Privacy notice

The South Yorkshire and Bassetlaw Integrated Care System, as a non-legal entity, is currently hosted by NHS Sheffield Clinical Commissioning Group. As such, we adhere to the same policies, procedures and approach to information governance as our hosts. 

The below information is published on the NHS Sheffield Clinical Commissioning Group website. 

The Clinical Commissioning Group has access to the centrally held data but without any names, addresses or other personally identifiable data (but it may contain the NHS number for restricted internal use, and for sharing with your GP). This data is used for producing statistical information to monitor NHS performance and to help plan services.

The CCG may also have access to some limited personal data where you have given your consent for us to use it for an agreed purpose (for example, to investigate a complaint)

The CCG’s approach to information governance in relation to the use and handling of patient level health and social care data (including risk stratification), and your rights to opt out of data sharing, are described below.

Your Information and how we use it

Fair Processing / Privacy Notice for Patients

Please find the Fair Processing / Privacy Notice for Patients here. You can also find a Internet version of the Fair Processing / Privacy Notice for Patients below. 


  1. What is a Fair Processing or Privacy Notice?
  2. Who are we and what do we do?
  3. Why we collect information about you?
  4. How we use your information
  5. Sharing Information with others
  6. Data Processing
  7. Keeping information secure and confidential
  8. Your right to withdraw consent / opt out of processing your personal information
  9. How can you get access to information held about you?
  10. Data Protection Act Notification
  11. Your Rights
  12. Contact for Further Information

Queries Regarding Data Protection Issues

New legislation (General Data Protection Regulation and Data Protection Act 2018) mandates that the CCG appoint a Data Protection Officer (DPO).This is because we are a public body.

The DPO will assist us to monitor internal compliance, inform and advise on data protection obligations and act as a contact point for data subjects (members of the public and employees) where there are concerns or queries regarding Data Protection.  The DPO will also act as a contact point for communication with the Information Commissioner’s Office.

The CCG has appointed a shared service to deliver the DPO role provided by eMBED Health Consortium.

If you wish to contact the DPO then please use the following contact details stating in the heading which organisation you are enquiring about: