to give feedback on their experiences at the Trust and so informing the choices of prospective students. It is described in detail on the Higher Education Academy website.

The Trust will pass your name and contact details to the agent carrying out the survey. The agent may then contact you to take part. You do not have to take part in the survey and you can opt-out at any time by contacting the agent and providing them with verification of your identity by confirming your date of birth.

Higher Education (HE) institutions – where students are involved in award programmes validated by a university partner organisation, the Trust may disclose their personal data for general educational and assessment purposes.

Sponsors, loan organisations and scholarship schemes – personal data about students may be disclosed to third parties attempting to recover debt on behalf of the Trust where internal procedures have failed.

Parents, guardians and other relatives – the Trust will not disclose a student’s personal data to parents, guardians or any other relative. If a student has provided a nominated contact in the event of a medical problem or emergency then some personal data may be provided.

Published information – examination results and any award (such as a degree) made by the Trust and university partner organisation is a matter of public record, rather than personal data, and as such will be publicly available and publicised at, for instance, graduation ceremonies.

Photographs of students during the course of their study may also be taken. If students do not wish to be photographed, they can absent themselves from any such situation. The Trust will assume the consent of individuals pictured in groups for use in Trust publications and publicity materials, and publications produced by third parties authorised by the Trust. Attendance at graduation ceremonies will convey the permission by the attendees that photographs and recordings taken one the day may be publicised on the Trust’s and university partner organisations’ website.

Conference Attendees

The details of people registering for attendance at one of our Conference or externally-advertised events are held in the same manner as for students.  Peoples’ details may be used for future marketing purposes but will not be shared with any third party, unless with the express permission of the subject.

Research

Sometimes, individuals may be invited to take part in research. However, the Trust does not release information on patients or students without getting their approval first.

Patients

We have to hold the details of the people who have requested the service in order to provide it. However, we only use these details to provide the service the person has requested and for other closely related purposes.  For example, we might use information about patients to carry out a survey to find out if they are happy with the level of service they received.

The Trust has a national and international reputation for its healthcare and teaching.  Quality checks may be undertaken by our own staff from time to time. In order to be sure that we are providing a good service to our users, we provide information on how we are performing to regulators, such as the Care Quality Commission, but in most cases, this information is facts and figures and does not contain information about individuals.

We keep patient records for 30 years after the case has closed.

Exceptional circumstances

Except in exceptional circumstances personal data will never be disclosed to third parties.  Exceptional circumstances could include:-

• protecting the vital interests of the data subject (i.e. release of medical data where failure to release the data would result in harm to, or the death of, the data subject)
• preventing serious harm to a third party that would occur if the data were not disclosed
• safeguarding national security
• prevention or detection of crime
• apprehension or prosecution of offenders
• assessment or collection of any tax or duty or of any imposition of a similar nature
• discharge of regulatory functions, including securing the health, safety and welfare of persons at work

Access to personal information

The Trust tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:

• give you a description of it;
• tell you why we are holding it;
• tell you to whom it could be disclosed; and
• let you have a copy of the information.

To make a request you need to put the request in writing, please send requests to SAR@tavi-port.nhs.uk 

If we do hold information about you, you can ask us to correct any mistakes by contacting the Information Governance team.