Information Governance Team

The Information Governance Team are part of Manx Care.  The team consists of the Data Protection Officer (DPO) / Information Governance Manager, an Information Governance Officer and an Information Assurance Officer and an Information Assistant, all of whom are based at Crookall House.

The Team provides a framework that brings together all the legal rules, guidance and best practice that apply to the handling of information.  At its heart the Information Governance Team is about setting a high standard for the handling of information and giving Manx Care the tools to achieve that standard.  The ultimate aim is to demonstrate that Manx Care can be trusted to maintain the confidentiality and security of personal information by helping our staff to practice good information governance and to be consistent in the way that they handle personal and corporate information.

The Information Governance Team focus on data protection and confidentiality, information security, information quality and corporate information, providing advice, training and practical support to colleagues in and out of Manx Care, as well as fulfilling our responsibilities to Tynwald, Cabinet office, Department of Health and Social Care and the Information Commissioner as well as providing the public with advice and access to records and information.

Subject Access Requests (SAR)

You have the right to ask for a copy of your health and/or social care records and any other personal information that we may hold about you, such as employment or training records.

Such requests will be dealt with as a subject access request under Data Protection legislation.  We are obliged to provide within 30 days unless an exemption applies.

Limited rights of access to health records of deceased persons are provided under the Access to Health Records and Reports Act 1993.

It would be helpful if you could complete the Subject Access Request Form, or alternatively you can email or write to the team.  To assist the team to locate the information you  need can you please specify the personal information you require, and any time periods eg I would like a copy of my Noble’s Hospital record from 1^st April 2012 to date.  Please ensure you include proof of identity.

As the data controller, we need to ensure that the request is actually from the data subject concerned.  Proof of identity will usually consist of a copy of a formal document or bill with your name and address on it and your driving licence or passport.

If your request relates to other personal information, we may reasonably require further information from you in order to locate the information you are seeking.

Where subject access requests are complex, we are able to extend the response period by a further two months.  Where this is the case, we will inform you of our intention to extend the deadline and outline our reasons for doing so.

There may be some circumstances, where an exemption is applicable under GDPR, when we will not be able to provide you with the information that you have requested.  We will not be able to provide any information which might identify another individual (third party information), unless that person agrees.

Access to Health Records Requests (AHR)

The Access to Health Records and Reports Act 1993 enables certain people with a statutory right to apply for access to information contained within a deceased person’s health record.

We are only able to disclose the record to the patient’s personal representative (which is usually the executor or administrator of the deceased person’s estate), or any person that can establish that they are seeking a claim, arising out of the patient’s death. Individuals requesting access to a deceased patient’s health information should be able to demonstrate a legitimate purpose for the information to be disclosed.

We appreciate that this is likely to be a distressing time for relatives to the deceased, and we want to make the process of applying to see the relevant records as easy as possible.

We will not disclose any information that the deceased patient has specifically requested to remain confidential.  We will also be mindful not to disclose information that will cause physical or mental distress or detriment to any living individual.

Further guidance on making a request can be found in the Access to Health Records and Reports Form, alternatively you can email or write to the team.

Changing your details

It is very important for Manx Care to have your correct contact details.  Please notify us of any changes to your personal details.

Changes can include a new home address, a change of name or your mobile phone number and changing your GP (even if you haven’t changed surgeries).

Please complete the Change of Details Form, or alternatively you can email or write to the team. This will help us to keep our records up to date and enable us to contact you directly should we need to do so.

Please let us know what health and social care professionals, eg health visitor, social worker, consultant, mental health professional you have been involved with and we will pass your change(s) of information to them.

Please also remember to inform your GP any change of details as their practice is separate from Manx Care.

Data Accuracy

If you think that any facts about you, or your family are not correct you should tell us and if they are incorrect they will be amended.  If you do not agree with something written about you, your views can be added to the record.

Where can you get more help

You can speak with the member of staff you are working with at any time. You can also contact the Information Governance Team: