Proton beam therapy is an advanced form of external radiotherapy that uses high-energy proton beams instead of photon x-ray beams or electrons. Carefully measured doses of protons are delivered to the precise area needing treatment, using the latest IBA ProteusONE technology. This ensures that the delivery of proton beam therapy is highly accurate and prevents the risk of radiation reaching surrounding healthy tissue.
Radiotherapy is used to kill and destroy cancer cells. It utilises radiation in the form of high-energy x-rays, known as photons, to kill and damage the cancerous cells and prevent their growth and reproduction. It can be used as a non-surgical option to treat cancer, and it can also be used to shrink a tumour or in combination with other treatments.
The Rutherford Cancer Centres and Elekta are bringing the next generation of personalised adaptive radiotherapy technology to oncology centres across the UK, with the new MR-linac Elekta Unity now available at the Rutherford Cancer Centre North West in Liverpool.
Where the term ‘we’ or ‘us’ is used, this relates to Rutherford Health plc and Rutherford Cancer Care Limited (also referred to as Rutherford Cancer Centres in this document). Our nominated representative, for the purpose of data protection legislation, is our Data Protection Officer whose contact details can be found at the end of this policy.
The term ‘personal data’ relates to any information that can, or has the potential to, identify you as an individual such as your name, address, e-mail address, phone number. It also includes less obvious information such as identification numbers, electronic location data and other online identifiers. Certain types of personal data are referred to in data protection legislation as ‘special categories’ of personal data. This is because they are classed as more sensitive and require additional protection.
Such information includes information about an individual’s:
Trade union membership
Biometrics (where used for identification purposes)
We will process your personal data in line with data protection legislation as follows:
We will ensure that whenever we collect personal data it is adequate, relevant and not excessive in relation to the purpose for which it is being processed.
We will ensure information processed is accurate and kept up to date by asking you to confirm when you access our services that the information we hold about you is correct.
We will ensure that your personal data is kept in a form that allows us to identify you for clinical purposes but is not kept in an identifiable format for longer than is needed. Where we need to keep your identifiable data longer for scientific, research or statistical purposes we will ensure that the appropriate technical and organisational measures are applied to protect the confidentiality of the information.
We will ensure that the processing of your personal data is carried out securely and confidentially. This means that we have policies, procedures and training in place to ensure robust security controls are applied to the processing of your data.
We collect personal data and special category data (where relevant). The type and amount of personal data we collect will depend on our relationship with you as described below:
Making enquiries about our services
The types of information we will routinely collect on an enquiry will include:
Nature of enquiry
To help us deal with your enquiry we may also need to collect more detailed information about your personal circumstances and health such as:
Current health condition
GP and, or, consultant details
Information on current treatments
We may need to share your information with our team of healthcare professionals and medical practitioners to help us provide you with the most appropriate response to your enquiry.
Referrals and treatment
When an initial referral is received asking us to consider you for consultation and, or treatment, personal data is provided to us by the referring source. The sources from where we receive information may include, and are not limited to:
Clinicians (including their medical secretaries)
Hospital and healthcare provider establishments
Allied Health Professionals
Information that may be received may include your personal contact details, information on your medical history, diagnosis and conditions, this forms part of your health record. As part of the consultation and booking process we may also request and receive scans and images from other healthcare providers.
Personal data is collected and recorded electronically, and in paper form, as part of the booking and treatment process at the Rutherford Cancer Centres, and which is required as part of the contract for services. Failure to provide this type of data may result in the inability to provide our services.
Health records are created to record care and treatment received as a patient. The type of information collected and recorded in your health record may include and not limited to:
Personal data in relation to; your name, address, date of birth, ethnicity, contact details and next of kin.
Medical history, referral, diagnosis, tests, scans, images, treatment, information on appointments, GP and referring clinician.
Health records are created and stored under strict security and confidentiality controls which include unique system access to electronic records and physical security of hardcopy information.
Only information necessary for the arrangement and provision of treatment is collected. Information received and created is stored securely and is only accessed and shared by those involved in your treatment and care.
Roles involved in your treatment and care may include medical and administrative staff, finance staff responsible for coding and invoicing your treatment, multi-disciplinary care teams, clinical audit leads, consultants and private secretaries who are responsible for the administration of appointments.
Personal data in addition to health records
In addition to receiving information on your health status and condition, we will also process personal information that is required to prepare for, and to enter into, a contract for services. This may include payment method information, information from your insurers, agency, or commissioning body (where relevant).
