Our Privacy Notice explains why we collect your information and how that information may be used.
Under the Data Protection Act 1998 we must ensure that your personal confidential data (PCD) is handled in ways that are transparent and that you would reasonably expect.
The Health and Social Care Act 2012 has altered the way that personal confidential data are processed. Consequently, you must be aware and understand these changes and that you have the opportunity to object and understand how to exercise that right.
Health care professionals who provide you with care are required by law to maintain records about your health and any treatment or care you have received within any NHS organisation. These records help to provide you with the best possible healthcare.
Medicas consists of 4 GP Practices who can when necessary access all patient data. This would be the minimum information required for the task, and this is subject to all confidentiality security.
NHS health records may be processed electronically, on paper or a mixture of both and through established working procedures and best practice coupled with technology we ensure your personal data is kept confidential and secure. Records held by us may include the following:
- Your personal data, such as address and next of kin;
- Your history, such as appointments, vaccinations, clinic visits, emergency appointments, etc;
- Notes and reports about your health;
- Details about your treatment and care;
- Results of investigations and referrals such as blood tests, x-rays, etc; and
- Relevant information from other health professionals, relatives or those who care for you.
We obtain and hold data for the sole purpose of providing healthcare services to our patients and we will ensure that the information is kept confidential. We can disclose your personal information if:
(a) It is required by law;
(b) You consent – either implicitly or for the sake of your own care or explicitly for
other purposes; and
(c) It is justified in the public interest
Some of this information is held centrally and used for statistical purposes. Where we hold data centrally, we take strict measures to ensure that individual patients cannot be identified. Sometimes your information may be requested to be used for research purposes – the Practice will always endeavour to gain your consent before releasing the information.
Some data is used for research purposes and some of that is anonymised or pseudonomysed.
The Health and Social Care Information Centre (HSCIC), under the powers of the Health and Social Care Act 2012 (HSCA), can request Personal Confidential Data (PCD) from GP Practices without seeking patient consent. Improvements in information technology are also making it possible for us to share data with other healthcare providers with the objective of providing you with better care.
You may choose to withdraw your consent to personal data being used in this way. When we are about to participate in a new data-sharing project we will make patients aware by displaying prominent notices on our website at least four weeks before the scheme is due to start. Instructions will be provided to explain what you have to do to ‘opt out’ of each new scheme.
A patient can object to their personal information being shared with other health care providers but if this limits the treatment that you can receive then the doctor will explain this to you at the time.
Medicas Health is embarking on future joint working within the 4 practices e.g. opening sessions at each practice for patients later in the evening or at weekends. This would necessitate access to the health record for the clinician seeing you to treat you with all the information at hand.
Risk Stratification is a process that helps planning organisation to help manage your health. By using selected information from your health records, a secure NHS computer system will look at any recent treatments you have had in hospital or in the surgery and any existing health conditions that you have. This will alert your doctor to the likelihood of a possible deterioration in your health. The clinical team at the surgery will use the information to help you get early care and treatment where it is needed. NHS Central Southern CSU DSCRO (the regional processing centre) supports GP Practices with this work. NHS security systems will protect your health information and patient confidentiality at all times.
Please note that you have the right to opt out of Risk Stratification.
Should you have any concerns about how your information is managed, or wish to opt out of any data collection or data sharing by Medicas, please contact firstname.lastname@example.org to discuss how the disclosure of your personal information can be limited.
Our partner organisations
We may need to share your information, subject to agreement on how it will be used, with the following organisations:
- NHS Trusts
- Health & Social Care Information Centre (HSCIC)
- Specialist Trusts
- Independent Contractors such as dentists, opticians, pharmacists
- Private Sector Providers
- Voluntary Sector Providers
- Ambulance Trusts
- Clinical Commissioning Groups
- Commissioning Support Units
- Social Care Services
- Local Authorities
- Education Services
- Fire and Rescue Services
- Other ‘data processors’
Access to personal information held about you
Under the Data Protection Act 1998, you have a right to access/view information we hold about you, and to have it amended or removed should it be inaccurate. If we do hold information about you we will:
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form.
If you would like to make a ‘subject access request’, please contact the Practice Manager in writing. There may be a charge for this service.
Any changes to this notice will be published on our website.
We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Data Protection Act 1998 (which is overseen by the Information Commissioner’s Office), Human Rights Act, the Common Law Duty of Confidentiality, and the NHS Codes of Confidentiality and Security.