Need help finding us? Click here

Cookies Policy

Privacy and confidentiality

We are committed to ensuring that your privacy is protected.

Should we ask you to provide certain information by which you can be identified when using this website then you can be assured that it will only be used in accordance with the Data Protection Act (1998) and the information set out in this privacy statement.

We are always looking at ways we can improve our website and may change this policy from time to time by updating our privacy pages.

Accessing your own information

You have a legal right to request sight of your personal information under Section 7 of the Data Protection Act. Further information on how to do so can be found here.

For further information please contact the Information Governance Manager on 020 3513 6184

or

Information Governance Manager
South West London & St George's Mental Health NHS Trust
Springfield University Hospital
61 Glenburnie Road
London SW17 7DJ

Your health records and you

We have produced a leaflet explaining why we need to record your information, how it is stored and who we might share it with. You will find the leaflet on our publications page.

You can also request a printed copy by contacting our Communications Team on 020 3513 6006.

Privacy notice

This privacy notice explains what to expect when South West London and St George’s Mental health NHS Trust (SWLSTG) collects and processes your personal information. It describes what information we record about you, how we keep it, how long we keep it for and who we may share your information with and the legal basis for this. It also explains your rights regarding your information and how you can apply to see it.

We aim to provide you with safe and effective healthcare. To do this we have a legal duty to keep records about you, your health and the care we provide you.

How is the confidentiality of your records maintained?
SWLSTG is committed to protecting your privacy and will only use information collected lawfully in accordance with the General Data Protection Regulation (GDPR) which replaced the Data Protection Act 1998 on 25th May 2018 and is regulated in the UK by the Information’s Commissioner’s Office. Additionally we abide by the Human Rights Act 1998, the Common Law of Confidentiality and the NHS Code of Confidentiality and Security.

What information do you keep about me?
  • We keep personal information, such as your name, address, date
  • of birth, NHS number and GP to ensure that your health care information is recorded correctly in your health record.
  • We keep information about your health problems and the care you have received from us in your health record.
  • When you meet a member of your care team, for example for a consultation or therapy session, a record of what you discussed and any decisions made will be added to your healthcare record.

Why do you keep this information?
Accurate and up-to-date information about you is very important so that we can look after you safely. It means that we can assess and meet your needs without asking you the same questions every time we meet you or if you see someone different.

What is your legal basis for processing my information?
Under the GDPR we rely on the following legal basis to process your health information for your direct care:
  • Article 6 (1)( e) - processing is necessary for the performance of a task carried out in the public interest
  • Article 9 (2)(h) – processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or contract with a health professional.

We have a duty of care to inform your GP/referrer concerning the assessment and care we provided to you.

We may share your information for direct care purposes with other professionals in local hospitals, social care teams and GPs who you may see for your health and social care needs.

Health and care staff working in south west London boroughs for which our Trust provides mental health services – Wandsworth, Kingston, Richmond, Sutton, Merton – now have better access to more accurate information, so they can provide safer, faster and more effective care and support.

In some cases, your health records belonging to different organisations have been linked together so that relevant information about you can be safely shared between the staff who need it across south west London – for example, the Kingston Care Record. This means that no matter where you receive care in south west London, the staff looking after you will have the most up-to-date information when they need it.

Find out more about the Kingston Care Record

Who can you share my information with?
Where we share information to protect you and others, for example:
  • Safeguarding teams (if a child or vulnerable adult is potentially at risk)
  • Serenity Integrated Mentoring (SIM) see further information below
  • Multi-Agency Public Protection Arrangements
  • Multi-Agency Risk Assessment Conference
  • The police and others in an emergency situation
For these purposes we rely on the following legal basis under GDPR:
  • Article 6 (1)(d) – processing is necessary to protect the vital interests of a data subject or another person.
  • Article 9 (2)(c) – processing is necessary to protect the vital interest of a data subject or another individual where the data subject is physically or legally incapable of giving consent.

SIM ( Serenity Integrated Mentoring ) London focuses on the small number of people that are high intensity users of S136 of the Mental Health Act and or associated crisis services including ambulance, police, mental health and emergency care. The main aim is to reduce S136 occurrences for these individuals, including improving the individual’s wellbeing and quality of life.

SIM is an integrated model of care, bringing police and mental health professionals together into joint mentoring teams where they intensively support service users who were struggling to manage high frequency and high-risk crisis behaviours.

