Confidentiality and Data Protection

The practice complies with data protection and access to medical records legislation.  The General Data Protection Regulations (GDPR) is a piece of legislation that supersedes the Data Protection Act.  It not only appies to the UK and EU but it also covers anywhere in the world in which data about UK or EU citizens is processed.

The GDPR is similar to the Data Protection Act, which the practice already complied with, but strengthens many of the DPA's principles.  The main changes are:

* Practices must comply with subject access requests

* Where we need your consent to process data, this consent must be freely given, specific, informed and unambiguous

* There are new, special protections for patient data.  Patient data is information that relates to a single person, such as diagnosis, name, age, earlier medical history etc

* The Information Commissioner's Office must be notified within 72 hours of a data breach

Please click on the link below to read our privacy notice, which explains why the practice collects information about you, how the information is used, how it is kept safe and confidential and what your rights are in relation to this.

Patient Privacy Notice

Important information about how we may collate and use your information differently during the Covid-19 pandemic can be found in the supplementary privacy notice below:

Covid-19 Privacy Notice



 
Call 111 when you need medical help fast but it’s not a 999 emergencyNHS ChoicesThis site is brought to you by My Surgery Website