Your health records

Our Data Governance team process all requests for copies of mental health records held by the Trust. All requests must be in writing (which includes email).

Requesting Your Own Records

You have a legal right to request a copy of your mental health records under the Data Protection Act 2018. This is called a Data Subject Access Request. DSAR - sometimes abbreviated to just SAR. You can download an application form: DSAR Patients[doc] 58KB The form includes guidance on the DSAR process.

You can also request DSAR - Deceased[doc] 92KB

Requesting Records About Others (e.g. solicitors, police, other NHS and care organisations, courts etc.)

If you wish to request access to someone else’s records, please submit your request to data-governance@swlstg.nhs.uk. If you have a legal basis for doing so without the consent of the person whose records are being sought, please provide details; without a legal basis no disclosure will be made. If you have the person’s consent, please provide a copy.

Other Health Record Enquiries

For further information and for any other queries about your health records please contact the Data Governance Team, data-governance@swlstg.nhs.uk

You can also write to:

Information Governance Manager
South West London and St. George’s Mental Health NHS Trust
Tolworth Hospital, Red Lion Road
Surbiton, Surrey KR6 7QU

We have produced a leaflet Your health records and you[pdf] 382KB explaining why we need to record your information, how it is stored and whom we might share it with.

You can also request a printed copy of the leaflet by contacting our Communications Team.

 

Clinical Record Interactive Search (CRIS)

Electronic Patient Record

Your patient record is stored securely on our computers and is used by clinical staff at the Trust providing treatment to you to help make decisions about treatment and services for you. This system is similar across other services providing healthcare in the UK, such as GPs and other mental health hospitals not covered by SWLSTG. As well as being valuable in helping with your personal clinical care, the information stored in patient records can be used to help us understand more about the causes and treatments of different health problems and how the healthcare systems we provide are operating in the real world. 

Clinical Record Interactive Search (CRIS)

Clinical Record Interactive Search (CRIS) is a database currently set-up in the Trust, run by an external company AKRIVIA Health. The database pulls de-identified patient information (data) from the Trust electronic patient records. Every person who uses our services has their medical information stored in an electronic patient record. The de-identified information (data) pulled from each patient record is stored securely in the CRIS database to enable researchers and clinicians to undertake anonymised data studies, clinical audits and service evaluations. Personal information like your name, your date of birth, your address and your carer’s name are ‘blanked out’ by the system and are never seen by researchers in the Trust. 

What sort of things can CRIS help with?

CRIS is a useful tool to help researchers and staff use de-identified information from the electronic patient records to answer questions more easily. Here are some examples of the questions that could be looked at:

  • Do people’s home living arrangements affect how long people spend in hospital?
  • Does having a mental health problem affect your lifespan and likelihood of having different physical health problems?
  • Do some drugs work better than others to help with the symptoms of Alzheimer’s disease?
  • Do some drugs for schizophrenia affect physical health, e.g. by causing diabetes?

Data Linkage

Researchers using CRIS may also link information about your treatment and care in the Trust with other aspects of your health. This will help to improve physical and mental health as a whole. For example, at a neighbouring mental health Trust information about patients who had both mental health problems and cancer was linked to look at the impact of mental illness on cancer survival rates. CRIS enables us to do this in a format that will not identify you. 

How are my personal details protected?

CRIS removes or covers up any information that can identify you. Your name, the name of your carer, your full date of birth, address, postcode and phone numbers are replaced with ‘ZZZZZ’. This is achieved by special software that can also take account of spelling mistakes and other human errors. It is not 100% perfect, however if a researcher comes across an example where the software has failed to anonymise the record successfully, they must flag the record to be hidden from view until the problem is corrected. CRIS is only available to researchers who have a contract with the Trust, or who have approvals in place to use the information. An oversight committee that includes service user and carer representatives, senior doctors and the Trust’s information and data protection representatives meets regularly to oversee projects using the CRIS data and monitors the use of the CRIS system to make sure it is being used as intended and can remove and refuse approval at any time. 

Approvals and Governance

The Research and Development (R&D) team in the Trust oversees registration, design, application, and authorisation of all CRIS projects, including research, clinical audit, service evaluation and quality improvement. Currently CRIS research projects using de-identified information fall under an overarching NHS Research Ethics Committee (REC) approval (REC Ref: 24/SW/0101; dated 03 September 2024). This approval provides assurance that researchers can be authorised to collect de-identified information from CRIS for projects registered in the Trust. 

