Confidentiality & Medical Records
The practice complies with data protection and access to medical records legislation. Identifiable information about you will be shared with others in the following circumstances:
- To provide further medical treatment for you e.g. from district nurses and hospital services.
- To help you get other services e.g. from the social work department. This requires your consent.
- When we have a duty to others e.g. in child protection cases anonymised patient information will also be used at local and national level to help the Health Board and Government plan services e.g. for diabetic care.
If you do not wish anonymous information about you to be used in such a way, please let us know.
Reception and administration staff require access to your medical records in order to do their jobs. These members of staff are bound by the same rules of confidentiality as the medical staff.
Freedom of Information
Information about the General Practioners and the practice required for disclosure under this act can be made available to the public. All requests for such information should be made to the practice manager.
Access to Records
In accordance with the Data Protection Act 1998 and Access to Health Records Act, patients may request to see their medical records. Such requests should be made through the practice manager and may be subject to an administration charge. No information will be released without the patient consent unless we are legally obliged to do so.
We make every effort to give the best service possible to everyone who attends our practice.
However, we are aware that things can go wrong resulting in a patient feeling that they have a genuine cause for complaint. If this is so, we would wish for the matter to be settled as quickly, and as amicably, as possible.
To pursue a complaint please contact the practice manager who will deal with your concerns appropriately. Further written information is available regarding the complaints procedure from reception.
The NHS operate a zero tolerance policy with regard to violence and abuse and the practice has the right to remove violent patients from the list with immediate effect in order to safeguard practice staff, patients and other persons. Violence in this context includes actual or threatened physical violence or verbal abuse which leads to fear for a person’s safety. In this situation we will notify the patient in writing of their removal from the list and record in the patient’s medical records the fact of the removal and the circumstances leading to it.
GDPR - General Data Protection Regulation
The General Data Protection Regulation (GDPR) comes into effect in the UK on 25 May 2018. The GDPR and the forthcoming Data Protection Act (DPA) 2018, which has yet to be finalised, will replace the current Data Protection Act.
What is the GDPR?
The GDPR was designed to harmonise data privacy laws across Europe. The aim is to protect citizens from privacy and data breaches.
The current DPA dates from the 1990s when organisations held much less data on individuals. As the amount of data held has increased and technology has advanced, so has the risk of cyber crime and data breaches. The GDPR aims to address gaps in current legislation by providing a framework with greater scope and tougher punishments for those who fail to comply.
The key principles of the current DPA remain unchanged, but some areas of legislation have been strengthened.
Like the DPA, the GDPR applies to ‘controllers’ and ‘processors’ of data – a controller says how and why personal data is processed and the processor acts on the controller’s behalf. Practices are data controllers.
How we use your information
Fair processing notice guidance
Patient Opt Out Form
The data protection officer for our practice is Makala Larkins. If you have any concerns you may call and contact her.