Donate Shop online Refer Work with Us

Managing Your information

Caldicott Guardian

At Thames Hospice the Director of Nursing and Family Services, Lisa Church, is our Caldicott Guardian. A Caldicott Guardian is a senior person responsible for protecting the confidentiality of people’s health and care information and making sure it is used properly. Organisations and local authorities that provide health and/or social services must have a Caldicott Guardian. Please contact our Caldicott Guardian here.

Caldicott Guardians will often refer to the seven Caldicott principles:

  1. Justify the purpose(s) - Every single proposed use or transfer of patient identifiable information within or from an organisation should be clearly defined and scrutinised, with continuing uses regularly reviewed.
  2. Do not use patient identifiable information unless it is necessary.
  3. Use the minimum necessary patient-identifiable information.
  4. Access to patient identifiable information should be on a strict need-to-know basis.
  5. Everyone with access to patient identifiable information should be aware of his or her responsibilities.
  6. Every use of patient identifiable information must be lawful.
  7. The duty to share information can be as important as the duty to protect patient confidentiality.


A Senior Information Risk Owner (SIRO) is a senior manager who is familiar with and takes ownership of the organisation’s information risk policy and acts as advocate for information risk on behalf of our Board of Trustees. The Thames Hospice SIRO is Debbie Raven, who is our CEO.

Data Protection Officer

A Data Protection Officer (DPO) is a role required by the General Data Protection Regulation (GDPR). The Thames Hospice DPO is responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements. The Thames Hospice DPO is also responsible for educating the Hospice and its staff and volunteers on important compliance requirements, for training staff involved in data processing, and for conducting regular security audits. Our DPO also serves as the point of contact between Thames Hospice and the Office of the Information Commissioner. Juliana Luxton, our Head of Governance and Quality, is the Thames Hospice Data Protection Officer - she has expert knowledge of data protection law and practices.

Click here, to see our Privacy and Cookie Policy and our Privacy and Patient Information Policy. Please contact the Data Protection Office here.