How we use your personal information
fair processing notice explains why the practice collects information about you
and how that information may be used.
health care professionals who provide you with care maintain records about your
health and any treatment or care you have received previously (e.g. Hospital, GP
Surgery, Walk-in clinic, etc.). These records help to provide you with the best
health records may be electronic, on paper or a mixture of both, and we use a
combination of working practices and technology to ensure that your information
is kept confidential and secure. Records which this GP Practice hold about you
may include the following information;
- Details about
you, such as your address, legal representative, emergency contact details
- Any contact the
surgery has had with you, such as appointments, clinic visits, emergency
- Notes and
reports about your health
- Details about
your treatment and care
- Results of
investigations such as laboratory tests, x-rays etc
- Relevant information from other health professionals, relatives or
those who care for you
Your records will be
retained in accordance with the NHS Code of Practice for Records Management
To ensure you receive the best possible care, your
records are used to facilitate the care you receive. Information held about you
may be used to help protect the health of the public and to help us manage the
NHS. Information may be used within the GP practice for clinical audit to
monitor the quality of the service provided.
Some of this information will be held centrally and
used for statistical purposes. Where we do this, we take strict measures to
ensure that individual patients cannot be identified.
Sometimes your information may be requested to be
used for research purposes – the surgery will always gain your consent before
releasing the information for this purpose.
we maintain the confidentiality of your records?
committed to protecting your privacy and will only use information collected
lawfully in accordance with:
- Data Protection
- Human Rights
- Common Law Duty
- Health and
Social Care Act 2012
- NHS Codes of
Confidentiality and Information Security
- Information: To
Share or Not to Share Review (click here to read
further information about this)
member of staff who works for the Practice or another NHS organisation has a
legal obligation to keep information about you confidential.
only ever use or pass on information about you if others involved in your care
have a genuine need for it. We will not disclose your information to any 3rd
party without your permission unless there are exceptional circumstances (i.e.
life or death situations), where the law requires information to be passed on
for example Child/Adult Protection and Serious Criminal Activity.
Who are our
We may also have to share your information, subject
to strict agreements on how it will be used, with the following organisations
or receive information from the following organisations:-
- NHS Trusts /
Commissioning Support Units
Contractors such as dentists, opticians, pharmacists
- Private Sector
- Social Care
- NHS Digital
- Fire and Rescue
- Police &
- Other ‘data processors’ which you will be informed of
You will be informed who your data will be shared with
and in some cases asked for explicit consent for this happen when this is
We may also use external companies to process personal
information, such as for archiving purposes. These companies are bound by contractual
agreements to ensure information is kept confidential and secure.
Access to personal information
a right under the Data Protection Act to request access to view or to obtain
copies of what information the surgery holds about you and to have it amended
should it be inaccurate. In order to
request this, you need to do the following:
- Your request must be made in writing to the GP - for information from
the hospital you should write direct to them
- There may be a charge to have a printed copy of the information held
- We are required to respond to you within 40 days
- You will need to give adequate information (for example full name,
address, date of birth, NHS number and
details of your request) so that your identity can be verified and your records
Objections / Complaints
Should you have any concerns about how your
information is managed at the GP, please contact the Practice Manager. If you are still unhappy following a review
by the GP practice, you can then complain to the Information Commissioners
Office (ICO) via their website (www.ico.org.uk).
Change of Details
It is important that you tell the person treating you
if any of your details such as your name or address have changed or if any of
your details such as date of birth is incorrect in order for this to be
amended. You have a responsibility to
inform us of any changes so our records are accurate and up to date for you.
The Data Protection Act 1998 requires organisations to
register a notification with the Information Commissioner to describe the
purposes for which they process personal and sensitive information.
This information is publicly available on the
Information Commissioners Office website www.ico.org.uk
The practice is registered with the Information
Commissioners Office (ICO).
Who is the
The Data Controller, responsible for keeping your
information secure and confidential is Dr Lisa Gutteridge