Data Protection

Patient details are stored on a secure system and can only be accessed by staff who genuinely need the information. The security of our patient data is regularly reviewed and any concerns are taken very seriously.

Senior responsibility for information security, risks and incidents is managed by the Director of Governance who carries out the role of Information Security Senior Responsible Owner (SRO).

The Director of Governance is supported by the Information Governance Manager and Head of Risk Management. The Information Governance Manager manages information security risk and incidents on a day to day basis and seeks support from the Head of Risk Management and SRO.

Regular reports are produced to identify information security incidents and the appropriate action planned to reduce the risk impact or likelihood of reoccurrence. These incidents are reviewed by the Information Governance Steering Committee to ensure appropriate action is taken and are also reported on a quarterly basis to the Governance Board through the IM & T governance update.

Since 1st April 2011 only authorised USB devices have been allowed to connect to the Trust network.