Skip to the content

Community and mental health services for Southampton, Portsmouth and parts of Hampshire and the Isle of Wight.


Your Information, Your Rights

This page has been created to provide you with further information as to why Solent NHS Trust collects information about you, how this information is used and information about your rights under Data Protection Laws, such as the General Data Protection Regulations (GDPR) 2016. See how Solent NHS Trust has ensured compliance with the new regulations and what it plans to do to ensure continued compliance.

Covid Enquiry - How does the enquiry effect your data?

Solent NHS Trust is committed to supporting the Covid enquiry and the NHS’s position of being open and transparent with the public. As a result we may be required to retain documents beyond their normal retention periods, as defined by the NHS Records Management Code of Practice. The following legal basis will be used to support the retaining of such information and the sharing of information with the enquiry;

  • GDPR Article 6(1)(c) – Processing is necessary for compliance with a legal obligation. The Obligation being Section 21 notice to produce documents for the enquiry, creating a statutory obligation to disclose
  • GDPR Article 9(2)(g) and paragraph 6 of Schedule 1 Data Protection Act 2018 – processing necessary for reason of substantial public interest for exercise of a function conferred on a person by an enactment

The following information is likely to be retained and / or shared with the public enquire

  • Information relating to covid care
  • Information relating to impact on service delivery
  • Information relating to covid related incidents

Any data retained, passed its normal retention period, will be removed from its normal location within the Trust (either physical paper location or digital location) and restricted to those involved in the disclosing of information for the enquiry.

At the end of the enquiry, any data that has surpassed its normal retention period, will be securely destroyed in accordance with the Trust’s Data Protection Policy.

Should you have any enquires relating to either the covid enquiry itself or the processing of your information, inclusive of your rights to restrict processing or deletion of records, please direct these to the Trust’s Data Protection Officer via

Senior Information Risk Owner (SIRO)

Caldicott Guardian

Data Protection Officer (DPO)

Ms Nicola Burnett

Chief Financial Officer


Dr Daniel Bayliss

Chief Medical Officer


Mrs Sadie Bell                 

Data Protection Officer and Head of Information Governance & Digital Security Information Governance


Please see below for definitions of terminology used throughout this page;



Under GDPR data subjects (individuals) have eight specific rights..

1. The right to be informed

Individuals should be informed of how their data will be used. This applies to both patient and staff data. For more information on how data is used, please refer to Solent NHS Trust's Privacy Notices

2. The right of access

Individuals have the right to access their personal data, which is referred to as a Subject Access Request (SAR).

All requests of this nature should be submited to the Information Governance Team.

Find out how to request your information.

3. The right to rectification

Personal data can be rectified if it is inaccurate or incomplete.

Find out more about your right for data held about you to be rectified and destroyed

4. The right to erasure

This is often referred to as the “right to be forgotten”.

This right only applies in certain circumstances;

  • the basis for lawful processing is consent and the this has been withdrawn and there is no other legal ground for processing
  • the individuals whose data is being processed objects and there are no overriding legitimate grounds
  • the personal data has been collected in relation to information society services
  • the personal data is no longer necessary for the purposes for which it was collected for

Find out more about your right for data held about you to be rectified and destroyed

5. The right to restrict processing

Individuals have the right to require organisations to restrict processing where:

  • accuracy is contested by the individual
  • processing is unlawful and the subject opposes erasure
  • the organisation no longer needs the data, but the subject requires it to be kept for legal claims
  • the individual has objected, pending verification of legitimate grounds.

If you feel this is the case, please contact the Information Governance Team.

6. The right to data portability

Individuals have the right to receive personal data about them in a ‘commonly used and machine readable format’.
This right is only available where the processing is based on consent and the processing is automated. Please note: This is not the legal basis for the majority of Solent NHS Trust's Data Processing, therefore for with regards to most of the data held by Solent NHS Trust, this right does not apply.

7. The right to object

Individuals have the right to object to:

  • Processing based on legitimate interests or the performance of a task in the public interest/ exercise of official authority (including profiling)
  • direct marketing (including profiling); and
  • processing for purposes of scientific/historical research and statistics

8. Rights in relation to automated decision making and profiling

Profiling analyses aspects of an individual’s personality, behaviour, interests and habits to make predictions or decisions about them.

Automated decision-making is the process of making a decision by automated means without any human involvement. These decisions can be based on factual data, as well as on digitally created profiles or inferred data.

Automated decision-making often involves profiling, but it does not have to.

Information about your health and care helps Solent NHS Trust and our healthcare partners to improve your individual care, speed up diagnosis, plan your local services and research new treatments.

As a result of these changes, you can choose whether your confidential patient identifiable information is used for clinical research and planning.

More information and how to opt-out can be found here.

How is your data used?

