National Infected Blood Psychology Support Service
(Date created: 13/02/2026)
This notice explains how your personal data will be collected, stored and shared when you use the national Infected Blood Psychological Service (IBPS). It also explains your rights, such as how you can ask for a copy of your IBPS records.
Newcastle upon Tyne Hospitals NHS Foundation Trust leads the IBPS programme nationally and manages the IBPS systems alongside other IBPS Provider Trusts (as Joint Controllers). All involved Trusts are registered with the Information Commissioner’s Office (ICO) and acknowledge their statutory responsibilities under data protection laws.
Who is collecting your data?
Your personal data will be collected when you engage with our services, such as:
- If you submit a self-referral via the national telephone line or website
- If you have been referred to IBPS (e.g. by your local hospital)
- If you engage with an IBPS care navigator or psychologist
- Completing IBPS digital questionnaires (e.g. Goal-Based Outcomes)
What data do we collect?
We collect and process the following data:
- Identifiable details (e.g. your name, date of birth, title)
- Contact details (e.g. address, phone number, email)
- Health and wellbeing information relevant to your psychological needs (e.g. session notes, peer support offered)
- Information about your preferences for service location and provider (e.g. venue, virtual or in-person sessions attended)
- Any accessibility or support needs (e.g. preferred language, communication preferences)
Why do we collect your data?
We collect your data to:
- Assess your eligibility and clinical need(s)
- Provide you with psychological support services
- Manage your referral to your chosen or most appropriate NHS provider
The records collected will help ensure you receive the best possible care from us. If we do not have accurate up to date information, this may impact on the services that we provide to you.
We may also need to keep certain information to meet legal requirements. If we receive your data from another source, and not directly ourselves, this will be clearly stated to you.
What is our lawful basis for processing personal data?
Everyone working to deliver the Infected Blood Psychological Service has a legal duty to use and keep information about you confidential. A full list of IBPS Provider Trusts has been set out in Annex 1 of this Privacy Notice.
We only use your data when the law allows us to. This includes using it to provide care and support. Data Protection laws set out the conditions for lawful processing of personal data. All IBPS Provider Trusts will process your personal data under the following lawful conditions:
Personal data:
- UK GDPR Article 6(1)(e): Performance of an official task (direct care)
Special Category (Sensitive) data:
- UK GDPR Article 9(2)(h): Provision of health or social care
Who do we share your data with?
We may share your data with:
- Other NHS Trusts involved in your care (as Joint Controllers)
- Approved service providers e.g. Citizens Advice
We only share what is necessary and always under strict data protection agreements. All data sharing is:
- For direct care only
- Limited to what is necessary and proportionate
- Governed by appropriate information governance and data protection agreements
- Compliant with relevant laws and regulations
How is your data stored?
Newcastle Hospitals and NHS England have carefully assessed the systems used to store your data and to make sure they are good and safe for all other IBPS Provider Trusts to use.
All personal data collected is stored securely within dedicated, externally hosted NHS-approved systems. All systems meet NHS and UK data security standards. No IBPS service user data will be stored outside of the UK.
Access to stored data within IBPS systems is subject to robust access controls, with routine monitoring conducted by Newcastle Hospitals as Programme Lead.
How long will we keep your data?
We keep your IBPS records in line with the NHS Records Management Guidelines. Psychological care records are usually kept for 20 years after your last contact, unless there’s a reason to keep them longer.
Your rights under UK GDPR
You have the right to:
- Access your personal data
- Request correction of inaccurate data
- Request removal or deletion (in some circumstances)
- Object to processing (in limited cases)
To exercise any of your rights, please contact the organisation providing your care.
National IBPS Provider Trust Contact information
Infected Blood Psychological Service
The Newcastle upon Tyne Hospitals NHS Foundation Trust
Royal Victoria Infirmary,
Queen Victoria Road,
Newcastle upon Tyne,
NE1 4LP
Julia Scott, Data Protection Officer, NUTH.DPO@nhs.net
Annex 1 – IBPS Provider Trusts
| Region | Provider Type | Service Provider |
| North East & Yorkshire | National, Regional & Local | The Newcastle upon Tyne Hospitals NHS Foundation Trust |
| Local | Leeds Teaching Hospitals NHS Trust | |
| Local | Sheffield Teaching Hospitals NHS Foundation Trust | |
| North West | Regional & Local | Liverpool University Hospitals NHS Foundation Trust |
| Local | Manchester University NHS Foundation Trust | |
| Midlands | Regional & Local | University Hospitals Birmingham NHS Trust |
| Regional & Local | University Hospitals of Leicester NHS Trust | |
| East of England | Regional & Local | Cambridge University Hospitals NHS Foundation Trust |
| London | Regional & Local | Barts Health NHS Trust |
| Regional & Local | Guys & St Thomas’ NHS Foundation Trust | |
| Regional & Local | Royal Free London NHS Foundation Trust | |
| South East | Local | East Kent Hospitals University NHS Foundation Trust |
| Regional & Local | Hampshire Hospitals NHS Foundation Trust | |
| Regional & Local | Oxford University Hospitals NHS Foundation Trust | |
| Local | University Hospital Southampton NHS Foundation Trust | |
| South West | Regional & Local | University Hospitals Bristol & Weston NHS Foundation Trust |