[Skip to content]

Our values: Care with compassion, Respect and dignity, Striving to excel, Professional standards, Working together
Data Protection

Data protection

What does the Data Protection Act mean to me?

The Data Protection Act 1998 (DPA) provides principles under which all organisations, including the NHS, operate when handling personal data.


It also gives the members of the public the statutory right of access to personal data related to themselves. In particular, there is provision for you to see your own health records. It is also important to note that consent to the use and sharing of patient data, is defined and enshrined, by Trust policies and procedures, and personal information on patients will not be divulged unless consent is given by the patient, or where there is clear legislation allowing this.

What information do we keep about you?

Like all hospitals, we keep accurate and up to date information about our patients, including details of all their treatments. This means health professionals have the information they require in order to give you the best possible treatment.


We take great care to look after your records properly, and anyone who has access to them is obliged to respect their confidentiality. Information held on computer must be registered under the Data Protection Act.


If you would like to know more about this, please write to:


Data Protection Officer, IM&T (level 4), Darent Valley Hospital, Darenth Wood Road, Dartford, Kent, DA2 8DA.

Fair processing (privacy notice)

Information for patients  

  • We ask you for information about yourself so that you can receive proper care and treatment.

  • We keep this information, together with details of your care, because it may be needed if we see you again.

  • We may use some of this information for other specified reasons:

The main reasons, for which your information may be required and shared with others, on a need to know basis, are:

Giving you health care and treatment

  • You may be receiving care from other people in the NHS.  

  • So that we can all work together for your benefit we may need to share some information about you. We only ever use or pass on information about you if people have a genuine need for it in your and everyone’s interests. 

  •  Whenever we can, we shall remove details that identify you i.e. anonymised data is used. The sharing of some types of very sensitive personal information is strictly controlled by law.

Looking after the health of the general public. For example:

  • Data is submitted to support national monitoring of conditions such as cancers (anonymised).

Managing and planning the NHS. For example:

  • Making sure that our services can meet patients’ needs in the future (anonymised).

  • Paying your doctor, nurse, dentist, or other staff, and the hospital which treats you for the care they provide.

  • Auditing accounts and preparing statistics on NHS performance and activity (anonymised).

  • Investigating complaints or legal claims.

Clinical Audit

  • Helping staff to review the care they provide to make sure it is of the highest standard.

Training and educating staff

  • Helping staff to improve their knowledge.


  • Approved by the Research Ethics Committee or the National Information Governance Board (NIGB). If the research involves your identity, you will be contacted to see if you are willing for us to share your information for this purpose.

Fraud prevention

  • Ensuring that our NHS is used only by those who are entitled to it.


Sometimes the law requires us to pass on information: for example to notify a birth. Everyone working within the NHS has a legal duty to keep information about you confidential. Where services are undertaken by non-NHS staff, agreements are in place to ensure confidentiality. It is a criminal offence to misuse personal information and the Trust (as data controller) has taken appropriate steps to ensure there is no such misuse of the information and that the Data Protection Act 1998 is upheld. In the event of a transfer to another health care provider, your medical records will be shared, in order to facilitate continuing care.


Anyone who receives information from us is also under a legal duty to keep it confidential.

You have the right of access to your health records in accordance with the Data Protection Act 1998. 

  • You may request a copy of your records, subject to payment of a fee.

  • If you become aware of any incorrect information that we are holding about you, then you have the right to request that this information be changed or erased.

  • Further details may be obtained by writing to The Health Records Manager, Health Records Department, Darent Valley Hospital, Darenth Wood Road, Dartford, Kent DA2 8DA. 

SMS Text Messaging:

  • Mobile telephone numbers can be used by the Trust to send SMS text reminders for appointments.

  • Please note that a mobile number used by multiple users or by more than one family member could lead to confusion as the text message includes an NHS number rather than a name.

  • If you would prefer NOT to receive SMS text reminders, please inform a member of staff.

Next of Kin:

  • If you agree, your relatives, friends and carers will be kept up to date with the progress of your treatment.

  • If you have to come into hospital at any time, the person you have designated as ‘Next of Kin’ should be the main liaison contact for this.

  • As this person may be contacted, please ensure that they are aware that you have supplied us with their details.

Non UK Residents:

  • Regulations made under section 121 of the National Health Service Act 1977 (as amended by sections 7(12) and (14) of the Health and Medicines Act 1988) place a legal obligation on Dartford and Gravesham NHS Trust to identify those patients not ordinarily resident in the UK. 

  • Persons not ordinarily resident in the UK may be charged for NHS services provided. 

  • The Trust is entitled to ask for documentary evidence in support of a patient’s claim to free treatment.

Advance Directive (Living Will)

  • If you have an advance directive, it is your responsibility to inform the Health Care Professional in charge of your care and to provide a copy of your advance directive to the Trust at your earliest convenience.

  • An advance directive only takes effect if you become unable to communicate to people your wishes about your medical treatment or are unable to take part in decisions about your treatment.


The Trust’s Data Protection Registration can be viewed at: www.ico.org.uk  (follow the link for Register of data controllers). Registration Number: Z4828025 


If at any time you have any questions about how we use your information, you can speak to the person in charge of your care or alternatively write to the Data Protection Officer, address above.