Accessibility tools

Information Governance

Information Governance provides a framework of legal rules and best practice applicable to the processing (handling) of information. This includes information relating to patients, service users and employees, as well as corporate information eg financial and accounting records.

It ensures that the NHS handles all its organisational information, in particular personal and sensitive information, legally, securely, efficiently and effectively, in order to deliver the best possible care.

It forms part of an assurance process which also requires returns to the Department of Health by means of the Data Security and Protection Toolkit.

Our Information Governance Department acts as a central point of contact for requests for information under the following acts:

You can view our Privacy Notice by clicking here and additional Privacy Notice for COVID-19 here.

Under the General Data Protection Regulation (GDPR) you may ask for personal information that we may hold on you by submitting a Subject Access Request .

Subject to any exemptions which may apply, you can obtain copies of your health records, and, if you are an employee, your staff or training records.

Freedom of Information
The Freedom of Information Act 2000 provides public access to information held by public authorities. It does this in two ways: public authorities are obliged to publish certain information about their activities; and. members of the public are entitled to request information from public authorities.

For further information please visit our Freedom of Information page.

It has been a Department of Health mandated requirement for some time that all staff undertake annual information governance training.  The Trust is required to evidence that all staff have undergone the training.

The training MUST be undertaken by all staff once in each financial year and can be accessed either:

  • E-Learning
  • IG Assessment Paper

New Starters to the Trust must complete information governance training within four weeks of commencing employment with the Trust.  This is usually undertaken at the Corporate Induction session.

Current Employees must complete the Information Governance Refresher Module once in each financial year.  Additional training is mandatory for key staff in certain roles, and further information is available from the Information Governance Department.

The trust places great emphasis on the need for the strictest confidentiality in respect of personal health data. Everyone working for the National Health Service (NHS) is under a legal duty to keep patient information confidential, whether on paper or the computer or in verbal communication about patients. Staff and volunteers at the trust are required to comply with the requirements of the General Data Protection Regulation, Data Protection Act and The NHS Confidentiality Code of Practice

The Freedom of Information Act 2000 which allows members of the public to request information about East Cheshire NHS Trust does not affect the right of patients to protection of their patient confidentiality in accordance with Article 8 of the Human Rights Act, the General Data Protection Regulation, the Data Protection Act and common law. The legal right to patient confidentiality is of the highest priority to the trust.

What happens to information held about our patients?
To provide our patients with the best care possible sometimes means that it is necessary to share personal information with other trust departments, GP practices or organisations directly concerned with their treatment. Whenever information is shared, staff at East Cheshire NHS Trust are committed to adherence to strict codes of confidentiality. 

The clinical information held about you ensures that clinicians have a complete and continuous record about your treatment so that they can make an informed decision about your future care.

To identify you, we also hold personal information about you including your name, address and date of birth. You have unique patient identifiers which are your hospital and NHS numbers. We use these numbers to locate your records and, where possible, in communications about you.

The computerised and paper records held about you are solely for the purpose of your health and well-being.

Your information is shared with other health professionals involved in your care, and in certain circumstances when we are required by law to report information to the appropriate authorities, and some examples of this are as follows.

  • Notification of new births
  • Where we encounter infectious diseases which may endanger the safety of others eg. meningitis or measles
  • Where a formal Court order has been issued

The information is only provided after formal authority has been given by a qualified health professional.

Other ways my information might be used:

Clinical Audit
During or following treatment, your information could be used for clinical audit to review current standards of care against best practise. Audit results are discussed by clinicians, and can be published and/or presented, but always in an anonymised format so that you cannot be identified.

It could be used for research, but only with your consent. Research seeks to investigate new treatments, interventions and management procedures so that patient care is continually improved. You may be contacted to take part in surveys or consultations about our services.

National registers
It is sometimes passed for entry to national registers eg diabetes or cancer register, transplant databases or other national and local databases held (sometimes on other sites) about various illnesses. This information is used to improve the management of the conditions involved and inform public health in identifying the types of illnesses affecting the population.

Improving the NHS
It is used to help the management of the NHS when anonymised information is submitted ny way of local and national returns to assess waiting times, the quality of information about care and treatment information.​​​​​​​

Teaching purposes
Anonymised case studies could be used to educate doctors, nurses, pathologists and other professionals involved in patient care.

See our Privacy Notice for information about how we deal with your confidential information.

General enquiries
General enquiries relating to information governance should be directed to: 

The Information Governance Department
Macclesfield District General Hospital
2nd Floor
New Alderley House
Victoria Road
SK10 3BL

Email Address:
Telephone Number: 01625 663608

Caldicott Guardian
The trust has appointed a Caldicott Guardian, John Hunter, to be an advocate for our patients in all matters relating to confidentiality and to make sure we are doing as much as we can to protect their information. 

Contact details are as follows:

Caldicott Guardian 
Macclesfield District General Hospital,
Top Floor, New Alderley Building,
Victoria Road, 
Cheshire SK10 3BL

Information Governance Department
Macclesfield District General Hospital
2nd Floor, New Alderley House
Victoria Road
SK10 3BL

Telephone Number: 01625 663608

Email Address: