This website uses cookies to function correctly.
You may delete cookies at any time but doing so may result in some parts of the site not working correctly.

Privacy Notice for 13-16 year old patients

Privacy Notice for patients aged between 13-16

We understand how important it is to keep your personal information safe and secure and we take this very seriously. We have taken steps to make sure your personal information is looked after in the best possible way and we review this regularly.

 

Up until the age of 16 your parents will be able to access your medical information. This means they can discuss your care with staff at the Practice and may request to see copies of your medical information, unless you request us to withhold this information from them.

*If you do not want your parents to have access to your medical information please speak to a member of the Practice team

Please read this privacy notice (‘Privacy Notice’) carefully, as it contains important information about how we use the personal and healthcare information we collect on your behalf.

 

  1. ABOUT US

We, at Clevedon Medical Centre are a Data Controller of your information. This means we are responsible for collecting, storing and handling your personal and healthcare information when you register with us as a patient.

There may be times where we also process your information. That means we use it for a particular purpose and, therefore, on those occasions we may also be Data Processors. The purposes for which we use your information are set out in this Privacy Notice.

 

A privacy notice helps your doctor’s surgery tell you how it uses information it has about you, like your name, address, date of birth and all of the notes the doctor or nurse makes about you in your healthcare record.

 

  1. THE DATA PROTECTION OFFICER

 

You can contact the Data Protection Officer by emailing Kelly@almc.co.uk if you have any questions about how your information is being held;

  1. If you require access to your information or if you wish to make a change to your information;
  2. If you wish to make a complaint about anything to do with the personal and healthcare information we hold about you;
  3. Or any other query relating to this Policy and your rights as a patient.

 

You can also write to her at the address stated below:-

 

Kelly-Anne Gast

Avon Local Medical Committee, 14a High Street, Staple Hill, Bristol, BS16 5HP

 

 

  1. WHY WE ARE PROVIDING THIS PRIVACY NOTICE

 

We are required to provide you with this Privacy Notice by Law. It explains how we use the personal and healthcare information we collect, store and hold about you. The Law says:

  1. We must let you know why we collect personal and healthcare information about you; B. We must let you know how we use any personal and/or healthcare information we hold on you; C. We need to inform you in respect of what we do with it; D. We need to tell you about who we share it with or pass it on to and why; and E. We need to let you know how long we can keep it for.
  2.  
  1. WHY DO WE NEED ONE?

Your doctor’s surgery needs a privacy notice to make sure it meets the legal requirements which are written in a new document called the General Data Protection Regulation (or GDPR for short).

A privacy notice helps your doctor’s surgery tell you how it uses information it has about you, like your name, address, date of birth and all of the notes the doctor or nurse makes about you in your healthcare record

 

  1. WHAT IS THE G.D.P.R?

The GDPR helps your doctor’s surgery keep the information about you secure. It was introduced on the 25th May 2018, making sure that your doctor, nurse and any other staff at the practice follow the rules and keep your information safe.

  1. WHAT INFORMATION DO WE COLLECT ABOUT YOU?

Don’t worry; we only collect the information we need to help us keep you healthy – such as your name, address, information about your parents or guardians, records of appointments, visits, telephone calls, your health record, treatment and medicines, test results, X-rays and any other information to enable us to care for you.

If you are unclear about how we process or use your personal and healthcare information, or you have any questions about this Privacy Notice or any other issue regarding your personal and healthcare information, then please contact our Data Protection Officer.

 

NHS Digital sub-contract Amazon Web Services (AWS) to store your patient data. We have been informed that the data will remain in the UK at all times and will be fully encrypted both in transit and at rest. We have further been advised that AWS offers the very highest levels of security and support. The Practice does not have any influence over how the data is stored as this is decided centrally by NHS Digital.

 