Individuals captured on our CCTV system
We use CCTV cameras in the centres to protect the safety of our visitors, premises and our car parks. Personal images may be captured during recording. Signs are clearly displayed to inform visitors of CCTV recordings and recording will only be undertaken in public areas such as car parks and entrances to centres. All recordings are held securely and deleted after 30 days in line with our retention policy.
Under data protection legislation we must always have a lawful basis for using personal data and special category data (as described earlier). The law provides a set of lawful purposes for processing personal data, such as:
‘The processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.’ (The Contract Basis)
‘The data subject has given consent to the processing of his or her personal data for one or more specific purposes.’ (The Consent Basis)
‘Processing is necessary for compliance with a legal obligation to which the controller is subject.’ (The Legal Obligation Basis)
‘Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.’ (The Public Interest Basis)
‘The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.’ (The Legitimate Interests Basis)
When processing special category data there are different lawful purposes that also need to be identified, in addition to those set out above, such as:
‘Processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3.’ (The Health Care Basis)
‘Processing is necessary in order to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent.’ (The Vital Interests Basis)
‘Processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.’ (The Legal Claims Basis)
‘Processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law’ (The Substantial Public Interest Basis)
‘Processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy.’ (The Public Health Basis)
‘Processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) based on Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.’ (The Scientific Research Basis)
‘The data subject has given explicit consent to the processing of those personal data for one or more specified purposes.’ (The Explicit Consent Basis)
Depending on the reason for us processing your personal data, there may be several lawful purposes that will apply, and which may be relevant at different times. This section describes the lawful basis for processing personal data and special category data at the Rutherford Cancer Centres.
We set out below the lawful bases that we will rely upon. To make it easier to understand which of these applies to you we have specified the lawful bases for each of the categories of individual whose personal data we process.
Making enquiries about our services
When you contact us to enquire about our services and ask us for information with a view to receiving services from us the legal ground we will rely upon to process your personal data to deal with your enquiry and provide you with information will be The Contract Basis.
Where this involves processing any personal data relating to your health we will also rely on The Healthcare Basis for processing.
Referrals and treatment
Processing of Personal Data
When a referral is made to us for treatment, either by self-referral or from another source, we will enter into an agreement for services with you and accordingly we will be relying on The Contract Basis for many processing activities which are required for us to be able to fulfil that agreement. This will include matters such as information you of appointments, providing treatment and taking payment for our services.
If your treatment is carried out under a contract we have with the NHS and no contract is in place with you directly we will be acting on behalf of the NHS in these circumstances and will rely on The Public Interest Basis for processing your personal data in connection with your treatment.
As a provider of health care services, we are required to comply with a range of legal and regulatory requirements for the treatments and services we provide. These include and are not limited to; recording decisions made in relation to Ionising Radiation Protection (Medical Exposure) Regulations (IRMER), and creation of accurate records of the medicines administered to patients in line with the Medicines and Healthcare Products Regulatory Agency.
There may be occasions where complaints or claims are made against us or an independent medical practitioner. It is therefore important that accurate information has been recorded about the treatment provided to a patient as this may be required as part of investigating the complaint or claim.
In addition, various bodies regulate healthcare providers who have the legal powers to require information to be disclosed to them about patients as part of their audit processes. Where such access is given the information is reviewed under strict confidentiality requirements.
For personal data processed in these circumstances we will be relying on The Legal Obligation Basis for processing.
The processing of your personal data by us for research and development into proton therapy is in our commercial interests as a provider of healthcare services and our aim to contribute to broader societal benefits. The processing of your personal data for research and development enables us to provide you with an improved healthcare service to you, which is in our and your interests. In such circumstances we will be relying on The Legitimate Interests Basis for processing.
We support and participate in audit and research programmes to enable the analysis and measurement of the effectiveness of treatment. Therefore, information gathered as part of the provision of treatments will be reviewed by those responsible for internal audit programmes and, also reviewed by external regulating bodies such as Healthcare Inspectorate Wales and Care Quality Commission, during site inspections, and who are bound by confidentiality requirements.
We may also share anonymised and aggregated patient information with organisations such as the National Institute for Clinical Excellence, and research partners for research or statistical purposes. Any information shared for these purposes will be fully anonymised unless you have given us your consent to provide “identifiable” personal data, in which case we will rely on The Consent Basis for sharing the personal data.
Processing of Special Category Data
In the planning and delivery of our services, for internal research purposes and for providing treatment and services to you, it is necessary for us to process special category data in relation to you. In such circumstances we will also rely on The Health Care Basis for processing.
There may be situations where complaints or claims are made against us a company or against our independent medical practitioners and where the processing of special category data is necessary to respond to those complaints or claims.
