How we use information about you - Fair Processing Notice

Enfield Clinical Commissioning Group (CCG) is responsible for planning and buying (also known as ‘commissioning’) health services from healthcare providers such as hospitals, as well as directly providing some health services such as continuing healthcare, the Enfield Referral Service, Personal Health Budgets and Individual Funding Requests.

We are a membership body made up of all GP practices in Enfield.  We do not provide healthcare services like a GP practice or hospital. Our role is to make sure the appropriate NHS care is in place for the people of Enfield within our available budget.

As an NHS organisation, Enfield CCG operates at a number of different levels in regards to the processing of personal data. We act as a Data Controller primarily for the management of data relating to our employees and those working on behalf of or with our organisation and also covering some NHS patient provider functions.

Enfield CCG may collect information about you which helps us to respond to your queries and help us to design services to improve the health needs and outcomes of local people.

Why we collect information about you

In carrying out our role and responsibilities as a commissioner of services for people living in Enfield, it is essential that the CCG has an understanding of the health and social care needs of our community.  The only way that we can achieve this is by using information that your GP, your clinician or your social worker has entered into your care record, as well as some information that is provided via external public sources such, as hospitals and the London Borough of Enfield. This information may exist on paper or in electronic format and Enfield CCG ensures that these are kept safe and secure in an appropriate way.

We do not however, need to have and use all the information that is provided.  Where this is identified, information is de-identified either in the Data Services for Commissioners Regional Offices (DSCRO) or Accredited Safe Haven (ASH) prior to being shared with the rest of the CCG for its use. (For further explanation, see section below on mechanisms for processing your data).

We may keep your information in written form and / or in digital form. The records may include basic details about you, such as your name and address or may also contain more sensitive information about your health and social care usage and also information such as outcomes of needs assessments.

CCG oversight and responsibility

The Enfield CCG Governing Body is supported by a number of key roles within the CCG led by the Senior Information Risk Owner, who is accountable to the Governing Body for information risk management within the CCG and the Caldicott Guardian who advises the Governing Body on specific issues relating to the use of patient confidential data.

These roles have oversight of the handling of information within the CCG or by any support organisations we may buy services from.

The Caldicott Guardian for the CCG is Dr Jahan Mahmoodi, Medical Director. Email address is:

NEL Commissioning Support Unit (NELCSU) provides administrative support for a number of CCG functions. You can visit their website for further information here.

Definition questions

To help you in reading this information, the following definitions have been used in this notification and across the CCG.

What is personal confidential data?

Personal confidential data is a term used in the Caldicott Information Governance Review and describes personal information about identified or identifiable individuals, which should be kept private or confidential and includes dead as well as living people.

The review interpreted 'personal' as including the Data Protection Act definition of personal data, but included data relating to deceased as well as living people, and 'confidential' includes both information 'given in confidence' and 'that which is owed a duty of confidence' and is adapted to include 'sensitive' as defined in the Data Protection Act.

Examples of identifiable data are:
• name
• address
• postcode
• date of birth
• NHS number

What is personal data?

As per the Data Protection Act 1998, and defined by the Information Commissioner's Office. Personal data means data which relate to a living individual who can be identified:
(a) from those data, or
(b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller, and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.

What is sensitive personal data?

Sensitive personal data is different from personal data. Sensitive personal data means personal data consisting of information as to:
(a) the racial or ethnic origin of the data subject,
(b) their political opinions,
(c) their religious beliefs or other beliefs of a similar nature,
(d) whether a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992),
(e) their physical or mental health or condition,
(f) their sexual life,
(g) the commission or alleged commission of any offence,
(h) any proceedings for any offence committed or alleged to have been committed, the disposal of such proceedings or the sentence of any court in such proceedings

What is secondary care data?

Secondary care data is information we have obtained from local hospitals, other care providers and other external public sources.

What is primary care data?

Primary care data is information that is provided by your GP surgery and other community service providers.

How is direct patient care defined?

The Caldicott Review defined direct patient care as a clinical, social or public health activity concerned with the prevention, investigation and treatment of illness and the alleviation of suffering of individuals.

It includes supporting individuals' ability to function and improve their participation in life and society.

It includes the assurance of safe and high quality care and treatment through local audit, the management of untoward or adverse incidents, person satisfaction including measurement of outcomes undertaken by one or more registered and regulated health or social care professionals and their team with whom the individual has a legitimate relationship for their care.

How is indirect patient care defined?

