Please view our cookie policy that explains what cookies are and how they are used on our website. This also provides you with a guide on how to disable cookies, but please be aware that parts of the site will not function correctly if you disable them.

By closing this message, you consent to our use of cookies on this device in accordance with our cookie policy unless you have disabled them.

North Cumbria University Hospitals NHS Trust - 70 years of the NHS

Home > About us > Fair processing

Fair processing notice

General Data Protection Regulation Statement (Privacy Notice)

North Cumbria University Hospitals NHS Trust is a ‘Data Controller’ under the General Data Protection Regulations. This means we are legally responsible for ensuring that all personal data that we hold and use is done so in a way that meets the current and future data protection principles. We must also notify the Information Commissioner about all of our data processing activity. Our registration number is Z5544053 and our registered entry can be found on the Information Commissioner’s website.

All of our staff receive annual information governance training to ensure they remain aware of their responsibilities. They are obliged in their employment contracts to uphold confidentiality, and may face disciplinary procedures if they do not do so.

As a Trust we have entered into contracts with other organisations to provide services for us.  These range from software companies to provide our electronic patient systems to contractors who provide specialist clinical services that help provide a better service to you as a patient.  These contractors may hold and process data including patient information on our behalf.  These contractors are subject to the same legal rules and conditions for keeping personal information confidential and secure. We are responsible for making sure that staff in those organisations are appropriately trained and that procedures are in place to keep information secure and protect privacy. These conditions are written into legally binding contracts, which we will enforce if our standards of information security are not met and confidentiality is breached.

We will not share, sell or distribute any of your personal information to any third party (other person or organisation) without your consent, unless required by Law.  Data collected will not be sent to countries where the Laws do not protect your privacy to the same extent as the law in the UK, unless rigorous checks on the security and confidentiality of that data are carried out in line with legal requirements.

Please see the Trust’s full Privacy Notice, available here