The below identifies a number of ways in which your data maybe used

* Please be advised this section of our website is currently under construction

* Please be advised this section of our website is currently under construction

* Please be advised this section of our website is currently under construction

* Please be advised this section of our website is currently under construction

Trust Privacy Notices

A Privacy Notice is a statement made to an individual (data subject) that describes how the organisation collects, uses, retains and discloses personal information. A privacy notice is sometimes referred to as a privacy statement, a fair processing statement or sometimes a privacy policy.

Below provides a list of System and Service specific Privacy Notices; This will allow you to have greater insight and knowledge into how Solent NHS Trust maybe processing your data.

If you wish to obtain a verbal privacy notice, please contact the Trust's Information Governance Team on 0300 123 3919, who will work with you to provide this. Please note the Information Governance Team are available 9am - 5pm, Monday to Friday (excluding Bank Holiday's.

* Please be advised this section of our website is currently under construction

* Please be advised this section of our website is currently under construction

GP Patient Feedback Privacy Statement: ACR project for patients with diabetes

The data is being processed for the purpose of delivery of a programme, sponsored by NHS Digital, to monitor urine for indications of chronic kidney disease (CKD) which is recommended to be undertaken annually for patients at risk of chronic kidney disease e.g., patients living with diabetes. The programme enables patients to test their kidney function from home. We will share your contact details with to enable them to contact you and confirm that you wish them to send you a test kit.  This will help identify patients at risk of kidney disease and help us agree any early interventions that can be put in place for the benefit of your care. will only use your data for the purposes of delivering their service to you. If you do not wish to receive a home test kit from we will continue to manage your care within the Practice. are required to hold data we send them in line with retention periods outlined in the Records Management code of Practice for Health and Social Care. Further information about this is available at:


Data Provision Notice (DPN) for GP Data for Planning and Research: Legal Direction (England)

NHS Digital has issued a Data Provision Notice (DPN) on 12 May 2021 to all practices in England notifying them of their intention to begin extracting data as part of the GP Data for Planning and Research (GPDPR) programme. GPDPR is the successor to the GP Extract Service (GPES) and it is a legal requirement for practices to comply with the DPN.

Below are some key documents / links:


There may be times when we share anonymised patient information as case studies, to provide quality oversight and learning both within the Trust and with our commissioning colleagues.

Flu / COVID Booking System - Solent NHS Trust Staff and Working Partners Only

The Flu / Covid Booking System is a Microsoft booking system, with high level security, access controls and encryption. The system is used by Solent NHS Trust Staff and Working Partners, when booking appointments for either vaccinations. You will be asked to provide your name and work contact details; this is so that we know who will attend the booked clinic slot and we have a way of contacting you should your appointment need to be changed. You will also in addition be asked for your NHS Number, so that we can identify you on NHS England's NIVS system and any known allergies / pregnancy, to ensure that you are safe to receive the flu vaccine. This booking system is not linked to your flu / Covid form which is held within the Occupational Health records storage system.

Solent NHS Trust is responsible for (Data Controller) the processing of your information, in reference to your appointment booking only. Solent NHS Trust will ensure that only relevant Health Care Professionals, overseeing the administrating of your vaccine, are in possession of your information.

Please also be advised that Solent NHS Trust is administrating this vaccine on behalf of NHS England, who are acting as Data Controller, for information recorded in providing your vaccine. NHS England requires all organisations administrating this vaccine, to record the outcomes and information about yourself, on the National Immunisation, Vaccination System (NIVS). Information on how your data is processed can be found here:


Information Governance Team

Solent NHS Trust Headquarters

Highpoint Venue

Bursledon Road


SO19 8BR


Patient Advice and Liaison Service (PALS)

Please visit our services page for specific services and contact details. Alternatively, contact our Patient Advice and Liaison Service by emailing or calling the number below. You can also give us feedback, make a complaint or share a compliment.

0800 013 2319

*Lines are open Monday to Friday 10am – 4pm.

The Freedom of Information (FOI) Act was passed on 30 November 2000. It gives a general right of access to all types of recorded information held by public authorities, with full access granted in January 2005.

The Act sets out exemptions to that right and places certain obligations on public authorities.


Phone: 0300 123 3919

*Subject to any exemptions which apply, we are obliged to provide the information requested please note that requests for Personal Information is not covered under this Act and should be applied for through the Data Protection Act 1998.

Our administrative and managerial centre is based in Southampton.

While our services can be found around various NHS locations in Southampton and Portsmouth (and surrounding districts), our administrative and managerial centre is based in Southampton at:

Highpoint Venue
Bursledon Road
SO19 8BR

If you require a printable version of how to find us including bus times, car access and bike info please download our leaflet. (Copyright of Highpoint Venue).

Central office phone: 0300 123 3390

*Lines open Monday to Friday 9am to 5pm.

If you are a journalist with a media enquiry, please contact the Communications Team at:

0300 123 4156 or 02381 031076

The Communications Office is open Monday to Friday 9am to 5pm.