The Health Board takes the security of your data very seriously, whether it is electronic or in paper form. We have internal policies and controls in place to try to ensure that your data is not lost, accidently destroyed, misused or disclosed, and is not accessed except by employees or organisations acting on our behalf in the performance of their duties.
We will hold your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal information are available on the Information Governance intranet page.
All staff are required to undertake training on a regular basis to make sure that all staff working in the NHS are aware of their responsibilities about the handling of Personal Data regardless where they work in the Health Board.