The lawful purpose we would rely on for special category data in these circumstances is The Legal Claims Basis.
It is important to us that we monitor the accuracy and quality of treatment we provide. We undertake quality audits to ensure high standards of quality and safety in our health care provision. Therefore, personal data collected when you access our services may be reviewed by:
Internal auditors who will assess that information has been collected and recorded accurately
External auditors such as regulating bodies to check that accurate information has been recorded (where such audits are carried out, strict confidentiality guidelines are adhered to)
Insurance companies, where you have accessed our services under your insurance policy – specialist clinical roles within the insurance company may request certain data to check that we are providing a high quality clinical service for their customers
Commissioning bodies such as the NHS where we provide a contract for clinical services, may undertake audits on the quality of our care
Where this involves the processing of special category data we will also rely on The Public Health Basis to process the data. On occasion emergency medical care may be required but you are incapable of giving consent to the processing of the personal data for medical purposes.
For example, an individual is admitted to an A&E department of a hospital with life-threatening injuries following an accident, and the hospital requires disclosure from the Rutherford Cancer Centres of the individual’s medical history. In such circumstances and in other emergency situations we will rely on The Vital Interests Basis for processing the personal data.
There may be circumstances where we require your consent such as involvement in specific research projects. In such circumstances we will ensure we provide you with full information to allow you to make an informed decision and will only process your personal data in this way where we can rely on The Explicit Consent Basis for processing.
Use of Data for Cancer Registration
As a UK resident when you are diagnosed with cancer some information about you and your cancer is collected by your national cancer registry. Each country in the UK has its own national cancer registry for its resident population. The registries contain information about each person who has been diagnosed with cancer. Information is collected at a national level and is used to record how many people are diagnosed with cancer, what treatments they have and how well treatments work. It is used to provide national cancer statistics, plan and monitor NHS cancer services, find where new cancer services or improvements are needed and help with research into cancer, for example into potential causes or new treatments. Each cancer registry is authorised, by law, to collect this information and strict rules are imposed to make sure the information collected is kept under the highest levels of security.
The registry contains information about each person who has been diagnosed with cancer including: - name, address, date of birth, type of cancer, when and how you were diagnosed, what treatments you have had. Personal information, such as your name and address, is collected to make sure that all the information about you is accurately linked together. Collectively this information is used to provide national cancer statistics, plan and monitor NHS cancer services, find where new cancer services or improvements are needed, and help with research into cancer. Reports used for analysis are always anonymous and will never identify individuals even if they have a rare cancer.
Rutherford Cancer Centres enter into agreements with national cancer registries to send the minimum amount of personal data needed for entry into the register. The lawful basis we use are:
‘Processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) based on Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.’ (The Scientific Research Basis)’.
‘Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller’ (The Public Interest Basis).
Only the minimal amount of personal data needed for the research purpose will be processed and where possible any personal data will be pseudonymised.
For patients attending our Rutherford Cancer Centre South Wales we submit data to the Welsh Cancer Intelligence and Surveillance Unit (WCISU). You have the right to opt out of your data being processed by the Welsh Cancer Registry and you can contact them at WCISU.enquires@Wales.nhs.uk.
Individuals captured on our CCTV system
We process the personal data captured by the CCTV system:
to prevent crime and protect buildings and assets from damage, disruption, vandalism and other crime for the personal safety of staff, visitors and other members of the public, and to act as a deterrent against crime.
The images may be shared with the police, prosecution agencies or relevant legal representatives.
We will rely on The Legitimate Interests Basis to record and process and share the CCTV images. Our specific legitimate interests are the prevention of crime, protection of property and safety of individuals. Where the processing involves special category data we will also rely upon The Substantial Public Interest Basis, namely that the processing is necessary to prevent or detect an unlawful act.
Individuals who contact us by telephone
We record our telephone calls for quality and training purposes. We will rely on The Legitimate Interests Basis for processing your personal data. Our specific legitimate interest is the business need to maintain and improve the quality of our service. Where the processing involves special category data we will only do so where we can rely on The Express Consent Basis for processing.
We employ a range of healthcare professionals to deliver our services, including nurses, radiographers, physicists, dosimetrists, play therapists, medical advisors, and a range of administrative roles.
In addition to our employed staff, medical practitioners and allied health professionals register with us to hold a private practice licence. Medical practitioners (often referred to as consultants) and allied health professionals are self-employed independent practitioners who must comply with our policies and procedures and ensure the safe processing of information within their private practice. You will be provided with information about their services and fees as part of the booking process.
At all times, healthcare professionals are responsible for complying with data protection legislation when handling your personal data, including any processing carried out by their private secretaries.
