Skip to content Contact us

Cookies on the Sherwood Forest Hospitals website

We use cookies to ensure that we give you the best experience on our website.

To continue using the website we'll assume that you are happy to receive all cookies on our site.

Continue Find out more

Your Staff Information


Level 2 National Fraud Initiative

Your personal information may be shared internally and with other agencies such as the Cabinet Office, and may be used in data matching exercises, for the prevention and detection of crime.

How we use your personal information

We are required by law to protect the public funds we administer.  We may share information provided to us with other bodies responsible for; auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.  The Cabinet Office appoints the auditor to audit our accounts, and is also responsible for carrying out data matching exercises.

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how they match.  This is usually personal information.   Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is identified it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

We participate in the Cabinet Office’s National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for Cabinet Office for matching for each exercise, as detailed here.

The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014.  It does not require the consent of the individuals concerned under the Data Protection Act 2018.

Data matching by the Cabinet Office is subject to a Code of Practice.

How we monitor unauthorised access

The FairWarning® patient privacy monitoring system detects potential instances of unauthorised access to patient information held within GE PACS and CRIS. This is advance notice that FairWarning® will soon be implemented across all Trusts in the Emrad consortium from June 2018.

Through the FairWarning® system we are able to identify and investigate instances of unauthorised access to patient information.

FairWarning® allows us to:

  • detect potentially unauthorised access to patient information;
  • highlight unusual or suspicious activity for further investigation;
  • enable investigation of access to specific patients’ records; and
  • enable investigation of access made by specific members of staff.

All activity, including patient searches and demographic look-ups, is monitored by FairWarning® and staff are reminded to only access the records of patients in which they have a legitimate interest.

Unauthorised access includes:

  • Accessing the records of colleagues, friends, your children, other family members or neighbours. This access may be malicious and / or simple curiosity. It may even be at the request of the individual;
  • Accessing your own record;
  • Accessing the records of people of media interest.

Where unauthorised access is identified this will be investigated and if proven could result in serious disciplinary action being taken and possibly a referral to the GMC for medical staff.

Should you require further information on FairWarning®, please contact information governance sfh-tr.information.governance@nhs.net.

Capita Human Resources (HR) and Payroll Services

Relevant details about you will be provided to Capita HR Services who provide payroll services to the [organisation]. This will include your name, bank details, address, and date of birth, National Insurance Number and salary.

Here is a link to their Privacy Notice

Your payroll details will be used by the organisation for cost evaluation and control purposes, including reporting to relevant managers.  We will also provide your details as required to ensure compliance with relevant legislation, for example to Her Majesty’s Revenue and Customs (HMRC).

Here is a link to their Privacy Notice

Giltbyte uses the information we collect to operate, maintain and provide you with the features and functionality of the EASY suite of programs which includes the EASY Companion app, known as the EASY system.

Here is a link to their Privacy Notice

MyCSP

Likewise, your details will be provided to MyCSP who are the administrators of the Civil Service Pension Scheme, of which the [organisation] is a member organisation. You will be auto-enrolled into the pension scheme and details provided to MyCSP will be your name, date of birth, National Insurance number and salary. Your bank details will not be passed to MyCSP at this time.

Here is a link to their Privacy Notice.

Occupational Health

Occupational health records are not part of the main staff record and for reasons of confidentiality they are held separately and confidentially by Sherwood Forest Hospitals NHS Foundation Trust Occupational Health. We will always ask for your consent before sharing any part of your Occupational Health record and they will not be shared or used for any other purpose without your consent.  Occupational Health records will be retained and destroyed in line with the Records Management Code of Practice for Health and Social Care (dependent on any COSHH health surveillance required during employment).

If it is necessary to ask your G.P or other treating clinician for further information about your health your specific consent will be sought.

As well as paper records, Occupational Health information is stored on an electronic data base called OPAS http://www.warwickicsystems.com/privacy-and-cookie-policy/

Appraisals

For Agenda for Change staff at Bands 8a and above, and Consultant Leaders, we will use your appraisal talent conversation information to populate the Trust’s talent succession map.   This will be reviewed by the Talent Review Board. 

Work experience

Personal data may be collected from you via the work experience process.  The information that we collect about you may include details such as name, address, telephone, email, date of birth and next of kin/emergency contacts, references, personal demographics, including gender, race, ethnic origin, sexual orientation, religious or other beliefs, and whether you have a disability or require any additional support or adjustments for your work experience placement, medical information relevant to your work experience placement, including physical and mental health.

Your information may be stored within electronic or paper records, or a combination of both. All our records are restricted so that only those individuals who have a need to know the information can get access.