Indirect patient care is defined by the Caldicott Review as activities that contribute to the overall provision of services to a population as a whole or a group of patients with a particular condition, but which fall outside the scope of direct care. It covers health services management, preventative medicine, and medical research. Examples of activities would be risk prediction and stratification, service evaluation, needs assessment, financial audit.

Who is a Data Controller?

A Data Controller is a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

What is Data Services for Commissioners Regional Offices?

Data Services for Commissioners Regional Offices is a regional secure service provided by the Health and Social Care Information Centre (NHS Digital) to process information for NHS Organisations. For more information please visit the Data Services for Commissioners page of the NHS Digital website.

What is an Accredited Safe Haven?

An accredited safe haven is a local secure service who have undergone and obtained accreditation and approval to receive personal confidential information from various sources for commissioning purposes. Enfield CCG is an accredited safe haven organisation.

How your records are used to help the wider NHS

Your information may be used to help assess the needs of the general population and make informed decisions about the provision of future services. Information can also be used to conduct health research and development and monitor NHS performance.

Where information is used for statistical purposes, stringent measures are taken to ensure individual patients cannot be identified.  Anonymous statistical information may also be passed to organisations with a legitimate interest, including universities, community safety units and research institutions.

How your records are processed by Enfield CCG

Enfield CCG processes personal data for a number of reasons and in various ways. These are outlined below:

  • For the purpose of internal operations, Enfield CCG will use both electronic and manual mechanisms to process personal confidential information relating to its employees and visitors to our sites and services. This is based on explicit consent provided by each employee at the time of joining and updated when any changes are made through internal communications.
  • For the purpose of direct patient care, Enfield CCG will ensure that any information collected about you is initially provided by you and where any additional information is collected or used this will be with your explicit consent.
  • For the provision of indirect care and to maintain rules for use of information,EnfieldCCG uses a number of approved and secure services / systems to process information about you such as: 
    • Data Services for Commissioners Regional Offices – this is a regional secure service provided by the Health and Social Care Information Centre via the NEL Commissioning Support Unit (NELCSU). Further information can be found on the Health and Social Care Information Centre (NHS Digital) website.
    • Accredited Safe Haven – this is a local secure service within Enfield CCG to receive personal confidential data from various sources and then able to share de-identified data for commissioning purposes. The process for accreditation was established and managed by the NHS Digital Service, where our accredited safe haven was one of the first to be accredited. 
    • Controlled Environment for Finance (CEfF) – this is another established group provided by the NEL Commissioning Support Unit (NELCSU) on behalf of NHS England to support invoice validation.  This service was established under a Section 251 exemption of the Health and Social Care Act 2012 to allow commissioning organisations to validate invoices it received ensuring correct payments are identified and made on behalf of Enfield CCG.

How we keep your information confidential

It is everyone's legal right to expect that information held and used about you is safe and secure and is only used for the agreed purpose(s).

Everyone working for the NHS is subject to the Common Law Duty of Confidentiality. The information we hold about you, whether in paper or electronic form, is protected from unauthorised access. Under the NHS Confidentiality Code of Conduct, all our staff are required to protect your information, inform you of how your information will be used and allow you to decide if and how your information can be shared. All Enfield CCG staff receive annual training on how to do this. This is monitored by the CCG and can be enforced through disciplinary procedures.

Information provided in confidence will only be used for the purpose(s) advised with consent given by the patient, unless there are other specific circumstances covered by the current UK and European legislation.

Enfield CCG takes this responsibility very seriously and has ensured that it has robust and effective processes and procedures in place to achieve this expectation for you and the information we hold and process about you.

Enfield CCG, working with our network service provider, NEL Commissioning Support Unit (NELCSU) ensures that information is held in secure locations with restricted access to authorised persons only. We protect any personal information that is held on our systems with encryption so that it cannot be accessed by those who do not have access rights.


How we use the patient information that we collect

Enfield CCG has safeguards in place to prevent its staff from identifying individuals from the data that we receive either directly via our accredited safe haven, using information from services we commission in Enfield or indirectly via the Data Services for Commissioners Regional Offices using national information from various NHS organisations as outlined in the previous section.

Information from your health and social care records will be received into either the accredited safe haven or the Data Services for Commissioners Regional Offices and any information that might allow others to identify you is removed. This means that no one can know:

  • your name
  • your exact date of birth (this is replaced with just the year of birth)
  • your postcode (this is replaced with a national standard area code that is based on the total population and number of houses in an area)
  • The information from your health and social care records may also contain more sensitive information about your health and also information such as outcomes of needs assessments but these are mainly coded.

Your NHS number, GP practice and treatment details are kept so that your information from each service can be linked together within the accredited safe haven / Data Services for Commissioners Regional Offices controlled environment. This gives us a fuller picture of the health of people in Enfield and the services required to support them to stay healthy. We use this information to provide and improve health services. This data also enables us to target patients who may benefit from additional preventive care.

When analysing current health services and proposals for developing future services it is sometimes necessary to link separate individual datasets to be able to produce a comprehensive evaluation.  This may involve linking primary care GP data with other data such as secondary uses service (SUS) data (inpatient, outpatient and A&E).  In some cases there may also be a need to link local datasets which could include a range of acute-based services such as radiology, physiotherapy, audiology etc., as well as mental health and community-based services such as Improving Access to Psychological Therapies, district nursing, and podiatry for example.  When carrying out this analysis, the linkage of these datasets is always done using a unique identifier that does not reveal a person’s identity as the CCG does not have any access to patient identifiable data.

These uses are in line with the purposes outlined in our registration with the Information Commissioner's Office, the reference number is ZA007873.

What we use your information for

Analysis – Risk stratification

Your information may be used to help assess the needs of the general population both on a local, regional and national level to help make informed decisions about the provision of future services.  Information can also be used to conduct health research and development, monitor NHS performance in order to allow the NHS to plan for the future.

As part of our planning and continuous development, Enfield CCG will identify areas to concentrate on concerning the health of Enfield’s residents. In these circumstances, the use of data will be reviewed to ensure that it is still within the same meaning of this publication and the reasons for collecting data.

Risk stratification tools use historic information about patients, such as age, gender, diagnoses and patterns of hospital attendance and admission collected by the Health and Social Care Information Centre (NHS Digital) from NHS hospitals and community care services. This is linked to data collected in GP practices and analysed to produce a risk score.

There is currently Section 251 support in place to allow the CCG’s risk stratification tool to receive and link identifiable (using NHS number) patient information from the Health and Social Care Information Centre (NHS Digital) and from local GP practices.

A section 251 is where The Secretary of State for Health and Social Care has approved NHS England’s application for support to establish a temporary lawful basis for ‘necessary’ personal confidential data to be used to validate invoices, allow an organisation to become an accredited safe haven and carry out risk stratification. The risk stratification tool then provides the CCG with anonymised or aggregated data which we use to understand the health needs of the local population in order to plan and commission the right services. This is called risk stratification for commissioning.

Paying for services

Where care is provided that the CCG is responsible for, it will need to provide payment to the care provider.  See the rules for who pays.  In most cases limited data is used to make such payments.  In some instances information to confirm that you are registered at a GP within Enfield is needed to make such payments. This is done in line with the Who Pays Invoice Validation Guidance and within the Controlled Environment for Finance (CEfF).

Invoice validation

The CCG and NHS England may use either your NHS Number or Post code to validate invoices it received, to ensure the CCG is paying for treatments relating to its patients only, under The Section 251 rules in the Health and Social Care Act 2015.

The validation of invoices is undertaken within a controlled environment for finance within the NEL Commissioning Support Unit (NELCSU). The dedicated NELCSU team receives patient level information direct from the hospital providers and undertakes a number of checks to ensure that the invoice is valid and that it should be paid for by the CCG.

The CCG does not receive or see any patient level information relating to these invoices.

The invoice validation process supports the delivery of patient care across the NHS by:

  • ensuring that service providers are paid for the patient’s treatment
  • enabling services to be planned, commissioned, managed, and subjected to financial control enabling commissioners to confirm that they are paying appropriately for the treatment of patients for whom they are responsible
  • fulfilling commissioners’ duties of fiscal probity and scrutiny
  • enabling invoices to be challenged and disputes or discrepancies to be resolved

Handling continuing healthcare applications

If you make an application for continuing healthcare funding, Enfield CCG will use the information you provide and where needed request further information from care providers to identify eligibility for funding.  If agreed, arrangements will be put in place to arrange and pay for the agreed funding packages with appointed care providers. This process is nationally defined and we follow a standard process and use standard information collection tools to decide whether someone is eligible. From April 2014, anyone eligible for continuing healthcare will also be able to receive the money they need as a personal health budget in the form of a direct payment. This will give people greater choice and control over their care and support. You can read more about this on the continuing healthcare page of the NHS Choices website.