  1. OTHER PEOPLE WHO WE PROVIDE YOUR INFORMATION TO:
  2. Commissioners; B. Clinical Commissioning Groups; C. Local authorities; D. Community health services; E. For the purposes of complying with the law e.g. Police, Solicitors, Insurance Companies;
  3. Anyone you have given your consent to, to view or receive your record, or part of your record.
  4. Extended Access - We provide extended access services to our patients which means you can access medical services outside of our normal working hours. In order to provide you with this service, we have formal arrangements in place with the Clinical Commissioning group and with other practices whereby certain key “hub” practice offer this service on our behalf for you as a patient to access outside of our opening hours. This means, those key “hub” practice will have to have access to your medical record to be able to offer you the service. Please note to ensure that those practices comply with the law and to protect the use of your information, we have very robust data sharing agreements and other clear arrangements in place to ensure your data is always protected and used for those purposes only.
  5. Data Extraction by the Clinical Commissioning Group - the clinical commissioning group at times extracts medical information about you, but the information we pass to them via our computer systems cannot identify you to them. This information only refers to you by way of a code, that only your practice can identify (it is pseudo-anonymised). This therefore protects you from anyone who may have access to this information at the clinical commissioning group from EVER identifying you as a result of seeing the medical information and we will never give them the information that would enable them to do this.
  6. Severnside Intergrated Urgent Care Service-incorporates NHS111, this is a new computer booking system that replaces the Out of hours service for GP Practices this service ensures that you receive the right level of care for your condition.
  7. CQC- Care Quality Commission –Regulate and inspect health and social care services across the UK.

 

Other NHS organisations

Sometimes the practice shares information with other organisations that do not directly treat you, for example, Clinical Commissioning Groups (CCG). Normally, it will not be possible to identify you from this information. This information is used to plan and improve services. The information collected includes data such as the area patients live, age, gender, ethnicity, language preference, country of birth and religion. The CCG also collects information about whether patients have long term conditions such as diabetes; blood pressure, cholesterol levels and medication. However, this information is anonymous and does not include anything written as notes by the GP and cannot be linked to you.

  1. Local Data Sharing Agreements
  1. Sirona Community nurses and other health care professionals are able to access GP information about people on their caseload who have recently been discharged from hospital, or who are housebound, or who require longer term rehabilitation from the GP record. This information can be read by the healthcare professional to improve the patients care, but they are not able to amend the GP medical record;
  2. Connecting Care* enables a range of health care organisations, including local NHS hospital, the Ambulance Service and the Out of Hours service provided by Brisdoc. This information can be read by the healthcare professional to improve the patients care, but they are not able to amend the GP medical record;
  3. One Care – this agreement allows patients from the surgery to be seen and treated by GPs from other surgeries in the evening and at weekend. The agreement allows a GP in other localities to access the GP record securely and allows information about the consultation to be written into the record.
  4. St Peter’s Hospice – this agreement enables hospice staff to read the records of patients in their care. This information can be read by the healthcare professional to improve the patients care, but they are not able to amend the GP medical record
  5. The practice also shares anonymised data with a number of research bodies to enable clinical research to be undertaken, but no personally identifiable data is shared.

 

Please note: if you give another person or organisation consent to access your record we will need to contact you to verify your consent before we release that record. It is important that you are clear and understand how much and what aspects of, your record you give consent to be disclosed.

 

 

  1. SPECIAL CATEGORIES

The Law states that personal information about your health falls into a special category of information because it is very sensitive. Reasons that may entitle us to use and process your information may be as follows:

PUBLIC INTEREST: Where we may need to handle your personal information when it is considered to be in the public interest. For example, when there is an outbreak of a specific disease and we need to contact you for treatment, or we need to pass your information to relevant organisations to ensure you receive advice and/or treatment;

CONSENT: When you have given us consent;

VITAL INTEREST: If you are incapable of giving consent, and we have to use your information to protect your vital interests (e.g. if you have had an accident and you need emergency treatment);

DEFENDING A CLAIM: If we need your information to defend a legal claim against us by you, or by another party;

PROVIDING YOU WITH MEDICAL CARE: Where we need your information to provide you with medical and healthcare service

 

  1. HOW DO WE USE YOUR INFORMATION?

Your information is taken to help us provide your care. But we might need to share this information with other medical teams, such as hospitals, if you need to be seen by a special doctor or sent for an X-ray. Your doctor’s surgery may be asked to help with exciting medical research; but don’t worry, we will always ask you, or your parents or adults with parental responsibility, if it’s okay to share your information.

  1. HOW DO YOU KEEP MY INFORMATION PRIVATE?

Well, your doctor’s surgery knows that it is very important to protect the information we have about you. We make sure we follow the rules that are written in the GDPR and other important rule books. 

  1. WHAT IF I HAVE A LONG TERM MEDICAL CONDITION?

If you have a long-term medical problem then we know it is important to make sure your information is shared with other healthcare workers to help them help you, making sure you get the care you need when you need it!

  1. WHAT IF I DON’T WANT TO SHARE MY INFORMATION?

All of our patients, no matter what their age, can say that they don’t want to share their information.  If you’re under 16 this is something which your parents or adults with parental responsibility will have to decide. They can get more information from a member of staff at the surgery, who can also explain what this means to you.

