What is GDPR?

General Data Protection Regulations (GDPR) is a piece of legislation that superseded the Data Protection Act 1998 on Friday 25th May 2018 and covers anywhere in the world in which data about EU Citizens is processed.

GDPR is similar to the Data Protection Act (DPA) 1998, which the practice already complies with, but strengthens many of the DPA’s principles. The main changes are:

• Practices must comply with subject access requests.
• Where we need your consent to process data, this consent must be freely given, specific, informed and unambiguous.
• There are new, special protections for patient data.
• The Information Commissioner’s Office must be notified within 72 hours of a data breach.
• Higher fines for data breaches – up to 20 million euros.

What does this mean for you?

The GDPR sets out the key principles about processing personal date for staff and patients;

• Data must be processed lawfully, fairly and transparently.
• It must be collected for specific, explicit and legitimate purposes.
• It must be limited to what is necessary for the purposes for which it is processed.
• Information must be accurate and kept up to date.
• Data must be held securely.
• It can only be retained for as long as is necessary for the reasons it was collected.

There are also stronger rights for patients regarding the information that practices hold about them. These include;

• Being informed about how their data is used.
• Patients to have access to their own data.
• Patients can ask to have incorrect information changed.
• Restrict how their data is used.
• Move their patient data from one health organisation to another.
• The right to object their patient information being processed (in certain circumstances).

We will use your data to:

• Book/cancel appointments
• Appointment reminders
• Direct contact to discuss treatment and appointments
• Referrals to hospitals/specialists with your consent

What is ‘Patient Data’?

Patient data is information that relates to a single person, such as his/her diagnosis, name, age, earlier medical history etc.

What is ‘Consent’?

Consent is permission from a patient and is defined as “any freely given specific and informed indication of their wishes by which the data subject signifies their agreement to personal data relating to them being processed.”

The changes in GDPR mean that we must get explicit permission from patients when using their data in order to protect your right to privacy. We may ask you to provide consent to do certain things, like contact you or record certain information about you for your clinical records.

Individuals also have the right to withdraw their consent at any time.

More details can be found by visiting the ICO website.

The Freedom of Information Act creates a right of access to recorded information and obliges a public authority to:

• Have a publication scheme in place
• Allow public access to information held by public authorities.

The Act covers any recorded organisational information such as reports, policies or strategies, that is held by a public authority in England, Wales and Northern Ireland, and by UK-wide public authorities based in Scotland, however it does not cover personal information such as patient records which are covered by the Data Protection Act.

Public authorities include government departments, local authorities, the NHS, state schools and police forces.

The Act is enforced by the Information Commissioner who regulates both the Freedom of Information Act and the Data Protection Act.

The Surgery publication scheme

A publication scheme requires an authority to make information available to the public as part of its normal business activities. The scheme lists information under seven broad classes, which are:

• who we are and what we do
• what we spend and how we spend it
• what our priorities are and how we are doing it
• how we make decisions
• our policies and procedures
• lists and registers
• the services we offer

You can request our publication scheme leaflet at the surgery.

Who can request information?

Under the Act, any individual, anywhere in the world, is able to make a request to a practice for information. An applicant is entitled to be informed in writing, by the practice, whether the practice holds information of the description specified in the request and if that is the case, have the information communicated to him. An individual can request information, regardless of whether he/she is the subject of the information or affected by its use. 

How should requests be made?

Requests must:

• be made in writing (this can be electronically e.g. email/fax)
• state the name of the applicant and an address for correspondence
• describe the information requested.

What cannot be requested?

Personal data about staff and patients covered under Data Protection Act.

For more information see these websites:

• Legislation GOV.UK
• Information Commissioners Office

If you have any special needs please let our staff know so that we can help and ensure that you get the same support in the future.

Wheelchair access

The Surgery has been specially designed to make it easier for disabled patients to visit. There are no steps at the entrance of the building giving patients easy access. Due to fire regulations, we do have heavy fire doors, however if you have trouble opening these please ask Reception for assistance as they are always happy to help.

There are several dedicated disabled car parking spaces available immediately outside the front entrance of The Surgery.

We have a wheelchair for patient’s use, at their own risk, should you require one whilst visiting our premises.

We have two disabled toilets –  one on each floor.

Disabled Parking – Blue Badge Scheme

The Blue Badge scheme is for people with severe mobility problems. It allows Blue Badge holders to park close to where they need to go.

Loop System

We have a loop induction system at the reception desk to assist the hearing impaired. For more information on the loop hearing system visit Hearing Link website.

• British Deaf Association
• The Deaf Health Charity – SignHealth
• Action Hearing Loss
• Royal Association for Deaf People
• National Deaf Children’s Society

Blind/Partially Sighted

If you or family members are blind or partially sighted we can give you a CD or large print of our practice leaflet upon request. Please ask Reception for further information.

For more advice and support for blind people please see the following websites:

• Royal National Institute of Blind People (RIND)
• Action for Blind People
• Blind.org.uk
• British Blind Sport

Guide Dogs

Guide dogs are welcome at the surgery but we ask that you be aware of other patients and staff who may have an allergy or fear of dogs.

Further Information:

• Guide Dogs

Other Disability Websites:

• BID Services
• Disability Go
• Disabled People, your Rights, Benefits, Carers and the Equality Act
• Disability Rights UK
• Living with a Disability NHS Choices
• Disability Action
• Mencap

The practice complies with the Data Protection Act.  All information about patients is confidential: from the most sensitive diagnosis, to the fact of having visited the surgery or being registered at the Practice. All patients can expect that their personal information will not be disclosed without their permission except in the most exceptional of circumstances, when somebody is at grave risk of serious harm.

All members of the primary health care team (from reception to doctors) in the course of their duties will have access to your medical records. They all adhere to the highest standards of maintaining confidentiality.

As our reception area is a little public, if you wish to discuss something of a confidential nature please mention it to one of the receptionists who will make arrangements for you to have the necessary privacy.

Under 16s:

The duty of confidentiality owed to a person under 16 is as great as the duty owed to any other person. Young people aged under 16 years can choose to see health professionals, without informing their parents or carers. If a GP considers that the young person is competent to make decisions about their health, then the GP can give advice, prescribe and treat the young person without seeking further consent.

However, in terms of good practice, health professionals will encourage young people to discuss issues with a parent or carer. As with older people, sometimes the law requires us to report information to appropriate authorities in order to protect young people or members of the public.

Useful Websites:

• Confidentiality NHS Code of Practice
• Confidentiality and Mental Health
• Confidentiality Guidance

The Surgery prides itself in maintaining professional standards. For certain examinations during consultations an impartial observer (a “Chaperone”) will be required.

This impartial observer will be a Practice Nurse or Health Care Assistant who is familiar with the procedure and be available to reassure and raise any concerns on your behalf. If a nurse is unavailable at the time of your consultation then your examination may be re-scheduled for another time.

You are free to decline any examination or choose an alternative examiner or chaperone. You may also request a chaperone for any examination or consultation if one is not offered to you. The GP may not undertake an examination if a chaperone is declined.

The role of a Chaperone:

• Maintains professional boundaries during intimate examinations.
• Acknowledges a patient’s vulnerability.
• Provides emotional comfort and reassurance.
• Assists in the examination.
• Assists with undressing patients, if required.