Patient confidentiality

We respect your right to privacy and keep all your health information confidential and secure. It is important that the NHS keeps accurate and up-to-date records about your health and treatment so that those treating you can give you the best possible care.

This information may be used for management and audit purposes. However, it is usually only available to, and used by, those involved in your care. You have the right to know what information we hold about you. If you would like to see your records please contact the Practice Manager.

Practice policies

Confidentiality & medical records

The practice complies with data protection and access to medical records legislation. Identifiable information about you will be shared with others in the following circumstances:

  • To provide further medical treatment for you e.g. from district nurses and hospital services.
  • To help you get other services e.g. from the social work department. This requires your consent.
  • When we have a duty to others e.g. in child protection cases anonymised patient information will also be used at local and national level to help the Health Board and Government plan services e.g. for diabetic care.

If you do not wish anonymous information about you to be used in such a way, please let us know.

Reception and administration staff require access to your medical records in order to do their jobs. These members of staff are bound by the same rules of confidentiality as the medical staff.

Freedom of information

Information about the General Practitioners and the Practice required for disclosure under this act can be made available to the public. All requests for such information should be made to the practice manager.

Access to records

In accordance with the Data Protection Act 1998 and Access to Health Records Act, patients may request to see their medical records. Such requests should be made through the practice manager and may be subject to an administration charge. No information will be released without the patient consent unless we are legally obliged to do so.

Data choices

Your data matters to the NHS

Information about your health and care helps us to improve your individual care, speed up diagnosis, plan your local services and research new treatments. The NHS is committed to keeping patient information safe and always being clear about how it is used.

How your data is used

Information about your individual care such as treatment and diagnoses is collected about you whenever you use health and care services. It is also used to help us and other organisations for research and planning such as research into new treatments, deciding where to put GP clinics and planning for the number of doctors and nurses in your local hospital.  It is only used in this way when there is a clear legal basis to use the information to help improve health and care for you, your family and future generations.

Wherever possible we try to use data that does not identify you, but sometimes it is necessary to use your confidential patient information.

You have a choice

You do not need to do anything if you are happy about how your information is used. If you do not want your confidential patient information to be used for research and planning, you can choose to opt out securely online or through a telephone service. You can change your mind about your choice at any time.

Will choosing this opt-out affect your care and treatment?

No, choosing to opt out will not affect how information is used to support your care and treatment. You will still be invited for screening services, such as screenings for bowel cancer.

What do you need to do?

If you are happy for your confidential patient information to be used for research and planning, you do not need to do anything.

To find out more about the benefits of data sharing, how data is protected, or to make/change your opt-out choice click here

You can also download a useful leaflet.

GDPR – General Data Protection Regulation

The General Data Protection Regulation (GDPR) is a new law that determines how your personal data is processed and kept safe.

The regulation applies from 25th May 2018, and will apply even after the UK leaves the EU.

What GDPR will mean for patients

The GDPR sets out the key principles about processing personal data, for staff or patients

  • Data must be processed, lawfully, fairly and transparently
  • It must be collected for specific, explicit and legitimate purposes
  • It must be limited to what is necessary for the purposes for which it is processed
  • Information must be accurate and kept up to date
  • Data must be held securely
  • It can only be retained for as long as is necessary for the reasons it was collected

There are also stronger rights for the patients regarding the information that practices hold about them.

These include;

  • Being informed about how their data is used
  • Patients to have access to their data
  • Patients can ask to have incorrect information changed
  • Restrict how their data is used
  • Move their patient data from one health organisation to another
  • The right to object to their patient information being processed (in certain circumstances)

Subject Access Request Policy

Request for Access to Records Form

Adult GDPR leaflet

Privacy information leaflet for children