General Data Protection Regulation (GDPR)
The GDPR is a regulation that is applicable from 25th May 2018. It strengthens the protection of personal data.
The UK is enacting a Data Protection Bill which enshrines the provisions of the GDPR into UK law and establishes continuity of the GDPR in the UK post Brexit. The Data Protection Act will be repealed at this time.
What are Privacy Notices?
A privacy notice is a statement or a legal document (in privacy law) that discloses some or all of the ways a party gathers, uses, discloses, and manages a customer or client's data. It fulfills a legal requirement to protect a customer or client's privacy.
How we use your information
- We collect and hold data about you for the purpose of providing safe and effective healthcare
- Your information may be shared with other NHS organisations to audit services and help provide you with better care
- Information sharing is subject to strict agreements on how it is used.
- We will only share your information outside of NHS organisations with your consent*
- If you are happy with how we use your information you do not need to do anything.
- If you do not want your information to be used for any purpose beyond providing your care please let us know so we can code your record appropriately.
- You can object to sharing information with other health care providers but if this limits your treatment options we will tell you.
- Our guiding principle is that we are holding your information in the strictest confidence.
- For more information about who are our partner organisations and how your data is used please see more detailed information below or ask at reception.
* Unless the health & safety of others is at risk, the law requires it or it is required to carry out a statutory function.
Please see the links below for Privacy Notices that detail how your information may be used:
- Care and Health Information Exchange
- Communicating with Patients
- Diabetes Eye Screening Programme
- Direct Care (Routine Care and Referrals)
- Direct Care (Emergencies)
- National Screening Programs
- NHS Digital
- Public Health
- Risk Stratification
- SPCL Hubs
- Summary Care Records
Access To Medical Records
As a patient you have the right to request access to your medical records. Under the new GDPR we as a surgery can no longer charge you for this unless the request is deemed to be excessive (e.g. a repeat request).
The time period for us to comply with such a request is now one calendar month, reduced from 40 days.
If you would like to request access to your medical records, please download and complete the form opposite and hand this to reception.
National Data Opt-Out Programme
The National Data Opt-Out Programme is a new service that allows people to opt out of their confidential patient information being used for research and planning.
Should you wish to opt out of us sharing your information with programmes such as Care.data and Summary Care Record, please download and complete the opt-out form below and hand to a receptionist.