Data protection

Data protection

Our commitment to supporting your data is paramount. As an NHS body, patient safety, confidentiality and public protection are important concerns and, like other NHS organisations, we are obliged to act when we identify ongoing risks. 

Patient data is not only vital for managing an individual’s care, it also plays an important role in other ways: planning health services, improving diagnosis and treatment and evaluating the effectiveness of policy. These ‘secondary uses’ of data offer significant opportunities to improve care, especially if advances in technology and data analysis can be harnessed.

Safeguards governing the secondary use of patient data have been strengthened in recent years and will be bolstered by the implementation of a new National Data Opt-Out alongside the introduction of the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018 on 25 May 2018.

National policy has to keep a balance between responding to legitimate public concern about the security and confidentiality of data and enabling data to be shared and used by NHS organisations and third parties.

It is also essential that NHS national bodies are transparent with the public about how patient data is used.

The Data Protection Act places a responsibility on Bolton NHS Foundation Trust as a data controller to ensure that your information is collected and managed in a secure and confidential way.

The Act also provides you with a right of access to personal information that the Trust holds about you (this applies equally to service users, members of staff and any other individual that the Trust may hold information about in its legal capacity).

The Trust has a robust Information Governance standards and ISO accreditation. Bolton NHS Foundation Trust is a registered “Data Controller” within the Information Commissioner Office (ICO).

Please see below the details:

ICO Registration Number: Z1499998
Date registered: 09 October 2008
Registration expires: 08 October 2022

The Data Security and Protection Toolkit is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.

The Trust submitted the Data Security and Protection Toolkit and achieved “20/21 Standards Met

The UK General Data Protection Regulation (UK GDPR) introduces a duty for organisations to appoint a data protection officer (DPO) if you are a public authority or body, or if you carry out certain types of processing activities. The Data Protection Officer in the Trust is:

Name: Deiler Carrillo
Role: Data Protection Officer
Address Bolton NHS Foundation Trust Informatics Building – Opposite N Block Royal Bolton Hospital Minerva Road Farnworth Bolton BL4 0JR
Telephone: 01204 487555

If you are not satisfied with the information you receive from us or with the way your request is dealt with, you can make a complaint by email to the Trust’s Chief Executive or by post to:

Chief Executive
Trust Headquarters
Royal Bolton Hospital
Minerva Road

Bolton NHS Foundation Trust has a formal procedure for dealing with such complaints. In the case of non-disclosure of information we will ask a senior member of staff to review that decision. We aim to answer your complaint within 20 working days but if this is not possible we will let you know when you can expect to hear.

Skip to content