What is a Privacy Notice and why does it apply to me?
A Privacy Notice tells people how organisations use information that they hold about them. A new law called the General Data Protection Regulation 2016, also known as GDPR, says that we need to provide you with this Privacy Notice and let you know:
- What information we hold about you
- How we keep this very important information safe and secure and where we keep it
- How we use your information
- Who we share your information with
- What your rights are
- When the law gives us permission to use your information
Why does the law give you permission to use my information?
The law gives us permission to use your information in situations where we need it to take care of you. Because information about your health is very personal, sensitive and private to you, the law is very strict about how we use it.
So, before we can use your information in the ways we have set out in this Privacy Notice, we have to have a good reason in law, which is called a ‘lawful basis’. Not only do we have to do that, but we also have to show that your information falls into a special group or category, because it is very sensitive. By doing this the law makes sure we only use your information to look after you and that we do not use it for any other reason.
If you would like more information about this please ask to speak to our Data Protection Officer (DPO) mentioned in this Privacy Notice who will explain this in more detail.
We, at Grovehill Medical Centre, Kilbride Court, Hemel Hempstead, are responsible for collecting, storing and handling your information when you registered with us as a patient. Because we do this, the law says we are Data Controllers. Sometimes we may use your information for a particular purpose and when we do so, the law says we are Data Processors.
What information do you hold about me?
We hold information about you such as:
- Your name
- Mobile number
- Information about your parent(s) or person with parental responsibility
- All your health records
- Appointment records
- Visits to see your GP
- Treatments you have had
- Medicines prescribed for you and any other information to help us look after you
How do you keep it safe?
- The law says that we must do all we can to keep your information private, safe and secure.
- We use secure computer systems and we make sure that any written information held about you is under lock and key and kept in a safe place. This includes taking great care with any passwords we use which we change on a regular basis. We also train our staff to respect your privacy and deal with your information in a manner that makes sure it is always kept and dealt with in a safe way.
What do you do with my information?
- We only usually use your information to help us care for you. That means we might need to share your information with other people who are concerned and involved with looking after your health.
- We might need to share your information with the police, courts, social services, solicitors and other people who have a right to your information, but we always make sure that they have a legal right to see it (or have a copy of it) before we provide it to them.
Who else will see my information?
- Usually only doctors, nurses and other people who work with us are allowed to see your information.
- Sometimes though, if you need to go to the hospital or be seen by a special doctor, we will share your information with them but this only so that we can take care of you.
- Sometimes we might be asked to take part in medical research that might help you in the future. We will always ask you or your parent(s) or adult with parental responsibility if we can share your information if this happens.
- Possibly the police, social services, the courts and other organisations and people who may have a legal right to see your information.
What are my rights?
- If you want to see what information we hold about you then you have a right to see it and you can ask for it.
- To ask for your information you will usually need to put your request in writing and tell us what information you want us to give you.
- We usually need to answer you within one month. Your parent(s) or adult with parental responsibility can help you with is if you need help.
- Usually we will give this to you free of charge.
- If you think there are any errors in the information we hold about you then you can ask us to correct it but the law says we can’t remove any of the information we hold about you even if you ask us to. This is because we need this information to take care of you.
- You have a right to ask us not to share your information.
- If you would like to talk to us about not sharing your information, even if this means you don’t want us to share your information with your parent(s) or adult with parental responsibility, please let us know. We will be happy to help.
Can I access my information online?
- You may be able to access your information online.
- Please ask our receptionist who will put you in touch with your GP.
- Your GP will discuss this with you and explain how to register.
What if I have a question?
- A member of our staff/receptionist will be happy to talk to you about any questions you may have and we will do our best to help you.
- The Surgery has a person called a Data Protection Officer (DPO) who deals with all queries about patient information. Our receptionist may put you in touch with this person who will listen to your concerns and give you the advice you need.
- Our DPO is called X and she/he can be contacted at XXX.
What if I have a serious complaint about how you look after my information?
- We will always do our best to look after your information and to answer your questions.
- If you are still not happy with something we have done with your information you can speak to our DPO.
- If our DPO has not been able to help you or if you prefer not to speak to our DPO then you have a right to pass your complaint to an organisation called the Information Commissioner’s Office (ICO) who will look into what has gone wrong. For more information visit ico.org.uk
Updates to this Privacy Notice
The law says we must keep all information we provide in this Privacy Notice up to date.
Updated on: 02.12.18 by Liz Keenan (Practice Manager) & Manu Wilhelm (Assistant PM & DPO)