Leatside Surgery recognise how important it is that our patients are aware of the information we collect about them and how we share this information.
We use three different types of information:
- Person identifiable: information which on its own or with other information can identify you.
- Anonymised data: when unique identifiers such as your name and DOB have been removed so the information is no longer 'patient identifiable'.
- Pseudonymised data: where personal information about you is replaced with a code. If this information was shared with a third party they could not identify you.
To ensure you information is kept confidential and that the surgery data is kept safe and secure, all staff receive data protection and information governance training annually. Updates are shared throughout the year when required.
Access to your information
Staff only have access to the information that is needed for them to complete their role within the surgery. Staff access of confidential information is monitored to ensure your confidentiality is maintained.
How to access your records
The Data Protection Act allows you to find out what information about you if held on computer systems, and also in the form of paper records. This is known as a 'right of subject access'. If you would like access to your records then you must complete and sign a consent form which can be requested from the surgeries reception team. You are entitled to receive a paper copy of this information and are not required to provide the surgery with a reason for the request, however timelines maybe asked for to ensure that only relevant documentation is copied. Written consent will be required if you are requesting this information on behalf of someone else. All requests may incur a charge, however you will be notified of this at the time of request.
Information we hold about you in your medical record
- Personal demographics such as name, DOB, address, contact information
- Details on your care, treatment, and any other relevant clinical information such as test results and examinations.
- Records of your health and wellbeing, this often includes reports from other organisations such as out of hours reports and ED attendances.
- Details of each contact we have with you, whether that is an email correspondence, telephone call or face to face consultation.
Other information we hold about you
- Recordings of some telephone calls made to and from the surgery.
- Information shared in a public domain i.e. surgery reviews on NHS choices.
- Emails sent to our secure surgery email address (firstname.lastname@example.org).
- Contact details for non-medical communications such as PPG updates and newsletters.
How your records are used
- To allow informed decisions to be made about your care
- To ensure that treatment and advice is safe and effective
- To help the surgery work alongside other organisations and healthcare representatives to may also be involved in your care.
- Allowing investigations into any feedback or concerns raised with the surgery.
- Can be available if you see another GP in the surgery, or are referred to a specialist or another part of the NHS for the purposes of direct care.
- To help in the investigations of complaints, legal claims and significant events.
- To help with statistics on NHS performance and help with health research and development.
- Internal audits to improve the surgeries efficiently and service management and thus patient experience.
- External audits which will allow for local and national benchmarking
- Sharing of best practice, significant event reviews and management of adverse events.
- Personal development reviews (mainly clinicians appraisals).
- Patient surveys completed by external parties such as NHS England.
How do we keep your records confidential and secure
Everyone working for the NHS has a legal and professional duty to ensure all information is safely and securely protected and kept confidential.
The sharing of your information is strictly controlled. The surgery will not pass on any information without permission unless there are exceptional circumstances, such as a court order. We adhere to the Caldicott Principles to ensure information is assessed and held securely and appropriately.
The surgery operates under secure networks for both our internal and external IT systems. Use of NHS smartcards and audits ensure that only permitted staff are able to access your records and personal information.
Records are only kept for as long as we need, the surgery work in accordance with national guidelines such as NHS Records Management and Code of Practice. After any records are no longer required they are confidentially and securely destroyed.
Third parties we share information with
- NHS Trusts
- Community and District Nurses
- Ambulance or other Emergency Service
- Out Of Hours Service / NHS 111
- Child and Adult Safeguarding Services
- Local Authorities
- The Care Quality Commission (CQC), ICO and other regulated auditors
- Public Health England
Please be aware that the surgery will only ever pass on information about you if others involved in your care have a need for it; or if there is the potential of risk to public safety. Anyone we share information with is under a legal duty to keep it confidential and secure. Information and data sharing agreements ensure that the surgery only share information in a way that complies with the law.
You have the right to confidentiality and for your information to be used fairly in a way that is safe and secure under the Data Protection Act 1998, common law of duty of confidentiality and other relevant legislation. The Equality Act 2010 may also apply in certain circumstances. You have the right to know what information we hold about you, what we use it for and who we share it with.
Comments, queries or objections
To enable the surgery to provide a safe, professional and efficient service we need to keep information on record. You have the right to access and update your records and request for corrections of errors, however not change the content as this maybe clinically unsafe (notes can be made to inform those accessing your records that you do not agree with documented opinions or facts).