Your data and privacy

We are the guardians of your patient data, making sure it is protected and handled securely. We make sure data is only used for the good of health and care, and that patient data is always protected. We comply with the Data Protection Act 2018 and the Caldicott Principles.

Information about you and your health is recorded when you receive healthcare to help with your care and treatment. This is what is called your medical records.

We have no right to ask you about information which is not relevant to your care.

We use the minimum amount of information required to inform the people who need to know to provide you care.

Anyone who receives information from us is also under a legal duty to do the same and has a confidentiality clause in their contract. Breaking those rules can result in being dismissed.

NHS Login Privacy Policy

Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS Digital. NHS Digital is the controller for any personal information you provided to NHS Digital to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS Digital (as the “controller”) when verifying your identity.

To see NHS Digital’s Privacy Notice and Terms and Conditions, please Click here This restriction does not apply to the personal information you provide to us separately.


When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small files known as cookies. They cannot be used to identify you personally.

These pieces of information are used to improve services for you through, for example:

Enabling a service to recognise your device so you don't have to give the same information several times during one task

Recognising that you may already have given a username and password so you don't need to do it for every web page requested

Measuring how many people are using services, so they can be made easier to use and there's enough capacity to ensure they are fast analysing anonymised data to help us understand how people interact with government services so we can make them better

Which cookies do we use?

We use cookies to capture which pages are most popular, how long people spend on each page and what links they use to access the information they are seeking. We may also use cookies to enable the website to ‘remember’ details that you voluntarily give, such as when you complete online forms, so that you do not have to retype the information next time you use the website.

By using this website you are implying consent for these cookies to be placed on your computer. If you would like to remove these cookies and opt-out of the services that use them you can by selecting the appropriate settings on your browser.

Accessing your information 

You have a right to see or have a copy of the information the Trust holds about you.

See how to access your health records

The Caldicott Guardian

Maintaining the legal right to patient confidentiality continues to be an important commitment on our part. Because we access patient records we are required to have a Caldicott Guardian who has responsibility throughout the Trust to ensure we uphold patients’ rights.

North Middlesex University Hospital NHS Trust’s Caldicott Guardian is Dr Jayne Lim.

The Guardian plays a key role in ensuring that NHS, Councils with Social Services responsibilities and partner organisations satisfy the highest practical standards for handling patient identifiable information.

Acting as the 'conscience' of the Trust, the Guardian actively supports work to enable information sharing where it is appropriate to share, and advises on options for lawful and ethical processing of information.

If you have any concerns as to how your personal data is processed you can contact the Trust's Data Protection Officer by email