Confidentiality Advisory Group (CAG) Section 251

Confidential patient information is a legal term defined in Section 251 of the NHS Act 2006. It applies to both living and deceased patients and meets the definition if all of the following apply:

  • the information is identifiable or likely to be identifiable - this is determined on a case-by-case basis but can include identifiers such as:
    • NHS number, name, address and date of birth, or
    • where the activity requires information on rare illnesses that could potentially identify a patient or
    • where the patient could be identified from other data likely to be held by the person or organisation receiving the data
  • the information was provided under circumstances where the individual is owed an obligation of confidence
  • conveys information about the physical or mental health or condition of an individual, a diagnosis of their condition, or information on their care or treatment. 

CRIS also has a function to enable researchers in the Trust to access confidential information. In usual cases if confidential information is accessed for research outside of the routine clinical care team, individual patient consent would be sought.

The Trust have a section 251 Confidentiality Group (CAG) approval in place to support the legal basis to allow access to specified confidential patient information without consent. This means anyone outside of the routine care team (who work within the Trust) can apply to access confidential data for research projects. As part of this section 251 application, the Research and Development team in the Trust undertook: 

  • Public involvement: questionnaires and a focus group with service users and carers. CAG considered this public interest and the acceptability of using confidential patient information without consent.
  • Patient notification: this is clearly displayed around the Trust notifying service users, patients and carers that confidential data may be used for CRIS projects without their consent, providing guidance on how to withdraw. 

If a researcher from an external organisation wanted to use any confidential information, they would not be authorised to collect this under the Section 251, they would be required to obtain separate approvals and would be required to obtain consent (permission) from patients, services users or carers.

Can I request to have my record removed from CRIS?

Yes. Please contact the Research & Development department at ResearchDevelopment@swlstg.nhs.uk 

How do I find out more?

There are posters displayed around the Trust with information on CRIS, confidentiality and the Section 251, and how to opt out. The national CRIS website can be found here.

London Care Record

London Care Record is a confidential electronic record of your health and social care information. It is stored on a secure computer system. This means that your doctor, nurse or social worker will be able to offer you the best possible care and support quickly and safely. Having your health and social care information in one safe place will benefit you in several ways:

  • You will receive the best possible care, support and treatment more quickly.
  • You won’t be asked the same questions over and over again or have to keep repeating your medical or social care history.
  • Doctors, nurses and social workers will be able to work better together and make the best decisions with you through access to the right information when they need it.
  • You won’t need to have unnecessary appointments or tests.
  • It will reduce the chances of errors being made and so will be safer for you.

The Kingston Care Record is confidential and secure. Only doctors, nurses and social workers involved in your care and support will be able to see your record when you say they can, or in an emergency. If you don’t want your record to be seen at any time, all you have to do is say so. The choice is yours. Find out more about London Care Record.

National Data Opt-Out Programme

This National Data Opt-Out Programme has been introduced to allow NHS patients the opportunity to opt out from the use of their personal data for anything other than their individual care and treatment, such as research or planning purposes. This applies to the whole of the health and adult social care system in England. As from March 2020 all health and adult social care organisations are required to be compliant with the policy, where they are using confidential patient information for purposes beyond an individual’s care and treatment.

The opt-out applies only to a limited amount of patient information held by NHS organisations.

What the opt-out does affect

Research and planning are the only usage that apply, and only then if information that identifies a patient is being used. If the information is anonymised before it is used, the opt-out does not apply. You cannot opt out of having your personal information anonymised for research or planning (or any other secondary purpose that might apply).

If we do want to use identifiable data for research or planning purposes, we must have the person’s explicit consent. This has always been a requirement under data protection legislation and the Trust already complies with this requirement. If a person does not give consent, we do not use their data. So in real terms, very little will change.

What the opt-out does not affect?

The opt-out does not apply to information shared / used for any of the following:

  • Direct care of individuals between health and social care professionals
  • Where explicit consent has been given for information to be used
  • Safeguarding – where children or adults may be at risk
  • Vital interests - to prevent serious harm to someone (e.g. life or death situations)
  • In the public interest – where the public interest is greater than the need to maintain confidentiality (e.g. public health risks)
  • When a law requires (e.g. NHS reporting, detection of serious crime)
  • Anonymised data – where the information is edited to remove any possible way of identifying an individual

How to opt out?

If you wish to opt out, you can only do so by using the online service or phoning 0300 3035678.

You cannot opt out via our Trust, your GP surgery or any other NHS Trust directly. Please only contact the opt-out service using the above details.

Rating