Our COVID-19 measures remain in place. Feel safe at Sussex Premier Health hospitals. Read our Covid-19 Policy here

Privacy Policy

Who we are

Sussex Premier Health is owned by East Sussex Healthcare NHS Trust. When you use our services, this page explains the information we hold and how we use it.

When you use our services, we use information about you so that we are able to treat you appropriately and effectively.

We must keep records about you, your health and the care we have provided or plan to provide to you. If we do not have up-to-date and accurate information about you, we may not be able to provide you with appropriate healthcare.

Types of personal information

Information such as your name, data of birth and address is referred to as personal data (information that relates to a specific individual). Some categories of information are referred to as special categories of personal data, including:

How long do we hold your personal information

East Sussex Healthcare NHS Trust has a Health Records Destruction and Retention policy and procedure that states that most records are held for eight years after the last date that treatment was provided. There are some exceptions which include:

Using your information

We use your information to provide you with healthcare and to support the administration of the Trust. We, and occasionally, our partner organisations, may also use your information for the evaluation, monitoring and/or redesign of healthcare services. If you have given us your contact details, we may also send you newsletters, invitations to complete short surveys as part of our work to improve our services and information of services (“Marketing”) that may be of interest to you.

The hospital may also need to process your information in order to:

In addition, we may also contact you to invite you to participate in on-line surveys regarding the clinical outcomes of your care called Patient Reported Outcome Measures (“PROMs”). These are not a form of marketing. If you are a private patient your PROMs results are shared with PHIN (see the next section), and if you are an NHS patient your PROMs results are shared with NHS England. We may send you an initial invitation asking you to participate before you receive your care, by post, SMS, email or in person when you attend the hospital for your care. If you choose to complete a PROMs survey you will also receive subsequent surveys after your care to help establish the benefit you have gained from treatment.

Sussex Premier Health is required to Disclose information to Private Health Care Information Network (“PHIN”). Under the Competition and Markets Authority Private Healthcare Market Investigation Order 2014, we are required to provide PHIN with personal data related to your care, including your NHS Number and postcode, the nature of your procedure, the length of your stay in hospital, whether there were any complications, your recovery and improvement post-treatment, and any feedback you gave us as part of the PROMS survey.

PHIN is an organisation who will monitor outcomes of patients who receive private healthcare services, as part of a UK-wide programme to improve the public’s access to information on the quality and outcome of private healthcare.

Sussex Premier Health complies with the National Data Opt-Out Policy.  For example, we remove data that identifies individuals such as name and address when we are planning what services we will provide.  The best place to find out more about out the opt-out is to follow this link to the national website: 
https://digital.nhs.uk/services/national-data-opt-out

Sussex Premier Health is required to record details of adverse incidents. If you have been involved in an adverse incident, some information about you may be reported on our internal database. We will inform you of this where practicably possible.

We have produced a leaflet that you can download: Your personal information and how we use it

Legal bases for processing your information

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves i

To use information about you the Trust must be compliant with the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA18) and establish the legal bases for using information.

The fibasis or article that the Trust will rely upon for processing or using personal information is Article 6(1)(e) “… for the performance of a task carried out in the public interest or in the exercise of official authority …”

A second basis is required because information about health is categorised as ‘special information’.  Most of the functions carried out by staff are covered by Article 9(2)(h) “… medical diagnosis, the provision of health or social care or treatment or treatment or the management of health or social care systems …”

As required by the law, the Trust is registered with the Information Commissioner’s Office (ICO) under the organisation name of ‘East Sussex Healthcare Trust’ with registration number ‘Z2917271’.  The register and our entry can be found here: ICO – Data protection public register

Some uses or processing of information will be covered by different articles, so if in doubt contact our Information Governance department esh-tr.infogov@nhs.net

Sharing your information

The Trust does share information with other organisations, for both direct and indirect patient care, for example to ensure that your GP is kept aware of any care provided by the Trust, or to ensure that the Trust is paid the correct amount of money for providing healthcare services.

We may also share your information with:

Accessing your Information

You have the right to access your information. This is referred to as a subject access request (the patient being the ‘subject’). If you wish to either see a copy of your record or receive a copy, then please see the complete the subject access request form and email to: info@sussexpremierhealth.com

Security of your Information

We do not sell your information to third parties, and only share it with organisations involved in the delivery of your healthcare or supporting the delivery of your healthcare. Information is kept on our secure network and our emails are encrypted.

is kept on our secure network and our emails are encrypted.

is kept on our secure network and our emails are encrypted.

Data Protection Impact Assessments

In line with Data Protection legislation, the Trust carries out Data Protection Impact Assessments (also referred to as Privacy Impact Assessments) before new systems are implemented. These are based upon the Information Commissioner’s DPIA template and allow the Trust to identify potential data protection risks of new systems or projects. Privacy Impact Assessments

Cookie Policy

Read more about our Cookie policy:

We may share your information with selected third parties including:

How do we protect your personal information?

We take appropriate organisational and technical security measures to protect the data that we hold against unauthorised disclosure or unlawful processing.

What are cookies?

The Site uses cookies to distinguish you from other users of our website. A “cookie” is a small amount of data which often includes a unique identifier that is sent to your computer, tablet or mobile phone (referred to here as a “device“) browser from a website’s computer and is stored on your device’s hard drive, mobile or other device.

There are different types of cookies which are used to do different things such as allowing you to navigate between pages on a website efficiently, remembering your preferences on a certain web pages, or improving your overall experience. Other cookies can provide you with advertising which is more tailored to your interests, or measure the number of site visits and the most popular pages users visit.

How to reject or delete cookies
You can choose to reject or block all or specific types of cookies set when visiting the website by clicking on the cookie preferences. You can change your preferences for Sussex Premier Health and/or the websites of any third party suppliers by changing your browser settings. Most browsers automatically accept cookies so if you don’t wish cookies to be used, you may need to actively delete or block them. If you reject the use of cookies, some features and functionality on our website may not work correctly. By using our website without deleting or rejecting some or all cookies, you agree that we can place those cookies that you have not deleted or rejected on your device.

What cookies does the Sussex Premier Health website use?

Below is a list of the different types of cookies used across the Site, and a description of what they are used for.

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Functional Cookies

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Targeting Cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Are third party websites covered by this policy?

The Site contains links to other websites. This policy only applies to the Site so when you visit external websites please read their privacy policies carefully. Sussex Premier Health accepts no responsibility for external websites.

We occasionally offer products or services for external companies. These organisations may also allocate cookies to your PC. The types of cookies they use and how they use this information will be governed by their privacy policies.

Use of CCTV

The Trust has CCTV on some sites. This is to provide a safe and secure environment for patients, staff, visitors and to safeguard Trust property. CCTV images may be used to assist in the prevention and detection of crime. Images may be shared with the Police for the investigation of crimes.

 How do you find out about changes to our privacy policy?

We keep our privacy policy under regular review and we will place any updates on this webpage.

We may change the content or services found on the Site at any time without notice, and consequently our privacy policy may change at any time in the future. Your continued access to or use of the website will mean that you agree to the changes.

Further queries or complaints

If you have further questions, then please contact the Trust’s Data Protection Officer by Email: esh-tr.infogov@nhs.net

If you have concerns that you do not wish to raise with the Trust, then please contact the Information Commissioner’s Office (ICO):

Information Commissioner’s Office (ICO)

Helpline: 0303 123 1113 (between 9.00am and 5.00pm)

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF