Your Privacy and Information
We are the North London Foundation Trust (NLFT), created on 1st November 2024 following the formation of the North London Mental Health Partnership between Camden and Islington NHS Foundation Trust and Barnet, Enfield and Haringey Mental Health Trust.
The Trust collects and processes information about you when you have accessed and used our services. Full information on the types of information that we collect and process can be found in our Privacy Notice.
Under the Data Protection Act, you have the right to request and access the information that we hold about you. You can access your information by making a Subject Access Request (SAR).
NLFT Privacy Notice
NLFT respects your privacy and is committed to protecting your personal data.
This privacy notice will tell you about how we look after your personal data, your rights, and who you can contact for information.
The General Data Protection Regulation (GDPR) requires that data controllers provide certain information to people whose personal data they hold and use.
A privacy notice is one way of providing this information. This is sometimes referred to as a fair processing notice. A privacy notice should identify who the data controller is, with contact details for its Data Protection Officer. It should also explain the purposes for which personal data are collected and used, how the data is used and disclosed, how long it is kept and the controller’s legal basis for processing.
Requesting your information
You can request information that the Trust holds on you, such as your health records, by making a Subject Access Request (SAR).
You can make your SAR by emailing either nlft.information.request@nhs.net or nlft.records@nhs.net if you are a patient of Barnet, Enfield or Haringey Trust.
We would encourage you to fill out the below form when making your SAR as this will help us in narrowing exactly what information you require, however this is not a requirement:
Please note that requests for personal information may take between 30 — 90 days to respond to once identification is recieved, depending on the volume and complexity of the request.
Information and guidance on making a SAR can be found on the Information Commissioners Office website: Getting copies of your information (SAR) | ICO
Please supply identification when making your request, it would also be helpful to include your NHS number to address your request as efficiently as possible. Examples of acceptable proof of identification are listed below.
If you are unable to provide identification, please contact the IG Team at the above email address.
Proof of Name | Proof of Address |
Current signed photographic passport | Utility bill (gas, electricity, water, landline telephone bill) issued within the last 3 months |
Original birth certificate | Local Authority Council Tax bill for current tax year |
EEA member state identity card | Current UK driving licence (if not used for proof of name) |
Current UK or EEA photocard driving licence | Bank, Building Society or Credit Union statement or passbook dated within last 3 months |
Requesting information about someone else
You can make a SAR to obtain information about another individual provided you have a right to access this information or consent from the individual.
To request information about another person, please complete and return our form or email your request to:
Nlft.information.request@nhs.net
Or
nlft.records@nhs.net if the person is/was under the care of Barnet, Enfield and Haringey MH Trust.
Please note we will require proof of identity when you make this request and may ask for proof that you are able to make this request – for example you have right of authority or consent. This consent or right of authority must be dated within the last 3 months.
Requesting information about a deceased individual
The Access to Health Records Act 1990 grants rights to certain individuals to see what has been written about a deceased patient in a hospital and other health records. This only applies to written records made on or after 1st November 1991.
Access to these records is only available to the deceased personal representative or to any person having a claim arising out of a patients’ death.
Access may not be permitted if the following circumstances apply:
- If it is considered that the patient would not have wished disclosure of their information.
- If access would lead to the identification of someone else not involved in the patients care.
- If access would cause serious mental or physical harm to someone else not involved in the patient’s care.
To request information about a deceased individual please complete and return this form or email your request to:
Nlft.information.request@nhs.net
Or
nlft.records@nhs.net if the patient was under the care of Barnet, Enfield and Haringey MH Trust.
How long will you keep my records for
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or reporting requirements.
To determine the appropriate retention period for personal data, the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements have been considered.
All records held by the Trust will be kept for the duration specified by national guidance from the Department of Health and Social Care found in the Records management: Records Management Code of Practice - NHS Transformation Directorate (england.nhs.uk) and is supplemented by our Records Management policy and Retention schedule.
National Data Opt-Out
The national data opt out allows patients to opt out of their confidential information being used for research and planning. You can read more about it on the NHS website.
Patients can find out more and set their opt-out choice on the NHS data matters section of the NHS website.
Health and care staff can download leaflets, posters and other resources to use when informing patients. Staff can also read overview of the policy - Understanding the national data opt-out.
Service Specific Privacy Notices
These notices provide you with details of our privacy practices in connection with a number of systems we use and what we do to maintain your right to privacy.
You can download the privacy notices below:
Contact Us
- For Freedom of Information Requests: nlft.freedom.information@nhs.net
- For Medical Records/Subject Access Requests: nlft.information.request@nhs.net
- If you were treated at Barnet, Enfield or Haringey Trust: nlft.records@nhs.net
- For all other queries: nlft.feedback@nhs.net
- To contact the Data Protection Officer: nlft.information.request@nhs.net