Privacy Policy

UK General Data Protection Regulations (GDPR) and Data Protection Act 2018 (DPA18)

In this section you can learn about how we manage our legal responsibilities in respect of information.

The UK General Data Protection Regulations (GDPR) forms part of the data protection regime in the UK, together with the Data Protection Act 2018 (DPA 2018) both of which applied from 25 May 2018. The Information Commissioner’s Office provides useful information about the new legislative framework which can be accessed by clicking on the following web links:

UK General Data Protection Regulations (GDPR) –

Data Protection Act 2018 (DPA 18) –

One of the requirements of the legislation is to have a nominated Data Protection Officer. The organisations Data Protection Officer can be contacted via


How your information is used

The NHS Leicester Leicestershire and Rutland Integrated Care Boards’ Privacy Notice tells you about information we collect and hold about you, what we do with it, how we look after it and who we might share it with. It covers information we collect directly from you or receive from other individuals or organisations.

At NHS Leicester Leicestershire and Rutland Integrated Care Board we are committed to protecting and respecting your privacy.

NHS Leicester Leicestershire and Rutland Integrated Care Board has various roles and responsibilities, but a major part of our work involves making sure that:

Contracts are in place with local health service providers;

routine and emergency NHS services are available to patients;

those services provide high quality care and value for money; and

paying those services for the care and treatment they have provided.

Accurate, timely and relevant information is essential for our work to help us to design and plan current and future health and care services, evidence and review our decisions and manage budgets.

You can view the organisations Privacy Notice here: link to document

For further information about our privacy notice and related information practices, policies and procedures please contact us via

The UK GDPR provides the following rights for individuals:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling.