This Privacy Notice sets out how St John Ambulance & Rescue Service processes (collects, uses, retains, protects and discloses) personal information.
We recognise the rights you have over your data and acknowledge the control you exercise over how it is used. We respect these rights and are committed to safeguarding your privacy.
St John Ambulance & Rescue Service (SJARS) is registered as a Data Controller with the Data Protection Authority (Registration Number: 11168).
SJARS also processes data on behalf of St John Guernsey, a registered charity in Guernsey (charity number CH121) and St John Commercial Services (company number 46097).
How we use your personal information
SJARS provides an emergency pre-hospital care and patient transport service within the island of Guernsey and emergency services to the other islands within the Bailiwick, as and when required.
When you contact us as a patient we collect information about you and keep records about the service we provide. We may also record information about you if you contact us for any other reason. This guidance explains the type of information we record about you, why this is necessary and the ways in which the Service may use this information.
What type of information will we record about you?
We record details on paper and electronically when we respond to a call for help or a booking for Non-Emergency Patient Transport Services (NEPTS).
If one of our ambulances attends you, or you are transferred to hospital by ambulance, we will collect information about you to help us identify and treat you. This will be recorded on a patient report form together with details of your symptoms and condition and any treatment we give you.
If you receive patient transport services we will record details about where you live, where we will be taking you and some details about your circumstances.
The above information is also used to determine the level and cost of the service rendered to you and to what extent you are liable for those costs. Information provided by persons who subscribe to our annual membership scheme is only used by the Service to establish a person’s entitlement or otherwise to free services under that scheme.
We have a legal duty to keep your information confidential, accurate and secure at all times, in line with data protection legislation. Our staff are trained to handle your information correctly and protect your privacy. We aim to maintain high standards, adopt best practice for record keeping and regularly check and report on how we are doing. Your information is never collected for direct marketing purposes and is not sold to any other third parties.
If you make a complaint or an enquiry about the service we have provided or have contact with us about another matter, we will keep a record of all the relevant details in a file for case management purposes. In some cases, we may need to obtain information from the hospital or destination we conveyed you to in order to investigate a complaint or deal with an enquiry.
What happens to your clinical records?
If an ambulance takes you to hospital we will give the hospital staff, responsible for your continuing direct care, a copy of the patient report form so that they have details of your condition and the treatment we have provided.
In some circumstances, particularly if we do not take you to hospital, we may consider it appropriate to share your information or clinical records with other healthcare professionals. Most commonly, this will be your GP but we may also recommend passing your details to other healthcare areas, either the Hospital’s Falls Team or the Diabetic Nurse specialist, to assess whether they can offer you support that may help to prevent a similar situation arising again. In such circumstances we will only share your information with your prior written consent.
SJARS is commissioned by the Committee for Health & Social Care (HSC) to provide ambulance services. Occasionally we are asked by HSC to provide anonymised information about incidents attended so that they can identify and provide more appropriate care pathways for patients. There are strict control measures in place to ensure that any information we share is only passed to the person who has a right to see it.
One of the conditions of our contract with HSC is that we undertake an annual patient experience survey. We achieve this by sending out survey forms with patient accounts and in the case of those who subscribe to our membership scheme, and therefore do not receive accounts for services rendered, we write separately with a survey form. Patients using NEPTS are given a survey form by our attendants. Responses are anonymous but responders are invited to include a telephone number if they wish to be included in a free draw. The raw data is securely destroyed at the conclusion of the survey.
Records of the treatment and service we provide are retained securely for reference and enable us to monitor how effective we are at providing our various services.
Helping us to train our staff and monitor their work
Ambulance clinicians may need to copy patient report forms they have completed for their training but they will redact information that could identify you before they do this. Anonymised information from patient report forms is also used for internal audit purposes.
Our clinical practitioners have a duty to participate in clinical audits and to contribute to clinical outcome reviews. If such an audit is carried out by the clinician(s) that provided your care or those working to support them we will, wherever practical, seek to anonymise your information. When that is not practical, or would otherwise undermine the purpose of the disclosure, your personal information may be disclosed on the basis of implied consent but it is your right to object to your information being disclosed in this manner.
Monitoring the standard of care provided in support of the wider Health & Social Care mandate
We pass certain performance related information to HSC as part of our contractual agreement with them, as commissioners of ambulance services. This enables them to monitor our contribution to the standard of care we provide in support of their mandate. We only supply information that is needed for these purposes and in most instances, it is statistical data.
Disclosure to third parties
We will not disclose your information to third parties (for instance outside of Health) without your permission unless there are exceptional circumstances, such as when it is justified in the public interest; for example:
- When a serious crime has been committed;
- When there are serious risks to the public or Health staff; or
- To protect children or vulnerable adults who are unable to decide for themselves whether their information should be shared;
or where the law requires information to be passed on; for example:
- Where a court order directs us to do so.
When we pass on any information we will ensure that the recipient is aware that it must be kept confidential and secure and in accordance with data protection legislation.
Information sharing agreements
The Service will sometimes be asked to share information with other organisations e.g. the Joint Emergency Services Control Centre. We will always ensure that a formal agreement is in place detailing what information will be used for and how it will be kept secure and confidential. These agreements are reviewed on an annual basis.
Complaints and enquiries
Files relating to complaints or enquiries will only be seen by the staff who are dealing with the matter. Instances may arise whereby we are asked for information about the service we provided to you by another organisation investigating a complaint or enquiry you have made to them, or if you are pursuing a legal claim against them.
How do you know your records will be kept confidential?
All health related organisations have a legal duty of confidence to their patients and the Data Protection (Bailiwick of Guernsey) Law, 2017 further defines how we can collect and handle personal information.
The National Health Service (NHS) also has an additional set of guidelines, known as the Caldicott principles, which apply to the use of patient information. All NHS organisations are required to appoint a Caldicott Guardian to ensure patient information is handled in accordance with legal and NHS regulations. In accordance with that recognised best practice, SJARS has an appointed Caldicott Guardian.
We will seek your consent before we release information that identifies you to any third party for any other reason than those set out in this guidance and the regulations. We will not pass information that identifies you to another person or organisation (including friends or relatives) without your knowledge or permission unless we have an overriding legal duty to do so.
How long do we keep your records?
We retain patient clinical records for up to 25 years, depending on the age of the patient at the time of treatment. Other records that may contain information about you are kept for varying lengths of time, up to 10 years.
Your rights over your information
The Data Protection Law gives you several rights with regard to your personal information. These include the right of access, free of charge, to all personal or clinical information we hold about you – this is known as the ‘Right of Subject Access’.
In order to access your information we would encourage you to submit your request in writing. This will ensure that we understand exactly what you are asking for, thereby avoiding any misunderstandings at a later date. Following receipt of your request you may be asked to supply a form of identification in order that we can be sure we are releasing information to someone who is legally entitled to it.
If you believe any of the information we hold about you may not be accurate, or if you have any concerns about us collecting and using information about you as outlined here, or if you wish to make a complaint about our use of your information you should contact our Data Protection Officer using the contact details below.
If you are still unhappy with the outcome of your enquiry you may make a complaint, in writing, to the Data Protection Authority:
Office of the Data Protection Commissioner
St Martin’s House
St Peter Port
+44 (0) 1481 742074
Ambulance Data Protection Officer
St John Emergency Ambulance Service
St Peter Port
Guernsey, GY1 1YN
+44 (0) 1481 723866 (normal office hours only)
If you have a query related to St John Guernsey or St John Commercial Services (including their respective trading entities), please contact their Data Protection Officer:
Data Protection Officer St John Guernsey
St John Headquarters,
St Peter Port,
Guernsey, GY1 1YN
+44 (0) 1481 727129 (normal office hours only)
Changes to this privacy notice
SJARS may from time to time change this Privacy Notice. However, if this Privacy Notice is changed in a material way SJARS will post a notice advising of such change at the beginning of this Notice. We recommend that you re-visit this Privacy Notice from time to time to learn of any such changes.