
14.Details of information used for specific purposes : Infection Prevention and Control
Details of information used for specific purposes : Infection Prevention and Control
Data Controller(s) |
NHS Sheffield CCG |
Purpose |
CCGs collaborate with Public Health services and work closely with the organisations involved in providing patient care, to jointly identify and agree the possible causes of, or factors that contributed to a patient’s infection. |
Type of information Used |
Identifiable: Personal (such as name, address, date of birth) and Special Category (health information) |
Legal basis |
GDPR Article 6(1)(e) ‘processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’ GDPR Article 9(2)(j) ‘ …necessary for reasons of public interest in the area of public health…or ensuring high standards of quality and safety of health care and of medicinal products or medical devices…’ Related legislation: The Health and Social Care Act 2008: Code of Practice for the NHS for the Prevention and Control of Healthcare Associated Infections (revised January 2015) and Regulation 3 of The Health Service (Control of Patient Information) Regulations 2002 |
How we collect (the source) and use the information |
CCGs participate in Post Infection Review in the circumstances set out in the Post Infection Review Guidance, issued by NHS England. The CCG receives this information from Healthcare providers. The CCG uses the results of the Post Infection Review to inform the mandatory healthcare associated infections reporting system. |
Data Processors |
|
Your Rights |
With regards to Infection Prevention and Control under GDPR you have the right:
|
How long we will keep the information |
Post infection reviews may be kept for up to six years. |
Who we will share the information with (recipients) |
Information may be shared with Primary and Secondary healthcare providers and with the Local Authority who are responsible for Public Health with the CCG boundary. |