One of the key components of this joint approach is a Care and Response Plan shared with the relevant partner organisations Mental Health Trusts, Metropolitan Police, London Ambulance Service and the Emergency Department. SIM is a national programme, to find out more about SIM visit

Where we have to share information about your care with other organisations such as:
  • Department of Health
  • General Medical Council
  • Audit Commission
  • Health Service Ombudsman
  • Care Quality Commission
  • NHS complaints committees
  • Cancer registries
  • National confidential enquiries
  • The police or justice system

For this purpose we rely on the following legal basis under GDPR:
  • Article 6(1)(c) – Processing is necessary for compliance with a legal obligation.
  • Article 9 (2)(h) – processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or contract with a health professional.

Where we share your information with any law enforcement agency, court, regulator, government authority or other third party where we believe this is necessary to comply with a legal or regulatory obligation to protect our rights or that of a third party, we rely on the following legal basis:
  • Article 6(1)(c) – Processing is necessary for compliance with a legal obligation.
  • Article 9(2)(f) – Necessary for the establishment, exercise or defence of legal claims or where courts are acting in their judicial capacity.

National Fraud Initiative
We are required by law to protect the public funds it administers. We may share information provided to us with other bodies responsible for auditing or administering public funds to prevent and detect fraud.

We may share your information with a number of third parties who we commission to process data for us, for example:
  • To send out a large mailing of letters/information/surveys to our service users and Trust members
  • For the maintenance and technical support of our information systems
  • For the purpose of translation, interpreters and sign language
  • Recording phone calls for monitoring purposes

We are required to have Data Processing Agreements in place with these organisations. For other purposes the Trust will only share your information with another organisation with your consent. The Trust will seek to ensure your personal data is always used appropriately, fairly and lawfully.

What if I am ill and my friends or family want to see my records?
  • If you are in hospital, we will pass on very basic information to friends or family with legitimate concerns unless you ask us not to.
  • If you give us permission to share information about your health and treatment with a friend or family member, we are happy to do so.

Who else can see my records?
Staff involved with your care and treatment, may see your records. All our staff abide by a strict code of conduct on confidentiality and follow our policies and procedures regarding security and confidentiality. These are part of their terms and conditions of employment.

What if my information needs to be shared overseas?
If your information is required to be transferred overseas, for example if you moved abroad and requested a copy of your medical records to be sent to you, we will ensure adequate data protection is in place to safeguard and protect your information in transit and we will discuss this with you to ensure that you are satisfied with these arrangements.

How are my healthcare records stored?
We have computer systems that store your healthcare records. We can also scan paper letters and reports into this system, so that all your information is available to the staff who work with you to give you the best care possible.

All our systems are based in the UK and your information is protected to ensure that only authorised people can access it from secure computers.

How long do you keep my healthcare records for?
We are required by the Department of Health to keep your records for a certain amount of time after you have finished receiving care from us. This amount of time depends upon the type of care you have received from us and helps us continue your care if you need to use our services again in the future. The retention periods are set out in this document.

Can I see the information you keep about me?
You are entitled by law to see the information we hold about you – Articles 12, 15 of the GDPR apply. Your right to see your records is known as a ‘right of subject access’. You are allowed to see any records we hold about you. However, we may remove some information if it is not your personal information. For example:
  • Information provided by someone else (a third party) that we cannot disclose without their permission.
  • Information that is likely to cause serious harm to you or other people.
It would be against the law to disclose information, such as during legal proceedings.

How can I apply to see my information?
If you would like to see or request a copy of your records, please contact the Information Services Team at the address below.

Will I have to pay to see my records?
We will not charge you to see your records. However, we may charge a reasonable administration fee if your request is very large, complex or repeated.

How long will it take before I receive my records?
  • We will provide your records as quickly as possible and it should take no longer than 1 month from when we receive your written request.
  • If your request is very large or complex we may extend this period by a further 2 months.
  • We will provide your information to you in an electronic format.
  • We will only release your records if we are sure that you are the applicant or that you have given permission to someone else to access your records on your behalf, such as a relative or solicitor.

What if I am not satisfied with my application to see my records?
We want you to be satisfied with the way we look after your healthcare records and provide access to them. If you are not satisfied, first speak to a member of your care team or the team manager to discuss your concerns. If you cannot resolve your concerns in this way or would like to take the matter further, please contact

Patient Experience Manager (Complaints)
South West London and St George’s Mental Health NHS Trust
Building 15
Springfield University Hospital
61 Glenburnie Road
London SW17 7DJ
Tel: 020 3513 5520
Email: compliantsmanager@swlstg.nhs.uk

If you are not satisfied with the outcome of your complaint you may contact:

The Information Commissioners Office on 0303 123 1113 or via email or in writing to:
The Information Commissioner's Office,
Wycliffe House, Water Lane, Wilmslow,
Cheshire. SK9 5AF.

