General Data Protection Regulation (GDPR)
From 25th May 2018, the Data Protection Act (1998) is being replaced by a new piece of legislation known as the General Data Protection Regulation (GDPR). As part of this change, we have to display a privacy notice, which explains how we process the data that we hold on you.
You can download our Privacy Notice below for how we deal with your direct care, which is the most common way that we process your data. This notice is also displayed on our notice board in the main reception area.
You can also ask at reception for our privacy notices relating to the following data processing areas, including;
- The CQC
- NHS Digital
- Public Health
- Risk Stratification
- National Screening Programmes
- Summary Care Records
Our nominated Data Protection Officer (DPO) is Dr Jonathan Edwards, one of the GP Partners. If you have any questions about how GDPR might affect you, please do contact the surgery and ask for a message to be put through to him.
Access to Records
In accordance with the Data Protection Act 1998 and Access to Health Records Act, patients may request to see their medical records. Such requests should be made through the practice manager. No information will be released without the patient consent unless we have legal obligations.
Freedom of Information
Under the Freedom of Information Act (www.ico.gov.uk), if you would like your medical records to be withheld from the “National NHS IT Spine” please inform us in writing.
You also have the right to know what information we hold about you. If you would like to see your records, please speak to one of our receptionists. We have a practice policy regarding your access to your medical records.
Confidentiality and Medical Records
We ask you for personal information so that you can receive appropriate care and treatment. This information is recorded electronically and we are registered under the Data Protection Act 1998 and comply with the GDPR regulations. The Practice will ensure that patient confidentiality is maintained at all times by the Central Team. However, for the effective functioning of a multi-disciplinary team (MDT), it is sometimes necessary that medical information about you is shared between members of the team those who are involved in a patient's direct care. Where a patient wishes information not to be shared within the team providing direct care, then this must be discussed with a patient's GP.
Please note the Practice's policy is to record telephone calls for the purposes of patient and staff care, security and dispute resolution. Recordings and their use will comply with the Practice's Data Protection registration.
Summary - NHS Digital has introduced a new tool that people can use to opt out of their confidential patient information being used for reasons other than their individual care and treatment. This has been available from 25 May 2018.
The National Data Opt-Out - NHS Digital has developed a new system to support the National Data Opt-Out which will give patients more control over how confidential patient information is used. The system offers patients and the public the opportunity to make an informed choice about whether they wish their confidential patient information to be used just for their individual care and treatment or also used for research and planning purposes.
Choosing to Opt-Out - Patients and the public who decide they do not want their confidential patient information used for planning and research purposes are able to set their national data opt-out choice online. NHS Digital provides a non-digital alternative for patients and the public who can't or don't want to use an online system. Individuals can change their mind at any time. Existing Type 2 opt-outs (the option for a patient to register with their GP, to prevent their confidential patient information leaving NHS Digital) will be converted to the new national data opt-out. Patients with type 2 opt-outs will be informed of this change individually.
To opt out please go to the following website: