Sub menu


General Data Protection Regulation (GDPR) 

The General Data Protection Regulation (GDPR) came into force on 25 May, 2018 and replaced the Data Protection Act 1998. 

The GDPR is designed to strengthen and unify individuals' data protection.

An  overview of GDPR can be found here.

Who is responsible for data protection at the Trust? 

The data protection officer is Sarah Preston. You can contact Sarah at

How long do we keep information? 

Information is retained in line with the NHS Records Management Code of Practice which you can read about on the NHS Digital website.

What are my rights under GDPR? 

Information regarding your rights can be found on the information commissioners office website

How do you withdraw your consent to us to share information with other organisations? 

Please contact the information governance team on 01284 712941. If you're on the hospital site and receiving care, you can also speak to the outpatients or emergency department reception, talk to your clinicians, or ask to speak to someone from the Patient Advice and Liaison Service (PALS) team.