The Health Protection Agency (HPA) must keep your personal health information confidential. It is your right. These pages, and the accompanying leaflet, explain how we do this.
This information is primarily aimed at the general public. Information for Health Care Professionals is also available.
A leaflet has been distributed to all GP surgeries in England to inform the public about how the Health Protection Agency uses patient information to protect public health.
A It is expected that health care professionals have certain details about their patients - GP files include where you live, what illnesses you have had, immunisations, etc. If you are referred to hospital some of these details may be covered in the referral letter. Patient information is also used in other ways. We only know how the NHS is functioning with regard to issues such as hospital waiting lists, medicines used, numbers of patients seen in outpatients departments, etc. if such information is collected. We know about infectious diseases and other threats to public health through various reporting mechanisms. In order to better inform patients about these public health uses of data, a leaflet has been written anddistributed to clinics, outpatients and GP surgeries.
A This leaflet was produced in order to keep patients informed about how their data are being processed. The leaflet describes how the Health Protection Agency uses information to protect health and protect personal data.
Information and the Health Protection Agency (PDF, 856 KB)
The leaflet aims to:
A The HPA exists to protect the health of the public from infectious disease and other health hazards. Our work involves identifying the source of an outbreak of disease and looking for trends in infectious disease. It may involve follow-up of contacts of infectious disease if prophylaxis (e.g. vaccines or antibiotics) needs to be given. Communicable disease surveillance relies on patient identifiable information (PII) in order for the health of the public to be protected.
It is essential therefore to ensure that data are handled in accordance with the recommendations of the Caldicott Committee, the requirements of the Data Protection Act, Human Rights Act and Section 251 of the NHS Act 2006.
Recent data protection legislation and concerns about patient consent make it even more important that everyone knows how information about them is being used.
A It is information that could identify you. It includes things like your NHS number, National Insurance (NI) number, date of birth or postcode, or data which can indirectly link to an individual by combining information (for example, country of birth and age and laboratory name).
A All records are kept securely in compliance with the Data Protection Act and the Caldicott Guidelines. Patient data is securely destroyed after a defined period of retention. We have frameworks in place to safeguard the security of the patient data we hold, transfer or store.
A The HPA uses relevant information about your health to help improve the general public's health, for example:
A We try to obtain consent from patients wherever possible. However, it is often not possible for healthcare professionals to seek consent for reporting every time they take a specimen or if they are following up contacts of cases of infectious disease and vaccines or antibiotics need to be given. It is therefore important to ensure that patients know about health protection actions such as a control of an outbreak and how use of their data can help.
A Some diseases are notifiable, which means that they are required to be reported by law, for example meningitis.
For other sources of information, if a patient asks for their personal information to be withheld we will respect this. However, we hope that an explanation of why we require this information is sufficient. If every patient 'opts out' of having information about them reported to the Health Protection Agency we would have very little detail of how infectious disease spreads within the UK. This in turn would mean we would be less able to prevent future spread of infections.