Staff Login

The NHS Care Record Guarantee

The NHS Care Record Guarantee

The NHS Care Record Guarantee for England sets out the rules that govern how patient information is used in the NHS and what control the patient can have over this. It covers people’s access to their own records, controls on others’ access, how access will be monitored and policed, options people have to further limit access, access in an emergency and what happens when someone cannot make decisions for themselves. Everyone who works for the NHS, or for organisations delivering services under contract to the NHS, must comply with this guarantee. 

Your rights

We will ensure your rights are respected. You have the right to: 

  • Be informed – we will tell you what we do with your information. We do this through notices like this, service information leaflets, notices on our website and posters
  • Rectification - we will correct any personal information if it is inaccurate or rectify any data that is incomplete
  • Object – you have the right to object how we process your information. Your objection will be considered in relation to your particular situation. We will stop processing unless there is a legitimate reason for us not to e.g. we need to process your data to provide you with safe care.

    If you would like to raise an objection about how we process your information, please speak to your health professional or alternatively write/email the Information Governance Team at the below address.
  • Restrict processing - we will temporarily restrict processing your data, whilst we check the information, if you query the accuracy of it. We will also restrict processing (if you raise an objection to how we process your data) whilst we consider your objection.
  • Access – you can ask for copies of information we hold about you. This is called a subject access request.

How you can access your records

If you would like to request a copy of your medical record, please complete our access to record form which can be found in the useful information section or on the access to records page . Send the form to Access to Records Team at 5 Beacon Way Brighton Street, Hull, HU3 4AE or email / write to us at

If you are registered with a CHCP GP, you can view your GP record online. For more information to register for an online account, please visit their website or contact your GP Practice.

Humber Information Sharing Charter

City Health Care Partnership has signed to participate in the Humber Information Sharing Charter. All orgainsation who sign the Charter, accept we need to the share information in the most effective and secure way. The Charter details the rules about how local organisations share information.

To find out more information or to view the list of signatures please see the link:

SMS Text Messaging

Your contact details are important to us, meaning that we can contact you in regard to appointment bookings, appointment cancellations and as a means of reminding you of your forthcoming appointments.  The contact information we store will only be used by us in relation to your healthcare and we will not pass on your information to any other party other than the third-party company used to deliver our free of charge appointment reminder service. They are also obliged to keep your information secure and used only for that purpose.

Sending Data to other countries

Sometimes your data may be processed outside the UK. In most circumstances it will remain within the European Economic Area (EEA) and will have the same protection as if processed within this country.  When this is outside the EEA we will identify the data protections in place prior to transfer.

How long we keep your information

All personal information will be kept in line with the retention periods in the Department of Health Records Management Code of Practice for Health and Social Care Records 2021, Once paper records have reached their retention date, they are destroyed in line with the policy. Electronic records are archived. Please see the useful information section for a copy or alternatively it can be found at: 

Data Privacy Impact Assessments (DPIA)

The Data Protection Impact Assessment (DPIA) is a process which helps assess privacy risks to individuals in the collection, use and disclosure of information. DPIAs help identify privacy risks, foresee problems and bring forward solutions. This is a requirement under the General Data Protection Regulation and Data Protection Act 2018.

Listed below are Data Privacy Impact Assessments:

NHS Mail Office 365
Humber Long Covid Triage and Assessment Service
Access to CPD
Insight 3D Wound Management
Access People Planner