This website uses cookies to function correctly.
You may delete cookies at any time but doing so may result in some parts of the site not working correctly.
 

General Data Protection Regulations (GDPR)

This is new EU legislation to protect personal data for all EU citizens.  It is a significant change in Data protection for every business in the UK including health care.  It covers Data processing – any action taken with personal data (including storage) and Personal Data – information that about an individual that can identify them.

The GDPR sets out the key principles about processing personal data for patients:

Data must be processed lawfully, fairly & transparently

It must be collated for specific, explicit & legitimate purposes

It must be limited to what is necessary for the purposes for which it is provided

Information must be accurate and kept up to date

Data must be kept securely

It can only be retained for as long as necessary for the reasons it was collected

 

There are also more robust rights for patients regarding the information we hold about them, including:

Being informed about how data is used

Having access to their own data

The right to have incorrect data changed

The right to restrict how their data is used

Moving patient data from one health organisation to another

The right to object to their patient information being processed

 

What is patient data?  Patient data is information that relates to a single person such as name, age, medical history & diagnosis.

What is Consent?  Consent is permission from a patient.  The changes in GDPR mean we must get explicit permission from patients when using their data.  This is to protect your right to privacy and we may ask you to provide consent to do certain things such as recording information for your clinical records or to contact you.

As a practice we have policies and procedures in place ensuring all patient data is held securely and all information is strictly confidential.

Please see attached our Privacy Notices which explain why we collect information about our patients and how that information may be used.

Direct Care

Emergencies

Public Health

NHS Digital

Care Quality Commission

Safeguarding

National Screening Programs

Payments

Summary Care Record

Risk Stratification

Research

The Mill Medical Practice takes your privacy very seriously. We are registered with the Information Commissioners Office (ICO) as a data controller and our registration can be viewed online in the public register at http://ico.org.uk/what_we_cover/register_of_data_controllers   

If you have any questions or wish to make a request in relation to your information, please contact SCWCSU (South, Central and West Commissioning Support Unit) Tel: 02380 627 444

Click on the following to view our GDPR Patient Information Leaflet



 
Call 111 when you need medical help fast but it’s not a 999 emergencyNHS ChoicesThis site is brought to you by My Surgery Website