Peel Park Surgery
Tel: 01274 299257

Privacy Notice

Privacy / Transparency Notice

OpenSAFELY COVID-19 Service

The NHS England OpenSAFELY COVID-19 Service is a secure, transparent, open-source software platform for analysis of electronic health data. The system provides access to de-identified (pseudonymised) personal data to support Approved Users (academics, analysts, and data scientists) to undertake approved projects for COVID-19 research, COVID-19 clinical audit, COVID-19 service evaluation and COVID-19 health surveillance purposes.

The purposes for processing are to identify medical conditions and medications that affect the risk or impact of COVID-19 infection on individuals; this will assist with identifying risk factors associated with poor patient outcomes as well as information to monitor and predict demand on health services.

Further information can be found here

The NHS England OpenSAFELY COVID-19 service - privacy notice - NHS Digital

Peel Park Surgery Privacy Policy

Your practice takes privacy seriously and we want to provide you with information about your rights, who we share your information with and how we keep it secure.

Please use the information below to find out more information about the practice and data protection.

Your personal and medical information. Additional Information re: Covid -19

Coronavirus (COVID-19) pandemic and your information

The ICO recognises the unprecedented challenges the NHS and other health professionals are facing during the Coronavirus pandemic.

The  ICO also recognise the "public bodies may require additional collection and sharing of personal data protect against serious threats to public health".

In order to look after your healthcare needs we may therefore need to share your personal information including medical records with clinical and non clinical staff in practices from the surrounding locality including practices within any primary network to which our practice belongs to.

Please be assured that we will only share information and health data that is necessary to meet your healthcare needs.

Please also note that data protection and electronic communication laws do not stop us from sending public health messages to you, either by phone , text or email as these messages are not direct marketing.

It may also be necessary , where latest technology allows to do so, to use your information and health data to facilitate digital consultations and diagnose and we will always do this with your security in mind.

How we use your information

This privacy notice explains why we collect information about you and how that information may be used.  As controllers of data (Data Controllers), GPs have fair processing responsibilities  under the Data Protection Act 1998.  This means ensuring your personal confidential data (PCD) is handled in ways that are transparent and that you would reasonably expect.  The Health and Social Care Act 2012 changed the way that PCD are processed, therefore it is important that patients are made aware of and understand these changes and that you have an opportunity to object and know how to do so.

The health care professionals who provide you with care maintain records about your health and any treatment or care you have   received within the NHS eg. Hospitals, walk-in centres.  These records help to provide you with the best possible healthcare.   NHS health records may be processed electronically, on paper or a mixture of both, and a combination of working practices and technology are used to ensure that your information is kept confidential and secure.  Records held by the surgery may include the following information:

 

Details of next of kin etc;

Any contacts with the surgery eg. appointments etc.

Notes and reports about your health

Details about your treatment and care

Results of investigations eg. blood tests, x-rays etc.

Relevant information from other health professionals, relatives or carers

 

The Practice collects and holds data for the sole purpose of providing healthcare services to our patients and we will ensure that the information is kept confidential.   However, we may disclose personal information if:

1   it is required by law

2   you consent— either implicitly or for the sake of their own care or explicitly for other purposes

3   it is justified in the public interest

Some of this information will be held centrally and used for statistical purposes.  Where we hold data centrally, we take strict measures to ensure that individual patients cannot be identified.  Sometimes your information may be requested to be used for research purposes— the practice will always endeavour to gain your consent before releasing the information.

 

Under the powers of the Health and Social Care Act 2013 (HSCA) the Health and Social Care Information Centre (HSCIC) can request PCD from GP practices without seeking patient consent.  The Care.Data Programme allows PCD to be collected by the HSCIC to ensure that the quality and safety of services is consistent across the county.  Improvements in information technology are also making it possible for us to share data with other healthcare providers with the objective of providing you with better care.  Any patient can choose to withdraw their consent to their data being used in this way.

 

PCN Privacy Notice

 

Primary Care Network

We are a member of [5] Primary Care Network (PCN).  This means we will be working closely with a number of other Practices and health and care organisations to provide healthcare services to you. During the course of our work we may share your information with these Practices and health care organisations/professionals.  We will only share this information where it relates to your direct healthcare needs.  When we do this, we will always ensure that appropriate agreements are in place to protect your information and keep it safe and secure. This is also what the Law requires us to do.

If you would like to see the information the PCN holds about you please contact the DPO [Daljeet Sharry  at Dalheet.sharry-khan@bradford.nhs.uk[, daljeet.sharry-khan@nhs.net. See also your rights as a patient listed.

Patient Confidentiality

We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Data Protection Act 1998 (overseen by the Information Commissioner’s Office), Human Rights Act, the Common Law Duty of Confidentiality and the NHS Codes of Confidentiality and Security.

All our staff and contractors receive appropriate and on-going training to ensure they are aware of their personal responsibilities and have contractual obligations to uphold confidentiality, enforceable through disciplinary procedure.  Only a limited number of authorised staff have access to personal information where it is appropriate to their role and is strictly on a need-to-know basis.

