In order to be an open and transparent organisation, the Trust is committed to making the maximum amount of information publically available at minimum inconvenience and cost.
We aim to make information available via our website and send out information electronically by email or secure data transfer.
Where necessary and upon request, we will also provide information in alternative formats, such as hard copy, if asked to do so.
From time to time, individuals may request access to information held by the organisation and, depending on the nature of the information being sought, requests will be considered under different legislation and one of four different access regimes:
- Requests from an individual (or their authorised representative) about their own personal data and information about them will be handled and dealt with in accordance with the Data Protection legislation – UK Data Protection Act 2018 (UK DPA 2018) and the UK General Data Protection Regulation (UK GDPR). More information available here
- Requests from a relevant authorised representative (the executor or person with a claim arising from the death) about a deceased patient's care record will be handled and dealt with in accordance with the Access to Health Records Act 1990. More information available here
- Requests for environmental information will be handled and dealt with in accordance with the Environmental Information Regulations 2004 (EIR). More information available here
- All other requests for information will be handled and dealt with in accordance with the Freedom of Information Act 2000 (FOI). More information available here
For independent advice and guidance about the Data Protection legislation, Environmental Information Regulations and the Freedom of Information Act, you can contact the Information Commissioner's Office or visit their website.
Click here for more detailed information on the process.
These requests are handled within the Trust by specific Subject Access Request (SAR) leads within each division. Please contact the relevant divisional SAR lead directly for advice and guidance.
From 1st April 2023 onwards, all Subject Access Requests (SAR), Access to Health Records Act (AHRA) requests in relation to deceased patients, and all other access requests must be logged on Radar. This is to ensure that the Trust has a complete record of all such requests and it can monitor compliance with these requests.
It is imperative that all such requests are identified and correctly categorised on Radar since requests may have different legal deadlines dependent on which legislation they are being requested under.
Please note that several of our generic email accounts have recently been consolidated and merged together. If you are experiencing any difficulties emailing these accounts or replying to emails from the previous email accounts, please delete the email address from your auto complete box in Outlook and try reselecting the new email address from the global address book.
| Division / Area | Contact Details |
|---|---|
|
Community Care Division Corporate - Human Resources Information Governance |
Information Governance Team |
| Occupational Health and Wellbeing |
Occupational Occupational Health Department |
| Mental Health Care Division |
AccessToRecordsLocalDivision Access to Records Team Admin – Access Team |
| Secure Care Division |
Ashworth Health Records Manager HMP Garth Referrals Co-ordinator Whalley Health Records Department |
Three specific event types are available on Radar for access to record requests:
- Subject Access Request (Living Individual)
- Under Data Protection law, we must respond within one calendar month (30 days on Radar) or within three calendar months (90 days on Radar) for complex requests.
- Access to Health Records Act (Deceased Individual)
- Under the Act, we must respond within 21 calendar days (if the records have not been added to within the last 40 calendar days) or within 40 calendar days (if the records have been added to within the last 40 calendar days).
- Other requests
- There is no legal deadline for these requests but they must be prioritised depending on the source of the request, need and any potential risk to the data subject and/or others (for example, requests from other healthcare organisations for direct care would be the highest priority so there is no delay or impact to the patient's care).
Other types of requests may come from a variety of sources such as NHS organisations, councils, government departments, housing associations, the police, the coroner, the courts, professional and regulatory bodies, etc. - see table below:
| Request Type | Example(s) of Requests From |
|---|---|
| Court Order |
All requests supported by a court order or a coroner’s request. These may come from Crown, County, Family, or Coroner's courts. It is imperative that, upon initial receipt, the court order is checked to confirm who it is served on and who it compels to provide the requested information to the court. If the court order is served on and compels Mersey Care to release the information, then it would be logged on Radar under 'Other'. If it is not served on or does not compel Mersey Care, then it would become a Subject Access Request requiring consent (or authorised authority) and would be logged on Radar under 'Subject Access Request (Living Individual)'. |
| Crime / Investigation / Prosecution | Police, Counter Fraud and other law enforcement agencies. |
| Employment and Social Security | Request for employment and social security purpose from other organisations. |
| Health and Social Care | Requests for direct care purposes from other organisations, including NHS organisations, private healthcare organisations and local authorities (eg social services, continuing healthcare). |
| Regulatory | Criminal Injuries Compensation Authority (CICA), Department of Work and Pensions (DWP), Home Office, Care Quality Commission (CQC), General Medical Council (GMC), Nursing and Midwifery Council (NMC), Health Care Professionals Council (HCPC), Parliamentary and Health Service Ombudsman (PHSO), etc. |
Radar Healthcare: Access to Records Event Training (Presentation)
Radar Healthcare: Access to Records Event User Guide (IG Guidance)
Access to Records Requests - Guide to Complex Requests (IG Guidance)
Subject Access Requests - Identity Checks (IG Guidance)