  1. HOW DO I ACCESS MY RECORDS?

Remember we told you about the GDPR? Well, if you want to see what is written about you, you have a right to access the information we hold about you, but you will need to complete a Subject Access Request (SAR). Your parents or adults with parental responsibility will do this on your behalf if you’re under 16. But if you are over 12, you may be classed as being competent and you may be able to do this yourself.

  1. WHAT DO I DO IF I HAVE A QUESTION?

If you have any questions, your parents or adults with parental responsibility are the best people to ask, however you are also able to do one of the following:

  • Contact the practice’s data controller via email at  
  • Doctors surgeries are data controllers for the data they hold about their patients

 

  1. YOUR SUMMARY CARE RECORD

Your summary care record is an electronic record of your healthcare history (and other relevant personal information) held on a national healthcare records database provided and facilitated by NHS England. This record may be shared with other healthcare professionals and additions to this record may also be made by relevant healthcare professionals and organisations involved in your direct healthcare.

 

You may have the right to demand that this record is not shared with anyone who is not involved in the provision of your direct healthcare. If you wish to enquire further as to your rights in respect of not sharing information on this record then please contact our Data Protection Officer.

 

  1. HOW THE NHS USE YOUR INFORMATION-National Data Opt-Out

The Practice is one of many organisations working in the health and care system to improve care for patients and the public.

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.

The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:

 

  • improving the quality and standards of care provided
  • Research into the development of new treatments
  • preventing illness and diseases
  • monitoring safety
  • planning services

 

This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.

 

Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.

 

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.

To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters. On this web page you will:

  • See what is meant by confidential patient information
  • Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
  • Find out more about the benefits of sharing data
  • Understand more about who uses the data
  • Find out how your data is protected
  • Be able to access the system to view, set or change your opt-out setting
  • Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
  • See the situations where the opt-out will not apply

 

You can also find out more about how patient information is used at:

https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and

https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)

 

You can change your mind about your choice at any time.

 

Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.

 

Health and care organisations have until 2020 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. **Practice is currently compliant with the national data opt-out policy.

 

  1. LEGAL JUSTIFICATION FOR COLLECTING AND USING YOUR INFORMATION

The Law says we need a legal basis to handle your personal and healthcare information.

CONTRACT: We have a contract with NHS England to deliver healthcare services to you. This contract provides that we are under a legal obligation to ensure that we deliver medical and healthcare services to the public.

CONSENT: Sometimes we also rely on the fact that you give us consent to use your personal and healthcare information so that we can take care of your healthcare needs.

Please note that you have the right to withdraw consent at any time if you no longer wish to receive services from us.

NECESSARY CARE: Providing you with the appropriate healthcare, where necessary. The Law refers to this as ‘protecting your vital interests’ where you may be in a position not to be able to consent.

LAW: Sometimes the Law obliges us to provide your information to an organisation.

 

 

 

  1. WHAT DO I DO IF I AM NOT HAPPY WITH HOW YOU HAVE HANDLED MY INFORMATION?

We really want to make sure you’re happy, but we understand that sometimes things can go wrong. If you or your parents or adults with parental responsibility are unhappy with any part of our data-processing methods, you can complain. For more information, visit ico.org.uk and select ‘Raising a concern’. We always make sure the information we give you is up to date. Any updates will be published here on our website, and on our leaflets.

  1. COMPLAINTS

 

If you have a concern about the way we handle your personal data or you have a complaint about what we are doing, with your data or how we have used or handled your personal and/or healthcare information, then please contact our Data Protection Officer.

 

You also have a right to raise any concern or complaint with the UK information regulator:

Information Commissioner’s Office (ICO): https://ico.org.uk/

 

  1. OUR WEBSITE

 

The only website this Privacy Notice applies to is the Surgery’s website. If you use a link to any other website from the Surgery’s website then you will need to read their respective privacy notice. We take no responsibility (legal or otherwise) for the content of other websites.

 

  1. CHANGES TO OUR PRIVACY NOTICE

 

We regularly review and update our Privacy Notice. This Privacy Notice was last updated on 4th June 2020.

 

 

*Please see attached Supplementary temporary Notice in relation to the COVID pandemic.

 

 

SUPPLEMENTARY PRIVACY NOTICE COVID-19 ________Practice

 

Please read this COVID-19 specific privacy notice (‘Privacy Notice’) carefully, as it contains important information about how we use the personal and healthcare information we collect on your behalf. This notice describes how we may use your information to protect you and others during the Covid-19 outbreak. It supplements our main Privacy Notice which is also available on request and available on the practice website.

