Privacy notice
As data controllers, GPs have fair processing responsibilities under the Data Protection Act and GDPR law 2018. This means ensuring that your personal confidential data (PCD) is handled in ways that are safe, transparent and what you would reasonably expect. Please find documents and links below.
We ask you for personal information so that you can receive appropriate care and treatment. This information is recorded on computer and we are registered under the Data Protection Act. The practice will ensure that patient confidentiality is maintained at all times by all members of the practice team. However, for the effective functioning of a multi-disciplinary team it is sometimes necessary that medical information about you is shared between members of the team.
We comply with the eight enforceable principles of good practice which say that data must be:
- Fairly and lawfully processed.
- Processed for limited purposes.
- Adequate, relevant and not excessive.
- Accurate
- Not kept longer than necessary.
- Processed in accordance with the data subjects rights.
- Secure.
- Not transferred to countries which do not have adequate protection.
General Date Protection Regulation (GDPR) updates the Data Protection Act 1998
Your information is confidential. However, you can choose to Opt out of data sharing. Click on the link Opting out explained for more information and to help you make your choice.
If you do not wish to have your Summary Care Record shared with other care professionals complete the patient consent form with your preferences and return it to us SCR Consent Form.
GDPR Privacy Notices:
Children’s Privacy Information Leaflet
LGBT Confidentiality Statement
General Practice Transparency Notice Supplementary
GDPR Data Security Policies:
GDPR Staff Compliant Data Protection Policy
Data Protection Impact Assessment Policy
Records Retention Policy and NHS Digital Retention Schedules
Practice Fair Processing and Privacy Notice – Updated September 2023
Staff Computer Security Policy
Call recording policy – July 2023
Further reading:
BMA – GPs Data Controllers Under GDPR
Data Protection Officer:
The practices Data Protection Officer (DPO) is Jane Marley, Head of IG at the ICB.
To contact the DPO, please use the following email address: MSEGP.DPO@nhs.net