What are my rights regarding my personal information?
  • Unless an exemption applies under the General Data Protection Regulations, you have the following rights:-
  • To be informed about the collection and use of your personal data;
  • The right to request a copy of the personal information we hold about you;
  • The right to request that we correct your personal information if it is found to be inaccurate or out of date (speak to your health professional regarding any inaccuracies);
  • Your right to withdraw your consent to the processing of your information (but only if your consent was relied upon as the legal basis for processing your information);
  • The right to request that we provide you with your personal information and where possible, to transmit that data directly to other another organisation for you. This is known as the right to data portability, but it only applies if the legal basis for processing is based on us requiring your consent or where it is necessary for the performance of a contract with you, and we have processed the data by automated means.
  • Where there is a dispute in relation to the accuracy or processing of your personal information you have the right to request that a restriction is placed on further processing unless we have legitimate grounds to override this.
  • The right to object to the processing of personal data for the purposes of scientific/historical research and data analysis/statistics (see below - Using your information to improve our services)
  • The right to lodge a complaint with the Information Commissioners Office.
  • You right to request that your personal data is erased does not apply to health records as we have a legal obligation to hold them.
  • The right to object to any automated decision-making also known as profiling i.e. making a decision solely by automated means without any human involvement.

Communicating with you
If you provide us with your mobile telephone number we will send you appointment reminders unless you tell us not to.

If you provide us with your email address we will communicate with you by email unless you tell us not to.

Please ensure that you inform us if you change your mobile telephone number or email address so that you do not miss important communications from us.

Do not provide an email address that you share with others as this may compromise your confidentiality.

Please remember to let us know if your contact details change at any time. This could be a change of name, address, or contact telephone number.

Using your information to improve our services
We use information held within your records to help improve the services that we provide. We do this by collecting information from the records of groups of patients who have similar conditions or have received similar treatments, and comparing this with what we know are the best standards of care. This helps us to identify areas where we need to make improvements.

This process of checking care records against best practice is known as clinical audit. It is carried out by the staff who have provided you with care, or by support staff who work closely with them. They will only collect your personal identifiable information (e.g. your name, or date of birth, or postcode) to ensure they are collecting the correct information. However, any information that can identify you as an individual is removed from the clinical audit as soon as it is possible to do so in order to anonymise the information. Records of clinical audit are protected by NHS security measures and destroyed after five years.

If you would like to find out more about clinical audit, the use of information in improving healthcare, or how patients and the public can be involved in healthcare improvement, please visit the Healthcare Quality Improvement Partnership website.

We may at times contact you to invite you to take part in surveys with a view to helping us improve our services. Your participation is entirely voluntary and unless with your specific consent, the survey will by anonymous.

Information on the NHS Patient Survey Programme can be found here.

Mental Health Community Survey
In order to improve the quality of service we provide to service users, the Trust commissions an annual Mental Health Community Survey from a company called Quality Health. We provide them with contact details in order to send out survey questionnaires on our behalf.

How the NHS and care services use your information?
SWLSTG is one of many organisations working in the health and care system to improve care for patients and the public.

Whenever you use a health or care service important information about you is collected to help ensure you get the best possible care and treatment. The information collected about you when you use these services can also be provided to other approved organisations, where there is a legal basis, to help with planning services, improving care provided, research into developing new treatments and preventing illness. All of these help to provided better health and care for you, your family and future generations. Confidential personal information about your health and care is only used in this way where allowed by law and would never be used for insurance or marketing purposes without your explicit consent.

You have a choice about whether you want your confidential patient information to be used in this way.

To find out more about the wider use of confidential personal information and to register your choice to opt out if you do not want your data to be used in this way, visit www.nhs.uk/my-data-choice . If you do choose to opt out you can still consent to your data being used for specific purposes.

If you are happy with this use of information you do not need to do anything. You can change your choice at any time.

For further information please contact the Information Governance Manager on 020 3513 6184. or Write to:

Information Governance Manager
South West London and St George's Mental Health NHS Trust
Springfield University Hospital
61 Glenburnie Road
London SW17 7DJ
Tel : 020 3513 6184
email: John.hughes@swlstg.nhs.uk

The Trust’s Data Protection Officer is:

Tamara Cowan – Trust Secretary

If you would like to find out more about your rights under the General Data Protection Regulations and UK data protection legislation, please visit the Information Commissioners Office website.

