(For treatment side effects and complications only)
For Covid-19 and your information please click here
We are based in Wirral, Liverpool, and Aintree, and have a number of satellite sites.
Our Trust is registered with the Information Commissioner’s Office (ICO) to process personal and special categories of information under the Data Protection Act 2018 and our registration number is Z7367711.
We will collect:
1. Your name, address, contact details and date of birth - we need this to send you letters or telephone you about your care, and to identify you when you visit us. It also helps us to receive your information from other hospitals if needed.
2. Your health information including any scans and test results
3. Information about your family or carers or Next of Kin. This lets us know who to contact in an emergency. Your next of kin does not have a legal right to view your medical records or access any confidential information about you.
4. Information about your religion to provide patients with a chaplaincy service and meet your spiritual needs
5. What language you speak, to make sure we can provide an interpreter if needed
6. Whether you have a disability so we can make sure we can meet any needs you have
7. Your GP details to let them know what care and treatment you receive from us
We collect information from you, from your GP or other hospitals who care for you. When you receive care from us, staff will collect information for your health records. We might also receive information from anyone else involved in your care, like a care home or social services.
We use your information to provide you with care and treatment. This might include sharing your information with other NHS organisations that provide care to you.
If you have made a complaint, staff investigating the complaints will need to access your health records and might need to share information with third parties such as solicitors. The same applies if you have made a legal claim against the Trust.
If you have provided feedback on a service, we may need to share your information about your care with us with relevant staff, in order to look into your feedback.
If you have been involved in a serious incident, staff investigating the incident will need to access your health records.
The Trust have to monitor the services and treatment we provide. This means our clinical staff have to use patient information to look atthe quality of the care we have provided.
The Trust may use anonymised information for research - this means you cannot be identified from the information.
If identifiable information is needed, you will be asked for consent first.
We have CCTV at our sites in order to protect patients, staff and visitors and to prevent crime. CCTV is also used to monitor safety incidents.
We do not have CCTV in any areas where patients receive treatment or that would be considered private (bathrooms and changing rooms).
Information about how our patients are cared for is collected, such as appointment waiting times. This is used to monitor the service we are providing.
The Clatterbridge Cancer Centre NHS Foundation Trust works closely with other organisations to support patient care. This means that information will be shared between the hospital and other organisations who may be caring for you or involved in your care or who have a responsibility for management of the whole NHS. These may include:
The Trust is part of a regional sharing agreement called Share2Care, ensuring records can be shared by other care providers involved in your treatment and care.
We also have to share data for monitoring our performance, such as Analysis of Cancer Waiting Times. This looks at whether we are seeing patients in a timely manner.
Where information is to be shared across organisational boundaries on a regular basis, we put in place information sharing agreements between all of the sharing parties involved. For a list of current Information Sharing Agreements please click here
The law (Section 251, NHS Act 2006) says we must share some patient information with NHS England, for national registers. This includes the Cancer Registry* and the National Disease Registration Service**
*For more information on the Cancer Registry please see the following websites:
** National Disease Registration Service: High Cost Drug Patient Data to support the National Congenital Anomaly and Rare Disease Registration Service (NCARDRS). https://www.ndrs.nhs.uk/
By law, we have to share some information, such as to the police to prevent a crime or to notify of infectious diseases. We will also share information for this purpose securely and in line with the law.
We only keep your data for as long as is necessary. This is required by law. We follow the NHS Records Management Code of Practice.
For cancer patient records, this is usually 30 years after you last had contact with us.
There may be some activities we use artificial intelligence for; however, we do not use it to make any clinical decisions. For example, we may use artificial intelligence to do something that would otherwise be a manual task which is quite painful for a patient. The result of the artificial intelligence output is then thoroughly checked by a relevant member of staff.
We also may use something called 'Robotic Process Automation'. This is where an online robot (known as a digital worker) undertakes administrative tasks that would usually be carried out by a person.
National Data Opt-Out: GDPR information - NHS Digital
You have a choice about how you want your confidential patient information to be used. If you’re happy for us to use your information, you do not need to do anything.
If you choose to opt out, your confidential patient information will still be used to support your individual care.
To find out more about the wider use of confidential personal information and to register your choice to opt out if you do not want your data to be used in this way, visit the National Data Opt Out Programme. If you do choose to opt out you can still consent to your data being used for specific purposes.
You also have the right to ‘opt out’ of having your information used in any mandatory audits which the Trust is subject to.
If you are happy with this use of information you do not need to do anything. You can change your choice at any time.
Confidential patient-identifiable information is only shared with other organisations where there is a legal basis for it as follows:
When there is a Court Order or a statutory duty to share patient data;
When there is a statutory power to share patient data;
When the patient has given his/her explicit consent to the sharing;
When the patient has implicitly consented to the sharing for direct care purposes;
When the sharing of patient data without consent has been authorised by the Confidentiality Advisory Group of the Health Research Authority (HRA CAG) under Section 251 of the NHS Act 2006
This list is not exhaustive but indicative of the information recorded.
Your information will only be sent outside of the UK where the country has laws in place that meet the standards of data protection similar to those in the UK. We perform a number of checks to ensure this.
The Trust will never sell any information about you to other organisations for profit.
If you have any questions or concerns regarding how we use your information, please contact the Trust's Data Protection Officer:
The Information Governance ManagerThe Clatterbridge Cancer Centre NHS Foundation TrustClatterbridge Cancer Centre - WirralClatterbridge RoadWirralCH63 4JY
The Information Commissioner’s Office (ICO) is the body that regulates the Trust under data protection and freedom of information legislation.
ICO website(opens in new tab)
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complain to the ICO.
How to make a complaint to the ICO
Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire, SK9 5AF
0303 123 1113
01625 545 745
Below are key examples of the purposes and rationale for why we collect and process information:
For processing personal data:
For processing special categories of personal data:
We have entered into contracts with other companies/organisations to provide some services for us or on our behalf. These organisations are known as “data processors"
These organisations are subject to the same legal rules and conditions for keeping personal confidential data and secure and are underpinned by a contract with us.
Before awarding any contract, we ensure that organisations will look after your information to the same high standards that we do. Those organisations can only use your information for the service we have contracted them for and cannot use it for any other purpose.
General Data Protection Regulation
We will obtain your consent for this purpose, when you initially contact us to get involved in our engagement and consultation activities.
Where you submit your details to us for involvement purposes, we will only use your information for this purpose. You can opt out at any time by contacting us using our contact details at the end of this document
Article 6(1)(e) - Necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Health Procurement Liverpool is a new shared Procurement function for Alder Hey Children’s Hospital, Clatterbridge Cancer Centre, Liverpool Heart & Chest Hospital and the Walton Centre Trust. In May 2021 the Trusts named above agreed to create a single shared procurement alliance in order to strengthen procurement services, support integrated ways of working and to deliver efficiencies through economies of scale and consolidated purchasing activity. The shared service is hosted by The Walton Centre.
Patient/Staff Data - Patient data will not be processed by HPL. If any staff contact information is passed over during the requisition phase to HPL, the information will be removed and changed to initials only.
Supplier Data – Data such as contracts registers, suppliers contracts and bid prices, supplier spend and usage on products/services, supplier addresses and representative contact details will be held centrally by Health procurement Liverpool.
For further information regarding the sharing of information across the HPL collaboration please contact:
Chief Procurement Officer
All sharing of information is carried out in line with the Data Protection Act 2018/UK General Data Protection Regulation.