PATIENT INFORMATION AND CONFIDENTIALITY
Everyone working for the Health Service has a legal duty to keep information about you confidential. Confidentiality also extends to family members, therefore medical information relating to you will not be divulged to anyone without your consent.
Your doctor and other health professionals caring for you keep records about the treatment you receive. They may be written down (manual records), or kept on a computer (electronic records).
From 25/5/18 The Data Protection Act of 1998 has been replaced by the General Data Protection Regulations (GDPR).
Most of the principles are the same between the two and because the NHS has very strict confidentiality rules the surgery is largely complying with GDPR already. Below are the guiding principles of GDPR.
Data must be processed lawfully, fairly and transparently
It must be collected for specific, explicit and legitimate purposes
It must be limited to what is necessary for the purposes for which it is processed.
It must be accurate, kept up to date and stored securely
The practice must comply when patients request copies of their medical records
Where we need your consent to process data, this consent must be informed consent and freely given.
Patients can ask for data to be corrected and can, in certain circumstances, opt out of data being processed. The Practice must notify the Information Commissioner's Office with 72 hours of a data breach.
NB: Some of your personal information may be used for statistical reporting purposes. These reports may also be passed to organisations involved in health and social care research, for example universities. Occasionally and independent check (audit) will take place to make sure your information is being recorded and stored accurately and securely.
On the rare occasions where it is essential to include personal identifiable information, we will ask for your consent before this information is shared.
We may share information with organisations where they contribute to your health and care. These could include other NHS Trusts, national blood services, strategic health authorities, general practitioners, social services, ambulance services, Primary Care Trusts and clinical networks, for example, cancer care alliance.
Details of our processes are available below as four privacy notices and a patient leaflet is also available at Reception in the surgery.
Privacy - audit and research
Privacy - direct care
Privacy legal requirements
Patient leaflet GDPR.
GDPR Privacy Notice
The GDPR gives patients the right to access written or computer-held records which will be delivered with a month of request. Requests are free of charge but must be reasonable . No information will ever be released without your consent unless we are legally obliged to do so.
FREEDOM OF INFORMATION - PUBLICATION SCHEME
The Freedom of Information Act 2000 obliges the practice to produce a Publication Scheme. A Publication Scheme is a guide to the classes of information the practice intends to routinely make available.
This scheme is available from reception.
Normanby Medical Centre has an infection control policy and follows current guidelines on hand hygiene, decontamination and clinical waste management. We do carry out some minor surgery using disposal single use equipment to maintain compliance with the Code of Practice for the prevention and control of infections 2010 Criterion 3.
If you have any concerns regarding infection control please contact the Practice Manager in the first instance.