Privacy policy and data protection

This privacy policy sets out how South West London and St George's Mental Health NHS Trust uses and protects any information that you give the Trust when you use this website. www.swlstg-tr.nhs.uk

South West London and St George's Mental Health NHS Trust is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website then you can be assured that it will only be used in accordance with the Data Protection Act (1998) and the information set out in this privacy statement.

We are always looking at ways we can improve our website and may change this policy from time to time by updating this page.

What we collect

  • Cookies - A cookie is a piece of information in the form of a very small text file that is placed on an internet user's hard drive. It is generated by a computer server that operates a web site. The information the cookie contains is set by the server and it can be used by that server whenever the user visits the site. Cookies make the interaction between users and web sites faster and easier. Cookies enable web sites to monitor their users' web surfing habits and profile them for marketing purposes. Web sites use cookies mainly because they save time and make the browsing experience more efficient and enjoyable.You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it or not. For more information about cookies please visit http://www.aboutcookies.org/default.aspx?page=5
  • Analytical tools - South West London and St George's Mental Health NHS Trust uses Google Analytics to help improve its website and make sure that visitor's to the site get access to the information they need. Google Analytics is a free service provided by Google Inc. Google Analytics uses a cookie in order to capture anonymous traffic data on visitor activity across the Trust website. This data is provided in an anonymous format, detailing the number of times a visitor browses individual pages on the Trust website, where the visitor is based geographically (country or city), and from what ipaddress the visitor's computer device is associated to. Google stores the information collected by the cookie on servers in the U.S and may be accessed by third parties if required to do so by law, or where third parties process information on behalf of Google. Google does not associate your IP address with your data. If you do not wish South West London and St George's Mental Health NHS Trust to track your activity anonymously on this website, you can disable cookies in your browser which will stop the tracking code. For more information on disabling cookies in your web browser please visit: http://www.aboutcookies.org/default.aspx?page=2
  • Online form submission - This website also contains forms that require personal information. When these forms are submitted they send the inputted data to a script that is processed and sent to a designated email within South West London and St George's Mental Health NHS Trust. We never share or distribute your data with other parties and you can expect the same confidentiality as you would if sharing this information with us in person.
  • Social networking sites - The Trust operates a Facebook page accessible via the Trust website and directly from www.facebook.com/swlstg. User information collected on Facebook is used only for analytical purposes and to promote activities and news from across the Trust and the services it provides. The Trust does not collect or share any personal data or information directly from Facebook users. If users of the Trust Facebook page are concerned about their privacy, they should refer to Facebook's own privacy statement available directly from www.facebook.com/about/privacy/
  • Links to other websites - The Trust website may contain links to other websites or documents of interest. Once you have clicked on these links to leave the Trust website, you should note that the Trust is not responsible for the content, protection or privacy relating any external websites, to that of the Trust. If you are concerned you should look at the privacy statement applicable to the website you are viewing.

Further information and help

For more information on Cookies and Google Analytics please see the links provided below.

Compromise agreements and whistle blowing

The Trust does not use compromise agreements containing confidentiality clauses (commonly called 'gagging clauses') that seek to prevent employees from speaking out about matters of patient safety or quality.

The Trust has reviewed any agreements it has made with staff over the last five years and can confirm that no clauses have been included in compromise agreements since 2008, which would have prevented employees or former employees from raising legitimate concerns about patient safety.

The Trust supports staff and others who bring forward concerns about safety and quality in its bid to continuously improve the services it offers to patients,their carers and families.

The Trust also has a whistle blowing policy in place. Staff can also approach the Trust's Senior Independent Director (SID) (who is a non-executive member of the Board) if they have concerns.

Jean Daintith is a Non-Executive Director and our current SID. Jean is Chair of the Quality and Safety Assurance Committee, Member of the Audit Committee, Member of the Foundation Trust Steering Committee and Member of the Remuneration Committee. You can contact Jean by emailing Jean.Daintith@swlstg-tr.nhs.uk.

Accessible Information Standard

Since 1st August 2016, all NHS organisations have been legally required to follow the Accessible Information Standard (AIS).

The standard aims to make sure that people who have a disability, impairment or sensory loss are provided with information that they can easily read or understand and with support so they can communicate effectively with health and social care services.

In the spirit of the AIS, The Trust is committed towards meeting the information and communication support needs of disabled people, improving outcomes and experiences and providing safer and more personalised care and services.