Skip to main content
Privacy Policy, gradient blue back ground with an image of an orange padlock, blue notepad and orange folder

If you are a user with general public and anonymous access the EPUT website does not store or capture personal information, but merely logs the user’s IP address that is automatically recognised by the web server. We do not use cookies for collecting user information and we will not collect any information about you except that required for system administration of our web server.

This privacy statement only covers the EPUT website at []. This statement does not cover links within this site to other websites.

Terms and conditions

Welcome to our website. If you continue to browse and use this website you are agreeing to comply with and be bound by the following terms and conditions of use, which together with our privacy policy govern EPUT’s relationship with you in relation to this website.

The term ‘EPUT’ or ‘us’ or ‘we’ refers to the owner of the website. The term ‘you’ refers to the user or viewer of our website.

The use of this website is subject to the following terms of use:

The content of the pages of this website is for your general information and use only. It is subject to change without notice.

Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.

Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any services or information available through this website meet your specific requirements.

This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance, and graphics. Reproduction is prohibited other than in accordance with the copyright policy, which forms part of these terms and conditions.

From time to time this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).

You may not create a link to this website from another website or document without EPUT’s prior consent. Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Scotland, and Wales.

Fair Processing Notice

Essex Partnership University NHS Foundation Trust (the Trust) processes information about you in order to provide health care services, and in doing so has to comply with the requirements of the General Data Protection Regulation (GDPR). This means that data held about you must only be used for specific purposes as defined by law. This Fair Processing Notice has been created to inform you about the types of information held about you, why that information is held about you, and to whom that information may be shared.

Essex Partnership University NHS Foundation Trust (EPUT)

The Lodge
Lodge Approach
SS11 7XX

Freephone: 0800 085 7935

Essex Partnership University NHS Foundation Trust (EPUT provides community health, mental health and learning disability services to support more than 3.2 million people living across Bedfordshire, Essex and Suffolk.

We are large employer in the East of England with more than 5,400 staff working across more than 200 sites. We also provide services in people’s home and community settings.

If you have any questions in regard to your information and how it is used, please contact the below department and we will do our best to help:

Data Protection Officer (DPO)

Information Commissioners Officer registration number: ZA242481

If your issues cannot be resolved by the DPO in regard to your query, and you are still not happy with our response, please see the Trust complaints department details below and the ICO details (Information Commissioners Office)

Trust Complaints Department

01268 407817 / 01268 739717

Information Commissioners Office (ICO)

Call our helpline on 0303 123 1113 (local rate – calls to this number cost the same as calls to 01 or 02 numbers).

ICO website

Your clinical care team and other health and care professionals caring for you keep records about your health and any treatment and care you receive from the NHS. These help ensure that you receive the best possible care from us. They may be written down (manual records) or held on a computer. The records may include:

  • Basic personal information about you, such as,
    • name
    • address
    • date of birth
    • contact details (telephone numbers/email address),
    • NHS number
    • next of kin details
  • Contacts we have had with you, such as day care clinics and/or home visits
  • ”Special categories” of information about you, such as,
    • Notes and reports about your health and any treatment and care you need
    • Details and records about the treatment and care you receive
  • Relevant information from other health and social care professionals, local authorities, voluntary organisations, relatives or those who care for you and know you well

Other types of information used/processed by the Trust:

  • Anonymised information/data, which is data about you, but you cannot be personally identified
  • De-identified information/data (Pseudonymised), which is data about you, but you cannot be personally identified only your care pathway to help improve the services we provide
  • We record CCTV images of people entering, approaching, or passing our buildings (there will be clear signs to advise you that CCTV is in operation) to;
    • Help staff and visitors feel safer
    • Act as a deterrent to offenders
    • Allow the collection of evidence to help find and convict offenders
    • Prevent, detect, investigate, and prosecute fraud
  • Body Worn Video (BWV) footage is used by our Mental Health staff within our wards to reduce the potential escalation of incidents to protect patients and staff. This will allow the collection of evidence to help find and convict offenders. The BWV will only be activated if the staff feel there is a risk to safety. Should the BWV be activated, you will be advised by the staff.
  • Realwear Headsets - Voice-activated headsets (Realwear) and use of SimplyVideo for real-time clinical assistance. Headset wearer (Clinician) will speak to the patient to make them aware of the headset and what it is to be used for. If patient does not want the headset used then they will not use it.
  • Oxevision is a medical device that captures video footage to monitor vital signs of patients. Footage can be used (clipped) in response to a patient safety incident or following change in a patients vital signs resulting in a system alert.  The video data is stored on the system for 24 hours before being overwritten.  Clipped footage is stored for the duration of the incident investigation, and then securely destroyed.

Your information will also be used to help us manage the Trust and protect the health of the public by being used to:

  • Review the care we provide to ensure it is of the highest standard and quality
  • Ensure our services can meet service user needs in the future
  • Investigate service users’ queries, complaints, and legal claims
  • Prepare statistics on the Trust’s performance
  • Audit Trust accounts and services
  • Undertaking heath research and development (you may choose whether to be involved)
  • Helping to train and educate healthcare professionals
  • Test that current / new patient and clinical systems are working effectively
  • Support the Essex Mental Health Independent Inquiry which is in place to investigate deaths that took place in mental health inpatient facilities, or within three months post discharge, across NHS Trusts in Essex between 1 January 2000 to 31 December 2020

Some of this information is held centrally within the Trust, but where this is used for statistical purposes stringent measures are taken to ensure that individual service users cannot be identified. Anonymous statistical information may also be passed to organisations with a legitimate interest, including Universities and Research Institutions.

Where it is not possible to use anonymised information, personally identifiable information may be used for essential NHS purposes. They may include research and auditing services.

You have a choice about whether your confidential patient information is used for research and planning.  If you are happy with this use, you do not need to do anything.  If you choose to opt-out, your confidential information will still be used to support your individual care.

To find out more or to register your choice to opt-out, please visit the Your NHS Data Matters website or call the national helpline on 0300 303 5678.  You can change your mind about your choice at any time. 

Everyone working for the NHS has a legal duty to keep information about you confidential and secure.

We keep your information safe and secure and comply with industry standards, such as, Cyber Security Essential and the Data Security and Protection Toolkit (DSPT).

You may be receiving care from other organisations as well as the NHS e.g. Social Services and the Voluntary Sector. We may need to share some information about you so we can all work together for your benefit. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. When we pass on any information, we will ensure it is kept confidential and secure.

We are required by law to report certain information to the appropriate authorities. This is only provided after formal permission has been given by a qualified health professional, as defined under Data Protection. Occasions when we must pass on information include:

  • Notification of births and deaths
  • Where we encounter infectious diseases, which may endanger the safety of others such as meningitis or measles
  • Child Protection cases
  • Where a formal court order has been issued
  • Benefits Agency cases
  • National Treatment Agency for Substance Misuse to monitor the availability, capacity, and effectiveness of treatment for drug misuse in England 

We follow the Trust and the Department of Health (DOH) policies and guidance in regard to the retention periods of data and information that we hold.

DOH (NHSx) Records Management Code of Practice 2021 – NHSX

Everyone working within the NHS has a legal duty to keep information about you confidential and secure. Similarly, anyone who receives information from us has a legal duty to keep it confidential and secure.

We will share information with the following main partner organisations:

  • Other NHS Trusts, hospitals that are involved in your care
  • Clinical Commissioning Groups and other NHS bodies
  • General Practitioners (GPs)
  • Ambulance Trusts

You may be receiving care from other service providers as well as the NHS, for example Social Care Services. We may need to share some information about you with them so we can all work together for your benefit if they have a genuine need for it as part of your care or we have your permission. Therefore, we may also share your information with:

  • Social Care Services
  • Education Services
  • Local Authorities
  • Voluntary and private sector providers working with the NHS
  • Police in emergency situations
  • The Essex Mental Health Independent Inquiry

We are supporting the Essex Mental Health Independent Inquiry which is in place to investigate deaths that took place in mental health inpatient facilities, or within three months post discharge, across NHS Trusts in Essex between 1 January 2000 to 31 December 2020. You may be written to by the Inquiry in order that they can share information with you regarding the Inquiry and to request your support to share experiences with them. We will endeavour to comply with all the Inquiry’s information requests that meet legal standards and the agreed terms of reference

The Inquiry has its own Privacy Notice which is available here

All Trust servers are based in the UK, however, if we do transfer your personal information outside the UK, we will make sure that it is protected to the same extent as it would be within the UK. 

You have a right to have your privacy respected and your data protected. The new law gives you easier access to the personal information we hold about your if you wish to check or change it. Its is designed to give you confidence that this information is accurate, up to date and well managed.

Your rights are listed below.

  • The right to request access to information we hold about you (
  • The right to be informed about how we collect and process the information we hold about you
  • The right to have your information rectified if the information we hold about you is not correct
  • The right to request erasure of the information we hold about you that falls outside our legal basis
  • The right to restrict processing which gives you an alternative to the erasure of the information we hold about you. This means we can hold the information, but we cannot use it or share it with external organisations.
  • The right to object to the use of your information for reasons other than to provide you with care.

Essex Partnership NHS University Foundation Trust is part of My Care Record, an approach to improving care by joining up health and care information. Health and care professionals from other services will be able to view information from the records we hold about you when it is needed for your care. Please see for more information.

We may use AI technology to support our clinicians in identifying potential health issues. The AI technology may be used to review the data to identify potential findings and assist the clinician in decision-making and in no way will replace the final decision of a clinician. In addition, we may also use AI technology as part of our system security initiatives. We will also abide by the code of practice regarding the use of digital and data-driven health technologies, please refer to “A Guide to Good Practice for Digital and Data-Driven Health Technologies” - GOV.UK (, Information Commissioners Office (ICO) guidance - Artificial intelligence | ICO, NHS England guidance - NHS England » Artificial intelligence (AI) and machine learning.

Essex Partnership University Trust (EPUT) and Mid and South Essex NHS Foundation Trust (MSEFT) are working together to launch the new patient portal in partnership with our third-party data processor, PKB.

Please see Patients Know Best for more information.

Get help?