Data Protection & Confidentiality

In order to provide the right level of care, we are required to hold personal information about you on our computer systems and in paper records to help us to look after your health needs. All information about you is held securely and appropriate safeguards are in place to protect the integrity, confidentiality and physical and digital security of your data. Below you will find our suite of Data Protection, Confidentiality and IT policies.

 The practice Caldicott Guardian and Information Governance lead is: Dr Tom Waterfall

Confidentiality

Anyone with access to your record is properly trained in confidentiality issues and is governed by both legal and contractual duty to keep your details private. If you have any worries or queries about confidentiality, please ask a member of staff. If you would like to discuss matters of a confidential nature, either with our receptionists or a member of the team, please say at reception and a room will be provided.

Your Personal Data & Your Care

We use several IT platforms for managing your direct care and to provide you with the care you need, from time-to-time information may be shared with others involved in your care if it is necessary, this may involve the following means: 

  • Referral Management systems - when your care is referred to a specialist for review.
  • Patient online access to personal records - when you access your own medical records via the NHS app or alternative app such as patient access. 
  • GP2GP record transfers - when you move surgery and your electronic records are sent to your new practice. 
  • Summary Care Record - when details from your GP medical record are available to doctors involved in your care in other healthcare settings such as A&E.

Full details of practice data sharing can be found in the Practice Privacy Notice and more detailed information about your options for opting out on our Managing Your Data Page.

Data Protection and Sharing

Doctors and staff in the practice have access to your medical records to enable them to do their jobs and are responsible for their accuracy and safe-keeping. In some circumstances we may be required by law to release your details to statutory or other official bodies, for example if a court order is presented, or in the case of public health issues. In other circumstances you may be required to give written consent before information is released – such as for medical reports for insurance, solicitors etc. Information will not be disclosed to family, friends or spouses unless we have prior written consent. 

Patient data is also shared with other medical organisations for the purpose of direct patient care in the form of the Summary Care Record and for participating practices via a local shared care record; and with NHS England for the purpose of healthcare research and planning, which is managed by the National Data Opt-Out. To find out more about how your data might be used and your rights to opt-out please visit our Managing Your Data page. 

You have a right to see your records if you wish by submitting a Subject Access Request. For more information please see the SAR & FOI Policy page.