They are bound by our confidentiality and security policies, and applicable medical confidentiality guidelines, as well as their own codes of practice issued by their respective professional and regulating bodies which include the Health and Care Professions Council, General Medical Council, Nursing and Midwifery Council.
Disclosures within the company
Rutherford Cancer Care Limited is a subsidiary of Rutherford Health plc, accompany based in the UK. Rutherford Health plc provides central resources Rutherford Cancer Care Limited and the Rutherford Cancer Centres including finance, governance, internal auditing, senior management, marketing, health and safety and business development.
Types of processing of personal data that is undertaken by Rutherford Health plc may include and not limited to; invoicing and accounting, review of records in relation to internal audit, review of health, safety and clinical incidents, management of mailing lists where individuals have opted in, review and management of complaints.
Access to your personal data and your health information is strictly controlled to ensure access is only allowed to those roles that require access and is in line with the lawful processes described in this policy. Sharing of your personal data with Rutherford Health plc will usually be for company administrative purposes and in such circumstances we will rely on The Legitimate Interests Basisfor sharing the information. Our specific legitimate interests are that it is commercially beneficial to have centralised responsibility for accounts and that it is beneficial to review matters and conduct audits across the group in order to ensure consistency of approach and standards.
Where special category personal data is shared this will be done based on The Legal Claims Basis, The Public Health Basis, The Health Care Basis or The Scientific Research Basis. If none of these legal bases are applicable, we will seek your Express Consent before sharing the information.
Sharing with other Healthcare Organisations
For your benefit, we may need to share your personal data as part of your treatment and care with other healthcare organisations e.g. your GP, NHS, ambulance services, and organisations who provide support services to us (diagnostic services, wellbeing services etc.).
Any sharing of personal data will only be undertaken where it is deemed ‘necessary’ in relation to your care and treatment and, where such data sharing is undertaken, contracts and data sharing agreements will be in place with the third party which stipulate the confidentiality and security and use of data shared.
Routine disclosures of personal data may include disclosures to:
Clinical roles involved with the planning and treatment of your care
Medical practitioners who review and advise on your treatment and care
Support roles such as bookings and reception staff and enquiry handlers
Individuals you have identified as emergency contacts
Your clinician overseeing your care and their medical secretaries
If you are receiving proton beam therapy your personal data and special category personal data will be shared with relevant clinicians at the University of Pennsylvania Health System (‘UPHS’) for the purposes of reviewing your proposed treatment plan and providing recommendations to us in relation to the proposed treatment plan. UPHS is a world-renowned health system and its Department of Radiation Oncology is a leader in proton therapy. We consider that it is in your legitimate interests and in ours to obtain UHPS’ input into your treatment plan. The legal bases we will rely upon for sharing your personal and special category data with UPHS and other Healthcare Organisations are the Legitimate Interests Basis and the Health Care Basis.
Where you access services through your insurance policies, we will liaise with your insurer over your treatment and care and may be required to disclose information for the purpose of quality assurance
We will rely on The Legitimate Interests Basis for sharing the information. Our specific legitimate interests are that it is in your interests and ours that you have complete healthcare provision and that sharing with other health professionals will allow a consistent approach and to ensure that treatments are compatible.
Where special category personal data is shared this will be done based on The Public Health Basis, The Health Care Basis or The Scientific Research Basis. If none of these legal bases are applicable, we will seek your Express Consent before sharing the information.
We may also share your personal information with family or friends that you have given us as emergency contacts. We will rely on The Consent Basis and/or Explicit Consent Basis for sharing our personal information in these circumstances.
Within the day to day running of our business, we may use third party organisations to support the essential delivery of services. These may be; IT service providers, storage & shredding companies, debt management companies.
Where third party organisations are used, who may have access to your personal data, we ensure that a contract is in place and security checks are undertaken.
We may also be required to share personal information to prevent fraud and to assist the police in the prevention and detection of a crime.
We do not routinely transfer your personal data outside the EEA. However, rest assured that if we do transfer your personal data outside the EEA, we will use one of these safeguards to make sure it is protected:
We will only transfer it to a non-EEA country which the European Commission has decided has an adequate level of protection for personal data; or
We will put a written contract in place between us and the recipient that incorporates EC model clauses relating to the transfer of personal data outside the EEA; or
We will obtain your specific consent to the transfer.
If you are receiving proton beam therapy, as explained above your personal data will be shared with clinicians at UPHS. This means that your personal data will be transferred outside the EEA to the United States of America. We have entered into a written contract with UPHS which incorporates European Commission model clauses. These model clauses place obligations on UPHS in terms of ensuring appropriate security measures are in place to protect your personal data. A copy of the model clauses used can be found here https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en should you require further information.
