Copyright Disclaimer and Privacy Statement
Data Controller and Data Protection Officer
NEAS is a registered Data Controller with the Information Commissioner’s Office.
Our address is:
Newcastle upon Tyne
Telephone number: 0191 430 2000
Registration number: Z4877768
The Data Protection Officer is the person to contact if you would like to know more about how we use your information and they can be contacted at: email@example.com
Your right to complain
We work to high standards when it comes to processing your personal information. If you have queries or concerns, please contact us on firstname.lastname@example.org and we will respond.
If you remain dissatisfied, you can make a complaint about the way we process your personal information to the Information Commissioner’s Office, the contact details are as below:
Information Commissioner’s Office
Helpline number: 0303 123 1113
Retention of Records
Our Records Management Policy sets out rules for records management and retention. This Policy is based on Records Management Code of Practice for Health and Social Care 2016, which sets out what people working with or in NHS organisations in England need to do to manage records correctly. It's based on current legal requirements and professional best practice.
When you use this website
Visitors to our website including those who complete web forms
When someone visits www.neas.nhs.uk, we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
People who contact us via social media
We use a number of social media platforms to manage our social media interactions. If you send us a private or direct message via social media the message will be stored on the platform or system which you used to contact us. It will not be shared with any other organisations.
People who email us
We use Transport Layer Security (TLS) to encrypt and protect email traffic. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software.
People who communicate to us for complaints, compliments and comments
We receive your name and contact details when you complete our online form here.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We may compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
We will keep personal information contained in complaint files for 10 years.
People who contact us for commercial training
You can read more about what to expect when NEAS collects personal information for paramedic-led first aid, health and safety and trauma training here.
Journalists who contact us
Whenever we are called by a journalist, we record your name, email address, phone number and media organisation. This is so that we can contact you with answers to your questions, but also so that we have a record of your inquiry.
NEAS takes the view that, as a category 1 emergency responder under the Civil Contingencies Act 2004, we have an obligation to keep you informed and updated on developments.
We also believe that, as an emergency service, we have a public interest duty to keep you informed. This means that we will not be asking for your consent to keep your details. The information held is controlled by NEAS communications staff and will be used to contact you with information relating to journalistic inquiries about the public services we provide. We will also use this information to contact you to events, photo-opportunities, interviews and briefings about other health-related issues, products and services that we feel may be of interest to you.
You can change your preferences by emailing email@example.com
People who contact us for NHS care and treatment
NEAS provides NHS care and treatment for people living in North East of England, and as a Trust we:
- Receive and respond to 999 calls from members of the public
- Respond to urgent calls from healthcare professionals e.g. GPs
- Receive and respond to 111 calls from members of the public
- Provide patient transport and urgent care services
Please click here to read more about how we handle patient information.
Information we collect for recruitment and employment
You can read more about how we handle information for recruitment and employment here.
Information we share with external service providers
We use some external providers to help us provide you with the service you require. We share some of your information with them to enable them to provide these services. They cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
We have contracts in place with certain providers who will provide us with certain services. This includes provision of voice recording services, facility for video interview etc. NEAS retains the role of data controller for each of these services , which means that the processors work within the NEAS contractual terms. These contractors may hold and process data including patient information on our behalf. These services are subject to the same legal rules and conditions for keeping personal information confidential and secure. We are responsible for making sure that staff in those organisations are appropriately trained and that procedures are in place to keep information secure and protect privacy. These conditions are written into legally binding contracts, which we will enforce if our standards of information security are not met and confidentiality is breached.
Data Protection Impact Assessments
A Data Protection Impact Assessment (DPIA) helps the Trust to identify, assess and mitigate any potential privacy risks that may arise when processing personal data. DPIAs are now a mandatory requirement for any changes to current data processing practices, the launch of a new project or the adoption of a new practice or system which involves personal data. All completed DPIAs are submitted to the Information Governance Working Group for review and approval. The membership includes the Senior Information Risk Owner (SIRO) and the Data Protection Officer (DPO).
If you would like a copy of any DPIAs, please contact firstname.lastname@example.org.