Data Protection Act 1998

What is the Data Protection Act ?

The Data Protection Act 1998 is about personal information on living people which is kept on paper or electronically (for example computer records etc.). The main aim is to make sure that when we use or record this information that it is kept private.

The Act has eight main rules:

• Tell people what we use their information for, and that we take special care with sensitive information
• Make sure that information is only used and shown to others for the reason it was collected
• Only keep the information that is required. Do not keep extra information that is not needed
• Update information to make sure it is always correct
• Only keep the information for as long as it is needed
• Make sure people can look at their own information. It is their right to do so
• Make sure that the information is kept safely so that it cannot be lost, changed or looked at by people who do not have a right to view it
• Only send the information to countries that have laws to keep the information in the same way.

The Access to Health Records Act 1990 allows access, in certain circumstances, to information that we hold on deceased patients

More information

Read all about NHS Grampian's Data Protection Policy.

Find out about your Right to Confidentiality and How to see your health records.  Further leaflets and alternative formats are available on the Health Rights Information Scotland website.

You can find more information about Data Protection on the UK Information Commissioner's website. 

For information about our corporate policy, please contact: 

Chris Morrice 
Information Governance Manager  
Department of eHealth
IM&T Building Foresterhill Site
Westburn Road
Aberdeen AB25 2XH
Tel:  01224 551549
Fax:  01224 552704
Email:  nhsg.infogovernance@nhs.net

Roelf Dijkhuizen
The Caldicott Guardian
Medical Director 
NHS Grampian
Summerfield House
2 Eday Road
Aberdeen
AB15 6RE
Tel:  01224 558441
Fax:  01224 558609
Email:  roelf.dijkhuizen@nhs.net