We aim to provide you with the best possible care. In order to do this we must keep records. These may include:

  • Basic details about you such as address, date of birth, ethnicity, NHS number and next of kin
  • Contact we have had with you such as clinical visits
  • Notes and reports about your health
  • Results of investigations such as laboratory tests and X-rays
  • Relevant information including information from people who care for you and know you well, such as health professionals and relatives.

Information is recorded on paper and computer systems.

Core healthcare records are kept in computer form within secure and approved database systems. These systems meet strict security standards and cannot be accessed by anyone without permission. We continue to keep paper records for some purposes and they are stored securely.

Everyone working for the NHS has a legal duty to maintain the highest level of confidentiality.

We need it to ensure that:

  • You receive the best possible care.
  • Doctors, nurses or other healthcare professionals involved in your care have accurate information to assess your health and future care needs.
  • Full information is available should you see another doctor, or be referred to a specialist or another part of the NHS.
  • There is a good basis for assessing the type and quality of care you have received.
  • Your concerns can be properly investigated if you need to complain.


  • Clerical staff, receptionists and secretarial staff will need to use information in your records to carry out administrative tasks, such as booking appointments and communicating with you and other parts of the NHS. (For instance, we may use your mobile phone details to provide a text messaging reminder service to notify you in advance of your appointment).

NHS staff who provide care should always:

  • Discuss and agree with you what they are going to record about you
  • Give you a copy of letters they are writing about you, if you ask
  • Show you what they have recorded about you, if you ask
  • Ask for your consent to share information with other healthcare professionals

The health professionals who care for you use your records to:

  • Provide a good basis for all health decisions made by you and healthcare professionals
  • Make sure your care is safe and effective
  • Work effectively with others providing your care

We may also need to use records about you to:

  • Assess the quality of care you receive through clinical audits
  • Help investigate any concerns or complaints you or your family have about your healthcare
  • Make sure our services can meet patient needs in the future
  • Teach and train health professionals
  • Fund, develop and plan our services to you
  • Protect the health of the general public

The Trust uses mainly electronic care records to store information about patients, called SystmOne. In sexual health services we moved to  moved to a system called Cellma in December 2014.

Within the Trust we operate a ‘need to know’ policy. Your information will only be seen by those who need to see it and they will only be given access to the minimum information required.

If care is provided by other agencies such as social services we will share information with them inasfar as it supports your care. If you are involved with other agencies for non-health reasons (such as housing, for instance) we will only share information with your permission.

Today, health and social care is delivered by different organisations that work separately. Organisational boundaries can make it more difficult for professionals to work together to provide the kind of high quality, joined up support that people expect and want. In London and nationally there are several programmes to make sure that your records are shared among all organisations providing care to you. If you don’t want your records to be shared via these programmes you can withhold your consent.

We will never share information with your friends, colleagues or neighbours without your consent and we will not pass on information to your family if you do not want us to.

If your welfare is at risk we will share information in order to help you. We will also share relevant information if we are legally required to do so.

Our services are regularly inspected by the Care Quality Commission, who have the responsibility to assess the quality of our services, and as part of that process the CQC may request access to your clinical records.

We have a responsibility to:

  • Safeguard the privacy of your information
  • Make sure that your information is as accurate as possible
  • Ensure that your information is kept secure

You have the right to:

  • Expect your healthcare records to remain confidential.
  • Expect us to provide you with access to your own information on request. However, you should be aware that in some cases your right to see some details in your health records may be limited legally under the Data Protection Act 1998.
  • Expect us to correct any facts in your records that are inaccurate.

We are happy to facilitate access to your records. We can provide informal access through your doctor or other practitioner. Just ask to see your recent notes (less than 40 days old) and they will discuss them with you.

We can provide you with copies of your information too if you make a formal request:

Request access to your health records (opens DOC)

Please fully complete the form and send it, along with acceptable proof of identity (as listed on the form), to the site at which you had your most recent appointment, or to the address below if you are unsure:

Health Records
Central and North West London NHS Foundation Trust
Gordon Hospital
Bloomburg Street

London SW1V 2RH

On receipt of your completed request, and proof of identity, we will commence the process of dealing with your request; this process will normally take up to one month.

Before health records can be viewed or released there are a number of processes that we are legally obliged to follow under the Data Protection (Subject Access Modification) (Health) Order 2000. This includes reviewing the notes for any information that may cause serious harm and any third party information.

Possible charges

Initial access is provided free of charge.

For further requests for the same information a reasonable fee may be charged to cover CNWL administration costs. 

A reasonable fee can also be charged where the request is 'manifestly unfounded.' 'Excessive ' or under the Access to Health Records Act 1990.

We may also refuse the request where it is 'manifestly unfounded' 'or excessive.' 

More information

If you need more information or have any questions, please contact the Senior Information Governance Officer on email healthrecords.cnwl@nhs.net

How do I complain about the contents of my records?

If you think that your current records contain inaccurate information, you should contact the health professional treating you and ask for it to be amended.

If you request to have your records amended, and we feel unable to make the amendment, we will attach a statement of your views to your records.
Apply to have information amended or removed from your health record (opens DOC)

If you are still not happy with the outcome, you can make written requests to the Information Commissioner (the authority responsible for regulating and enforcing the Data Protection Act) at the following address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Cheshire SK9 5AF

Telephone: 0303 123 1113