The health and social care system is facing significant pressures due to the Covid-19 outbreak. Health and care information is essential to deliver care to individuals, to support health and social care services and to protect public health. Information will also be vital in researching, monitoring, tracking and managing the outbreak. In the current emergency it has become even more important to share health and care information across relevant organisations.

 

Existing law which allows confidential patient information to be used and shared appropriately and lawfully in a public health emergency is being used during this outbreak. Using this law the Secretary of State has required NHS Digital; NHS England and Improvement; Arm’s Length Bodies (such as Public Health England); local authorities; health organisations and GPs to share confidential patient information to respond to the Covid-19 outbreak.

 

Any information used or shared during the Covid-19 outbreak will be limited to the period of the outbreak unless there is another legal basis to use the data. Further information can be found on the www.gov.uk website.

 

During this period of emergency, opt-outs will not generally apply to the data used to support the Covid-19 outbreak, due to the public interest in sharing information. This includes National Data Opt-outs. However in relation to the Summary Care Record, existing choices will be respected. Where data is used and shared under these laws your right to have personal data erased will also not apply. It may also take us longer to respond to Subject Access requests, Freedom of Information requests and new opt-out requests whilst we focus our efforts on responding to the outbreak.

In order to look after your health and care needs we may share your confidential patient information including health and care records with clinical and non-clinical staff in other health and care providers, for example neighboring GP practices, hospitals and NHS 111. We may also use the details we have to send public health messages to you, either by phone, text or email. [Is there anyone else information will be shared with for individual care? If so please add here].

During this period of emergency we may offer you a consultation via telephone or videoconferencing. By accepting the invitation and entering the consultation you are consenting to this. Your personal/confidential patient information will be safeguarded in the same way it would with any other consultation.

We will also be required to share personal/confidential patient information with health and care organisations and other bodies engaged in disease surveillance for the purposes of protecting public health, providing healthcare services to the public and monitoring and managing the outbreak.

 

NHS England and Improvement and NHSX have developed a single, secure store to gather data from across the health and care system to inform the Covid-19 response. This includes data already collected by NHS England, NHS Improvement, Public Health England and NHS Digital. New data will include 999 call data, data about hospital occupancy and A&E capacity data as well as data provided by patients themselves. All the data held in the platform is subject to strict controls that meet the requirements of data protection legislation.  

 

In such circumstances where you tell us you’re experiencing Covid-19 symptoms we may need to collect specific health data about you. Where we need to do so, we will not collect more information than we require and we will ensure that any information collected is treated with the appropriate safeguards.

We may amend this privacy notice at any time so please review it frequently. The date at the bottom of this page will be amended each time this notice is updated.

 

 

 

 

 

CORONOVIRUS PANDEMIC-DATA PROTECTION

Coronavirus (COVID-19) pandemic and your information

The ICO recognises the unprecedented challenges the NHS and other health professionals are facing during the Coronavirus (COVID-19) pandemic. The ICO also recognise that 'Public bodies may require additional collection and sharing of personal data to protect against serious threats to public health.'

The Government have also taken action in respect of this and on 20th March 2020 the Secretary of State for Health and Social Care issued a Notice under Regulation 3(4) of The Health Service Control of Patient Information (COPI) Regulations 2002 requiring organisations such as GP Practices to use your information to help GP Practices and other healthcare organisations to respond to and deal with the COVID-19 pandemic.

In order to look after your healthcare needs during this difficult time, we may urgently need to share your personal information, including medical records, with clinical and non-clinical staff that belong to organisations that are permitted to use your information and need to use it to help deal with the Covid-19 pandemic. This could (amongst other measures) consist of either treating you or a member of your family and enable us and other healthcare organisations to monitor the disease, assess risk and manage the spread of the disease.

Please be assured that we will only share information and health data that is necessary to meet yours and public healthcare needs.

The Secretary of State for Health and Social Care has also stated that these measures are temporary and will expire on 30th September 2020 unless a further extension is required. Any further extension will be will be provided in writing and we will communicate the same to you. Please also note that the data protection and electronic communication laws do not stop us from sending public health messages to you, either by phone, text or email as these messages are not direct marketing. It may also be necessary, where the latest technology allows us to do so, to use your information and health data to facilitate digital consultations and diagnoses and we will always do this with your security in mind.

If you are concerned about how your information is being used, please contact our Data Protection Officer using the contact details provided in this Privacy Notice.

