
North London Foundation Trust (NLFT) has a duty to hold information on our patients, service users, staff and representatives. This information is held in order for us to perform certain functions such as providing health care and complying with the law, known as a legal basis.
Sharing, recording and holding information or data about a person is known as "processing" and is a vital element in ensuring that we hold the right information about a person.
There are several laws which underpin our responsibilities as a Trust to process data in a lawful manner, including General Data Protection Regulation (GDPR) and the Data Protection Act. All individuals have rights under these laws as to how NLFT can process their data, or the data of a person whom they have responsibility for. These rights, and how they can be exercised are explained below.
To exercise any of the rights, please contact the Information Governance Team at: nlft.information.request@nhs.net or by 020 8331 7100
What is a Fair Processing Notice?
BEH respects your privacy and is committed to protecting your personal data.
This privacy notice will tell you about how we look after your personal data, your privacy rights and how the law protects you. The General Data Protection Regulation (GDPR) requires that data controllers provide certain information to people whose personal data they hold and use.
A privacy notice is one way of providing this information. This is sometimes referred to as a fair processing notice. A privacy notice should identify who the data controller is, with contact details for its Data Protection Officer. It should also explain the purposes for which personal data are collected and used, how the data is used and disclosed, how long it is kept and the controller’s legal basis for processing.
Download the Privacy Notice for patients.
Download the Protecting-your-information-and-your-rights-to-view-your-records leaflet
Confidentiality affects everyone: Barnet, Enfield and Haringey Mental Health NHS Trust collects, stores and uses large amounts of personal data every day, such as medical records, personal records and computerised information. This data is used by many people in the course of their work.
We take our duty to protect your personal information and confidentiality very seriously and we are committed to taking all reasonable measures to ensure the confidentiality and security of personal data we are responsible for, whether digital or on paper.
At Trust Board level, we have appointed a Senior Information Risk Owner who is accountable for the management of all information assets and any associated risks and incidents, and a Caldicott Guardian who is responsible for the management of patient information and patient confidentiality. We also have a Data Protection Officer who is responsible for overseeing the Trust’s data protection strategy and its implementation to ensure compliance with GDPR requirements. They can be contacted via beh-tr.records@nhs.net
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance: beh-tr.records@nhs.net