 

We maintain our duty of confidentiality to you at all times.  We will only ever use or pass on information about you if others involved in your care have a genuine need for it.  We will not disclose your information to any third party without your permission unless where are exceptional circumstances or where the law requires information to be passed on.

Who are our partner organisations?

We may also have to share your information, subject to strict agreement on how it will be used, with the following organisations:

o    NHS Trusts

o    Specialist Trusts

o    Independent Contractors eg.  dentists, opticians, pharmacists

o    Private Sector Providers

o    Voluntary Sector Providers

o    Ambulance Trusts

o    Clinical Commissioning Groups

o    Social Care Services

o    Local Authorities

o    Education Services

o    Police, Fire and Rescue Services

o    Other “data processors”

    •  

Risk Stratification

Risk Stratification

Risk stratification is a process for identifying and managing patients who are at high risk of requiring emergency or urgent care.  Typically this is because patients have a long term condition such as COPD, cancer or other medical condition at risk of sudden worsening.  NHS England (the national Commissioning Board) encourages GPs to use risk stratification tools as part of their local strategies for supporting patient with long-term conditions and to provide acre plans and planned care with the aim to prevent avoidable admissions to hospital or other emergency care.

 

Information about you is collected from a number of sources including NHS Trusts and from this Practice.  A risk score is then arrived at through an analysis of your de-identified information using software and is only provided back in an identifiable form to your GP or member of your care team.  Risk stratification enables your GP to focus on preventing ill health and not just the treatment of sickness,  If necessary your GP may be able to offer your additional services.

Risk Stratification

Risk stratification is a process for identifying and managing patients who are at high risk of requiring emergency or urgent care.  Typically this is because patients have a long term condition such as COPD, cancer or other medical condition at risk of sudden worsening.  NHS England (the national Commissioning Board) encourages GPs to use risk stratification tools as part of their local strategies for supporting patient with long-term conditions and to provide acre plans and planned care with the aim to prevent avoidable admissions to hospital or other emergency care.

 

You can opt out of Risk Stratification, just let us know (you can change your mind at any time by informing us).

 

Invoice Validation

If you have received treatment within the NHS your personal information may be shared within a strictly monitored, secure and confidential environment in order to determine which Clinical Commissioning Group should pay for the treatment or procedure you have received.

Information such as your name, address and date of treatment my be passed onto enable the billing process.  These details are held in a secure environment and kept confidential.  This information will only be used to validate invoices, and will not be shared for any other commissioning purposes.

Access to personal information

You have a right under the Data Protection Act 1998 to access/view what information the surgery holds about you, and to have it amended or removed should it be inaccurate. This is known as ‘the right of subject access’. If we do hold information about you we will: 


 

o    give you a description of it;

o    tell you why we are holding it;

o    tell you who it could be disclosed to; and

o    let you have a copy of the information in an intelligible form.

 

If you would like to make a ‘subject access request’ please contact the practice manager in writing.  If you would like further information about how we use your information, or if you do not want us to use your information in this way, please contact the Practice Manager.

Information Access and Rights

Data protection law provides you with a number of rights that the practice is committed to supporting you with;

 

Right to Access

 

You have the right to obtain:

  • Confirmation that your information is being used, stored or shared by the practice
  • A copy of information held about youWe will respond to your request within one month of receipt or will tell you when it might take longer.We are required to validate your identity including the identity of someone making a request on your behalf​. We mainly use, store and share your information because we are permitted in order to deliver your healthcare but you do have a right to object to us doing this.Where we are using, storing and sharing your information based on explicit consent you have provided, you have a right to withdraw that consent at any time.Our Data Protection Officer will be happy to speak with you about any concerns you have.
  • Right to Correction ​​Right to Complain
  • For more detailed information on your rights visit https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
  • You also have the right to make complaints and request investigations into the way your information is used. Please contact our Data Protection Officer or visit the link below for more information.
  • We will respond to your request within one month of receipt or will tell you when it might take longer. 
  • There may be occasions, where we are required by law to maintain the original information – our Data Protection Officer will talk to you about this and you may request that the information is not used during this time

If information about you is incorrect, you are entitled to request that we correct it.​​

Right to Object or Withdrawn Consent

We mainly use, store and share your information because we are permitted in order to deliver your healthcare but you do have a right to object to us doing this.

Where we are using, storing and sharing your information based on explicit consent you have provided, you have a right to withdraw that consent at any time.

Our Data Protection Officer will be happy to speak with you about any concerns you have.

 

Right to Correction

If information about you is incorrect, you are entitled to request that we correct it

 

There may be occasions, where we are required by law to maintain the original information – our Data Protection Officer will talk to you about this and you may request that the information is not used during this time

We will respond to your request within one month of receipt or will tell you when it might take longer.

 

 Right to Complain

 

You also have the right to make complaints and request investigations into the way your information is used. Please contact our Data Protection Officer or visit the link below for more information.

For more detailed information on your rights visit https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

 



Call 111 when you need medical help fast but it’s not a 999 emergencyNHS ChoicesThis site is brought to you by My Surgery Website