Introduction
The University Southampton Hospital NHS Foundation Trust (UHS) is the Data Controller for the Wessex Secure Data Environment (SDE). SDEs are data storage and access platforms, which uphold the highest standards of privacy and security of NHS health and social care data when used for research and analysis. They allow approved users to access and analyse patient data without the data leaving the environment.
The Wessex SDE is part of the NHS Research Secure Data Environment Network, which is made up of 12 SDEs. The Network ensures there is secure access across England to healthcare data for approved research projects led by academics, industry organisations or NHS employees such as clinical researchers. We value your privacy, and we recognise the need to process the personal information we hold about you (your data) in a fair and lawful manner.
This notice may be amended from time-to-time, and you can obtain a current version at WessexSDE.nhs.net
What data does the Wessex SDE Team collect?
Public discussions
To help us to keep in contact with you, before or after an event we will collect, store, and use the following information about you and/or the child/young person: (see examples below)
- The data you have provided, including name, title, address, your personal email address, date of birth, gender, ethnicity, (as required).
- Records of all contact we have with you, the child/young person
Where do we receive your data from?
We obtain your personal data directly from you. We will use this personal data to add you to our mailing list so that we can inform about opportunities for you or the child/young person to engage with public engagement events.
Health Data held within the SDE
Any data held within participating Trusts may be held within the SDE unless you have applied for national or local opt outs.
How will your data be secured?
All participating organisations who have access to health data meet the requirements of the Data Security and Protection Toolkit. In addition, the organisation will be subject to security testing and accreditation requirements set out by NHS England.
Any suspected breaches should be notified to UHS, as Data Controller. Procedures are in place to deal with any suspected data security breach and UHS procedures will be followed.
In addition, we limit access to your data to those partners involved in the Wessex SDE programme who have a business need-to-know. They will only process your data on our instructions, and they are subject to a duty of confidentiality.
Holding and retaining your data
We create and hold your data both electronically and on paper. Paper records may be collected at events and transcribed to an electronic database. Retention will be in accordance with the NHS Records Management Code of Practice 2021 or other relevant legislation. After this period, we will securely destroy your data in accordance with our data retention schedule.
Communications
If at any stage you are concerned about the content of any communications from the Wessex SDE team e.g. unwanted marketing information or you wish to change how we communicate with you, please contact us at: keira.parker@uhs.nhs.uk.