 

HOW WE LOOK AFTER YOUR PERSONAL INFORMATION WHEN WORKING FROM HOME DURING THE COVID-19 PANDEMIC?

In accordance with government guidance and in order to protect the health and safety of our staff during this difficult period we will be requiring all [administrative] staff to work from home.

This means that staff may have access to any necessary personal and/or medical information in order to look after your healthcare needs.

We would like to assure you that our staff will be subject to all relevant security procedures and policies of the Practice to ensure that any information is kept safe, secure and confidential at all times.

If you have any concerns about how your information may be used please contact our DPO who will be happy to assist with your enquiry.

 

YOUR SUMMARY CARE RECORD AND CHANGES DURING COVID-19

Your summary care record is an electronic record of your healthcare history (and other relevant personal information) held on a national healthcare records database provided and facilitated by NHS England. This record may be shared with other healthcare professionals and additions to this record may also be made by relevant healthcare professionals and organisations involved in your direct healthcare.

 

In light of the current emergency, the Department of Health and Social Care has removed the requirement for a patient’s prior explicit consent to share Additional Information as part of the Summary Care Record.

This is because the Secretary of State for Health and Social Care has issued a legal notice to healthcare bodies requiring them to share confidential patient information with other healthcare bodies where this is required to diagnose, control and prevent the spread of the virus and manage the pandemic. This includes sharing Additional Information through Summary Care Records, unless a patient objects to this.

If you have already expressed a preference to only have Core information shared in your Summary Care Record, or to opt-out completely of having a Summary Care Record, these preferences will continue to be respected and this change will not apply to you. For everyone else, the Summary Care Record will be updated to include the Additional Information. This change of requirement will be reviewed after the current coronavirus (COVID-19) pandemic.

WHY WE HAVE MADE THIS CHANGE?

 

In order to look after your health and care needs, Health and Social Care bodies may share your confidential patient Information contained in your Summary Care Record with clinical and non-clinical staff in other health and care organisations for example, hospitals ,NHS 111 and out of hours organisations. These changes will improve the healthcare that you receive away from your usual GP Practice.

 

YOUR RIGHTS AND YOUR SUMMARY CARE RECORD?

Regardless of your past decisions about your Summary Care Record preferences, you will still have the same options that you currently have in place to opt out of having a Summary Care Record, including the opportunity to opt-back in to having a Summary Care Record or opt back in to allow sharing of Additional Information. You can exercise these rights by doing the following:

  1. Choose to have a Summary Care Record with all information shared. This means that any authorised, registered and regulated health and care professionals will be able to see a detailed Summary Care Record, including Core and Additional Information, if they need to provide you with direct care.
  2. Choose to have a Summary Care Record with Core information only. This means that any authorised, registered and regulated health and care professionals will be able to see limited information about allergies and medications in your Summary Care Record if they need to provide you with direct care.
  3. Choose to opt-out of having a Summary Care Record altogether. This means that you do not want any information shared with other authorised, registered and regulated health and care professionals involved in your direct care. You will not be able to change this preference at the time if you require direct care away from your GP practice. This means that no authorised, registered and regulated health and care professionals will be able to see information held in your GP records if they need to provide you with direct care, including in an emergency. To make these changes, you should inform your GP practice or complete this form and return it to your GP practice.

Health and care organisations have until 2020 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. **Practice is currently compliant with the national data opt-out policy.

 

We carefully consider any personal information that we store about you, and we will not keep your information for longer than is necessary for the purposes as set out in this Privacy Notice.

 

 

NHS DIGITAL GP DATA FOR PLANNING AND RESEARCH

 

NHS Digital has been legally directed to collect and analyse healthcare information about patients from their GP record for the duration of the coronavirus emergency period. The British Medical Association, the Royal College of General Practitioners and the National Data Guardian are all supportive of this approach.

NHS Digital will analyse the data and securely and lawfully share data with other appropriate organisations described below for coronavirus response purposes only. These purposes include:

  • carrying out vital research into treatments and vaccines for the virus, including clinical trials
  • identifying coronavirus trends and risks to public health
  • diagnosing and monitoring the effects of coronavirus
  • controlling and helping to prevent the spread of the virus
  • planning and providing health, social care and other public services in response to coronavirus (COVID-19)
  • helping clinicians, scientists, public health bodies and the government to provide guidance and develop policies to respond to the outbreak
  • monitoring and managing the outbreakNHS Digital is the controller of the personal data collected and analysed above under the General Data Protection Regulation 2016 (GDPR) jointly with the Secretary of State for Health and Social Care, who has directed NHS Digital to collect, analyse and in certain circumstances disseminate this data under the COVID-19 Public Health Directions 2020 (COVID-19 Directions).NHS Digital has various powers to share personal data which are explained below under ‘Who we share your personal data with’. Under GDPR our legal basis for collecting and analysing this data is Article 6(1) (c) - legal obligation. Our legal basis for collecting and analysing personal data relating to health will be Article 9(2) (g) – substantial public interest, for the purposes of NHS Digital exercising its statutory functions under the COVID-19 Directions. Our legal basis for sharing personal data under GDPR will depend on the organisation we are sharing the data with and their purposes for using the data. This will include:
  • All GP practices in England are legally required to share data with NHS Digital for this purpose under the Health and Social Care Act 2012 (2012 Act). More information about this requirement is contained in the Data Provision Notice issued by NHS Digital to GP practices.
  • OUR LAWFUL BASIS FOR PROCESSING THIS INFORMATION

    NHS Digital is the controller of the personal data collected and analysed above under the General Data Protection Regulation 2016 (GDPR) jointly with the Secretary of State for Health and Social Care, who has directed NHS Digital to collect, analyse and in certain circumstances disseminate this data under the COVID-19 Public Health Directions 2020 (COVID-19 Directions).

    All GP practices in England are legally required to share data with NHS Digital for this purpose under the Health and Social Care Act 2012 (2012 Act). More information about this requirement is contained in the Data Provision Notice issued by NHS Digital to GP practices.

    NHS Digital has various powers to share personal data which are explained below under ‘Who we share your personal data with’. Under GDPR our legal basis for collecting and analysing this data is Article 6(1) (c) - legal obligation. Our legal basis for collecting and analysing personal data relating to health will be Article 9(2) (g) – substantial public interest, for the purposes of NHS Digital exercising its statutory functions under the COVID-19 Directions. Our legal basis for sharing personal data under GDPR will depend on the organisation we are sharing the data with and their purposes for using the data. This will include:

    • Article 6(1)(c) – legal obligation, for example where the NHS Digital COPI Notice applies
    • Article 6(1)(d) – vital interests, for example where it is necessary to protect your or other patients’ vital interests
    • Article 6(1)(e) – public task, for example where we are sharing data with another public authority for the purposes of them exercising their statutory or governmental functions
    • Article 6(1)(f) – legitimate interests, for example where we are sharing information with a research organisation to carry out vital coronavirus research Our legal basis for sharing personal data under GDPR relating to health will include:
    • Article 9(2)(g) – substantial public interest, for the purposes of NHS Digital exercising its statutory functions or for other organisations exercising their governmental or statutory functions
    • Article 9(2)(h) – health or social care purposes
    • Article 9(2)(I) – public health purposes
    • Article 9(2) (j) – scientific research or statistical purposes.
    • For Further information please visit https://digital.nhs.uk/coronavirus

TEXT AND VIDEO MESSAGING

 

As mentioned above, during this period of emergency we may offer you a consultation via telephone or videoconferencing. By accepting the invitation and entering the consultation you are consenting to this. Your personal/confidential patient information will be safeguarded in the same way it would with any other consultation.

Because we are obliged to protect any confidential information we hold about you and we take this very seriously, it is imperative that you let us know immediately if you change any of your contact details.

 

We may contact you using SMS texting to your mobile phone in the event that we need to notify you about appointments and other services that we provide to you involving your direct care, therefore you must ensure that we have your up to date details. This is to ensure we are sure we are actually contacting you and not another person.

 

 

 

THE DATA PROTECTION OFFICER

 

The Data Protection Officer for the Surgery is Kelly-Anne Gast. You can contact her if:

  1. You have any questions about how your information is being held;
  2. If you require access to your information or if you wish to make a change to your information;
  3. If you wish to make a complaint about anything to do with the personal and healthcare information we hold about you;
  4. Or any other query relating to this Policy and your rights as a patient.

 

Kelly can be contacted here:

kelly@almc.co.uk

 

 

CHANGES TO THIS SUPPLMENTARY PRIVACY NOTICE

 

We regularly review and update our Privacy Notice. This Privacy Notice was last updated on 20/05/2020 and will only be referred to during the coronavirus pandemic. This Privacy Notice is only currently valid until September 2020 unless any changes in legislation occur and this notice will have to be extended.

June 8 2020



Call 111 when you need medical help fast but it’s not a 999 emergencyNHS ChoicesThis site is brought to you by My Surgery Website