To process your application for your work experience placement and to enable us to meet our legal responsibilities as an employer, sometimes we will need to share your information with others.  We will not sell your information for any purpose, and will not provide third parties with your information for the purpose of marketing or sales.

When you apply for a work experience placement you will be asked to agree to your personal data being safely stored by Health Education England, East Midlands and its partner organisations and being used only in relation to your work experience placement and related projects.

Your information will kept for the duration of the work experience placement and for 6 years following the end of your placement.

Here is a link to their Privacy Notice.

CCTV

Security cameras are installed at various locations at our sites to prevent and detect crime, and for the protection of staff, visitors and patients and their property.

E-newsletter

We use a third party provider, MailChimp, to deliver our monthly e-newsletter. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see MailChimp privacy notice.

Membership

We will continue to hold some personal information about you as a staff member of Sherwood Forest Hospitals NHS Foundation Trust.  This enables us to fulfil our legal requirement to maintain a membership of the Trust, ensure this membership is representative of the people we serve, and run elections for Trust Governors.

This also means you will continue to receive our membership newsletter and occasional updates.
 
The data that we hold about you, as a member, is kept securely and only used in relation to your membership of the Trust.
 
To make sure the data we hold about you is up-to-date, please do let us know if you have changed address, your name or your contact details. You can do this by emailing sfh-tr.communications@nhs.net or calling 01623 672 294.
 
If you no longer wish to be a Trust member and do not wish to receive any further updates from us, then please email your name and address to sfh-tr.communications@nhs.net, with a message saying you wish to unsubscribe. You can also call 01623 672 294.

People who contact us via social media

We use a third party provider, Tweetdeck to manage our social media interactions.

If you send us a private or direct message via social media the message will be stored by Tweetdeck for three months. It will not be shared with any other organisations. 

For more information, please see Tweetdeck privacy notice.  

If you use your mobile phone to take photographs and publish them on social media channels you will have to ensure you have written consent from the public and staff to prove everyone actively gave their consent.  You are free to use our consent forms here.

How long do you keep my records?

There are national records management standards in the NHS for how long we need to keep information about you.  This varies depending on the type of information. Further information is available here.

How can I see the information you hold about me?

You have the right to access any information we hold about you. 

Please email sfh-tr.information.governance@nhs.net or write to:

Information Governance Department

Sherwood Forest Hospitals NHS Foundation Trust

King's Mill Hospital

Mansfield Road

Sutton in Ashfield

Nottinghamshire

NG17 4JL

What can I expect if I have rights under the Equality Act 2010 (or Disability Discrimination Act 1995 in Northern Ireland)?

Under equality law we have a duty to make sure that our services are accessible to all service users.  You can request a response in a particular format that is accessible to you, such as Braille, large print, email or audio format.

If you think that we have failed to make a reasonable adjustment, you can make a claim under the Equality Act (or Disability Discrimination Act in Northern Ireland).

Further advice is available from:

Equality Advisory Support Service (EASS) – http://www.equalityadvisoryservice.com; and

Citizens Advice – https://www.citizensadvice.org.uk/.

Can we withhold any information?

Yes.  There are some circumstances where the information you have asked for contains information that relates to another person.  Unless the other person gives their permission, or it is reasonable in all the circumstances to provide the information without permission, we are entitled to withhold this information.

The Act covers personal information that:

  • is held, or going to be held on computer;
  • is in, or going to be in, a manual filing system that is highly structured so that information about you can be easily retrieved;
  • is in most employment, health, educational, social service or housing records; or
  • is other information held by a public authority?

What can I do if I believe we have not sent all the information I am entitled to?

If you feel we have withheld some of your personal information, we recommend you contact us with your concern. Make sure you state the information you think is being withheld.

If you have contacted us and still believe some of your personal information is being withheld, please contact the Information Commissioner’s Office via their live chat service or call their helpline on 0303 123 1113.

Changes to this privacy notice

We keep our privacy notice under regular review.  This privacy notice was last updated on 30th June 2018.

Data Protection Officer

Jacquie Widdowson, Information Governance Manager, jacquie.widdowson@nhs.net, 01623 435425.

Our ICO registration number is Z4885823.  Further information on the Data Protection Act 2018 can be found here

How to contact us

If you want to request information about our privacy policy you can email us:

sfh-tr.information.governance@nhs.net 

Or write to:

Information Governance Department

Sherwood Forest Hospitals NHS Foundation Trust

King's Mill Hospital

Mansfield Road

Sutton in Ashfield

Nottinghamshire

NG17 4JL