Warning icon The browser that you are currently trying to use to access the HCAI DCS system is not a compatible browser version.

HCAI DCS system is best viewed in Internet Explorer 9, 10, 11, Firefox, Google Chrome and Microsoft Edge.
Help | AAA
Frequently Asked Questions
D. Common
PII
PII - FAQ0001

Q: How do PHE comply with the Data Protection Act 2018?

A: PHE’s use of personal information is clearly covered by our “Personal information charter”. It explains how PHE processes and stores personal information. It explains how this information is used, what it’s used for and how it’s handled. It also contains information about how to opt out of data collection/retention. The Personal Information Charter can be found here

The legal basis for processing this data is provided by Regulation 3 of Section 251 of the NHS Act (2006) (originally enacted under Section 60 of the Health and Social Care Act 2001). Further information including the rationale for this is provided here

PII - FAQ0002

Q: Can I send the patients details via email?

A: As a user of the Healthcare Associated Infection (HCAI) Data Capture System (DCS), you have a contractual and legal responsibility for ensuring that you handle and manage Patient Identifiable Information (PII) (such as NHS numbers and DOB) from this system in compliance with the Caldicott Principles and Data Protection Act (1998). PII should not be sent over email as this could subsequently cause an information security breach and is not in compliance with the Data Protection Act (1998).

If necessary, please send any PII:
  • via a nhs.net account to another nhs.net account
  • in an attached password protected document. With the password sent in a separate email.

PII - FAQ0003

Q: Are we able to devolve the logins to a third party to access the data on the CCGs behalf?

A: HCAI Data Capture System (DCS) accounts are designed to allow each individual to have a separate login. Users must register using their professional email addresses which are used as their user name every time they login. Individual logins provide an audit trail of all actions carried out on the HCAI DCS. This means login details should not be shared.