GDPR and Data Protection

Confidentiality and how we use your information

The General Data Protection Regulation (GDPR) became law on 24th May 2016. This is a single EU-wide regulation on the protection of confidential and sensitive information. It entered into force in the UK on the 25th May 2018, repealing the Data Protection Act (1998).

Please Click Here to see Ombersley Medical Centre’s GDPR Privacy statement.

Please Click Here to see how we use your information.

 

Why we collect information about you

In the Practice we aim to provide you with the highest quality of health care.  To do this we must keep records about you, your health and the care we have provided or plan to provide to you. 

These records may include:

  • Basic details about you, such as address, date of birth, next of kin
  • Contact we have had with you such as clinical visits
  • Details and records about your treatment and care
  • Results of x-rays, laboratory test etc.,
  • Relevant information from people who care for you and know you well, such as health professionals and relatives

It is good practice for people in the NHS who provide care to:

  • discuss and agree with you what they are going to record about you
  • give you a copy of letters they are writing about you; and
  • show you what they have recorded about you, if you ask.

We will only store your information in identifiable form for a long as in necessary in and in accordance with the NHS England’s Rules found here: –

https://digital.nhs.uk/media/1158/Records-Management-Code-of-Practice-for-Health-and-Social-Care-2016/pdf/Records-management-COP-HSC-2016

 

How your records are used

The people who care for you use your records to:

  • Provide a good basis for all health decisions made by you and care professionals
  • Allow you to work with those providing care
  • Make sure your care is safe and effective, and
  • Work effectively with others providing you with care

Others may also need to use records about you to:

  • check the quality of care (such as clinical audit)
  • protect the health of the public
  • keep track of NHS spending
  • manage the health service
  • help investigate any concerns or complaints you or your family have about your health care
  • teach health workers and
  • help with research

Some information will be held centrally to be used for statistical purposes.  In these instances, we take strict measures to ensure that individual patients cannot be identified.

We use anonymous information, wherever possible, but on occasions we may use personally confidential information for essential NHS purposes such as research and auditing.  However, this information will only be used with your consent, unless the law requires us to pass on the information.

 

The Legal Part

You have a right to privacy under the General Data Protection Regulation 2016 (GDPR) and the Data Protection Act.  The Practice needs your personal, sensitive and confidential data in order perform our statutory health duties, in the public interest or in the exercise of official authority vested in the controller in compliance with Article 6 (e) of the GDPR and for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the in compliance with Article 9, (h) of the GDPR.

 You have the right to ask for a copy of all records about you.

  • Your request should be made in writing to the practice holding your information
  • We are required to respond to you within one Month
  • You will need to give adequate information (for example full name, address, date of birth NHS number etc.)  

To Access your record contact:

If you think anything is inaccurate or incorrect, please inform the Practice as soon as possible. For other rights about the use of your information pleases see our website.

The Practice Data Protection Officer is Paul Couldrey PCIG Consulting Ltd, and is available via email: [email protected] Tel: 07525 623939

How we keep your records Confidential

Everyone working for the NHS has a legal duty to keep information about you confidential.

We have a duty to

  • Maintain full and accurate records of the care we provide to you
  • Keep records about you confidential, secure and accurate
  • Provide information in a format that is accessible to you (i.e., in large type if you are partially sighted)

 We will not share information that identifies you for any reason, unless:

  • you ask us to do so;
  • we ask, and you give us specific permission;
  • we must do this by law;
  • we have special permission for health or research purposes or
  • we have special permission because the interests of the public are thought to be of greater importance than your confidentiality

 

Who are our partner Organisations?

We may share information with the following main partner organisations:

  • NHS England
  • Our Commissioners
  • NHS Trusts/Organisation(Hospitals, CCG’s)
  • Ambulance Service
  • Social Services

We may also share your information, with your consent and subject to strict sharing protocols about how it will be used.

With:

  • Education Services
  • Local Authorities
  • Voluntary Sector Providers
  • Private Sector

Anyone who receives information from us also has a legal duty to:

KEEP IT CONFIDENTIAL!

Information Commissioner: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Tel  01625 545745

www.informationcommissioner.gov.uk