We may communicate with you by letter, telephone, email, or text. We will ask you which method of communication you prefer. It is important that you provide us with accurate information so that we can ensure the information we relay to you is done so in a confidential manner.
Where you request to receive all your information by email we may not be able to guarantee the security of information sent over the internet but will discuss with you the options for password protecting and encryption of confidential health information that are sent by email.
It is important that we review and assess the quality of our services. Therefore, where you have accessed our services, we may contact you to ask you to complete a patient satisfaction survey.
It is also important that we monitor the outcomes of treatments provided, this is known as Patient Reported Outcome Measures (PROMS). To monitor outcomes, we may ask you to complete questionnaires relating to your health and quality of life or be interviewed over a period of time. We will talk to you about this during your treatment.
All employees are bound by contractual confidentiality clauses in employment contracts, receive mandatory training in data protection and confidentiality and process information under the direction of mandatory policies and procedures. Audits are carried out to ensure information recorded and created is accurate, up to date and kept securely.
We would like to keep you updated on the services and treatments that we provide at our cancer centres but will only do this where you have opted in to receive such updates in which circumstances we will rely on The Consent Basis for the processing. When you access our services you are provided with an option to join our mailing list. You may also have the opportunity to opt in through links or forms when you visit our website or when you complete a registration form as part of your treatment. When you opt in to receive information on our services, should you wish to stop receiving updates you can contact us and we will remove you from any mailing lists.
We never share or sell your data to external marketing companies.
The right to access your personal information
You may contact us to request details of the type of processing we carry out on your personal data and a copy of the personal information which we hold about you. This is known as a Subject Access Request and must be submitted in writing to either the centre manager at the Rutherford Cancer Centre where you have accessed services or directly to the Data Protection Officer at the address shown below.
We must process your request within one month of receipt of the request, however, if it is a complex request we may need to extend this by up to two months. You will be kept informed if an extension is required.
The right to rectification
You have the right to have incorrect personal information amended or completed if it is incomplete.
The right to erasure
You have the right to request that we delete the personal information we hold about you. However, there are exceptions to this and in certain circumstances we may not be able to comply with your request. For example, the right of erasure of personal information does not apply to special category data where it is being processed for medical diagnosis and the provision of health and social care.
The right to restrict processing
You have the right to limit the way we use your personal information in certain circumstances. For example, this may occur if:
you have asked us to amend inaccurate information and we need to verify the accuracy or
you feel that your information has been unlawfully processed
The right to data portability
Where we are processing personal data purely in electronic format, there may be circumstances where you can request to have your data transferred (if technically possible) to another individual or organisation of your choice in an electronic format.
The right to object
You have the right to object to the processing of your personal data in certain circumstances:
You can ask us to stop processing your personal data for direct marketing at any time. When we receive an objection to processing for direct marketing we must stop processing your data for this purpose.
You have the right to object to us processing your personal data for our legitimate interests (i.e. our business reasons) however you must give specific reasons to why you are objecting. We may not be able to meet your request depending on the reasons stated.
The right to withdraw consent
Where we rely on the Consent Basis or the Explicit Consent Basis to process your personal data you have the right to withdraw your consent to the processing at any time. Any withdrawal of consent will not affect the lawfulness of any processing which has already taken place before the consent was withdrawn.
Automatic decision-making and profiling
Decisions on treatment will be made, by healthcare professionals, on an individual case-by-case basis. We do not use automated decision-making tools or profiling when you provide us with personal information
Under data protection legislation personal data must only be processed for as long as it is necessary and not kept for an excessive period of time. The following table provides information on the retention periods for the type of data routinely processed at the Rutherford Cancer Centres. To ensure we can always provide the highest level of care and to ensure that we can monitor outcomes and conditions over a long period of time it is fundamental that certain information about individuals’ health is maintained so that it can be referred to at a later date.
Type of record
Oncology records of any patient
Minimum of 30 years or 8 years after death of patient
All other medical records
In relation to clinical need
CCTV (which is installed in areas such as car park, waiting room, clinical corridors)
Maximum of 30 days
Credit card details (no outstanding debt on patient’s account)
Credit card details (outstanding debt on patient’s account)
Invoices to patient
Patient email enquiries
Subject access request (SAR)
Subject access request (SAR) if there has been an appeal
Referrals not accepted
2 years as an ephemeral record
Call recording (may be used for clinical negligence purposes)
Recorded conversation (forms part of health record)