DATA
So that you can receive appropriate care and treatment, we need to ask for your personal information
This information is recorded securely on computer and we are registered under the Data Protection Act. The practice will ensure that patient confidentiality is maintained at all times by all members of the practice team.
Sometimes it is necessary for the effective functioning of a multi-disciplinary team to share information within that team. More information on this and your health record is detailed below.
All patients have a right to access their health records. Contact the practice if you wish to have access.
The surgery confidentially records details of your consultations, medication and letters on an electronic clinical system. This is only shared with other organisations with your consent, although some relevant information may be shared with other health professionals when we refer you for further treatment.
Our reception and administrative staff may require access to your medical record in order to carry out their role. These members of staff are bound by the same rules on confidentiality as their clinical colleagues. Identifiable information about you will be shared with others in the following circumstances:
There have been developments to allow other healthcare professionals access to your records to improve the care you receive elsewhere.
Some data was uploaded to your Summary Care Record and this allowed hospitals and other healthcare providers, with your consent) to see limited but important information such as significant illnesses, repeat medication and allergies.
NHS England have also put a system in place to enable the NHS to use health information, sent from your record to a secure system along with your postcode and NHS number - but not your name. This allows those planning NHS services or carrying out medial research to use information from different parts of the NHS in a way which does not identify you.
If you have any concerns or wish to prevent this from happening, please let the practice know of visit the Care Data website page.
CARE DATA
NHS Digital & Care
Strict information governance standards are in place to protect patient data. All of our staff are trained to observe confidentiality standards and comply with strict data operating procedures.
You have the right to object to your information being shared. Should you wish to opt out of data collection.
Type 1 opt-out prevents information being shared outside a GP Practice for purposes other than direct care. A type 2 opt-out prevents information being shared outside NHS Digital for purposes beyond an individual's direct care.
If you wish to have further advice or help please contact a member of our reception team.
General Data Protection Regulations
GDPR
The GDPR is similar to the Data Protection Act (DPA) 1998 (which the practice already complies with), but strengthens many of the DPA’s principles. The main changes are:
Where we need your consent to process data, this consent must be freely given, specific, informed and unambiguous.
There are new protections for patient data:
The Information Commissioner's Office has confirmed that penalties will not be issued for delays in fulfilling a subject access request.
Please click the following button to access our Online Services options
The General Data Protection Regulations allows you to find out what information is held about you including information held within your medical records, either in electronic or physical format. This is known as the “right of subject access”. If you would like to have access to all or part of your records, you can make a request in writing.
You will need to give adequate information (for example full name, address, date of birth, NHS number and details of your request) so that your identity can be verified. You should however be aware that some details within your health records may be exempt from disclosure, however this will in the interests of your wellbeing or to protect the identity of a third party.
If you wish to have access to your medical records, please contact the surgery. If you have reviewed your medical record (you can apply to do this on-line, see the Online Services tab) and wish to object or request a change to the information we hold please contact us.
Once completed you need to return the form to the practice in person, bringing a recognised form of photo-ID, such as a passport or driver's license with you, so we can verify your identity.
Consent
We define consent as “any freely given specific and informed indication of wishes by which the data subject signifies their agreement to personal data relating to them being processed.”
This is to protect your right to privacy, and we may ask you to provide consent to do certain things, like contact you or record certain information about you for your clinical records. Individuals also have the right to withdraw their consent at any time.
Patient Data
The changes in GDPR mean that we must get explicit permission from patients when using their data, which is information that relates to a single person, such as diagnosis, name, age, earlier medical history etc. One of the considerations patients may make is about how their personal data is used and specifically whether it is shared, with consent, and under strictly controlled circumstances, with professionals outside the practice.
YOUR DATA MATTERS
Privacy Notice
One of the requirements of this legislation is that all organisations that hold personal data, whether that be data concerning patients, customers or employees, must make their policies and processes around personal information available in the form of a Privacy Notice.PRIVACY NOTICE
Confidentiality
Your confidentiality is very important to us, all NHS staff are bound by law and a strict code of confidentiality and we have strict controls in place to protect your information.
The Surgery's Caldicott Guardian is responsible for ensuring patients' confidentiality is respected. The GDPR also requires organisations to register a notification with the Information Commissioner to describe the purposes for which they process personal and sensitive information. This information is publicly available on the Information Commissioners Office (ICO) and the practice is registered with them.
ICO website
Our Data Protection Officer is B Jackson of N3i. Our Data Controller, responsible for keeping your information secure and confidential is the B. Jackson.