How we use your medical records
What information do we collect about you?
We only collect the information (“data”) that we need to help us keep you healthy – such as your name, address, next of kin, records of appointments, visits, telephone calls, your health record, treatment and medicines, test results, X-rays and any other information to enable us to care for you.
How do we use your information?
We share your medical records with other health professionals who are involved in providing you with care and treatment. This is only ever on a need-to-know basis and event by event.
Some of your data is automatically copied to the Shared Care Summary Record*
We share some of your data with local out-of-hours provider
Data about you is used to manage national screening campaigns such as flu, cervical cytology and diabetes prevention.
Your data about you is used to manage the NHS and make payments.
We share information when the law requires us to, for instance when we are inspected or reporting certain illnesses or safeguarding vulnerable people.
Your data is used to check the quality of care provided by the NHS.
We may also share medical records for medical research
How to access your records?
We encourage patients to sign up to online services (Patient Access) where you can also access your medical records. Please ask our receptionist for more details.
If you want to see what is written about you, you have a right to access the information we hold on you, but you will need to complete a form called Subject Access Request (SAR). Please ask at reception for a SAR form and you will be given further information. You can also find SAR form on our website (www.theexchangesurgery.com). You can request to view only certain parts of your records if you prefer.
Furthermore, should you identify anything in your record which is incorrect, you have the right to have the inaccurate data corrected.
Don’t want to share?
All our patients can choose not to share their information. Should you wish to opt out of data collection, please contact a member of staff, alternatively, please see: https://digital.nhs.uk/services/national-data-opt-out-programme
Have a question?
If you have any questions, ask a member of the surgery team. You can:
Contact the practice’s data controller via email at firstname.lastname@example.org. GP practices are data controllers for the data they hold about their patients
Ask to speak to the practice manager Lucie Lehane
Data Protection Champion for The Exchange Surgery is Lucie Lehane, Practice Manager
If you’re not happy about how we manage your information
We really want to make sure you’re happy, but we understand that sometimes things can go wrong. If you are unhappy with any part of our data-processing methods, you can complain. For more information, visit ico.org.uk and select ‘Raising a concern’.
We always make sure the information we give you is up-to-date. Any updates will be published on our website, in our newsletter and leaflets, and on our posters. This policy will be reviewed in May 2019.
For more information see NHS Lambeth CCG Fair Processing Notice
*A Summary Care Record is a way of telling health and care staff important information about a person. It tells staff caring for someone about their medicines and allergies. This means they can look after the person if they are not at their usual doctor’s surgery.
LOCAL CARE RECORDS
We are one of pilot practices taking part in this exiting project. Local Care Records enables real time sharing and viewing of patient information with local acute (Kings College Hospital and Guys and St.Thomas' Hospital) and mental health trust (Maudsley Hospital). This should deliver huge benefits to healthcare professionals and patients.
NHS Digital has a statutory role to collect and process health and social care information which is set out in the Health and Social Care Act 2012.
NHS Digital's fair processing materials, available at http://content.digital.nhs.uk/patientconf explain and provide further information on:
- what NHS Digital collects - the types of information the NHS Digital collects and what it's used for
- personal information choices - people's rights regarding care information
- information requests from organisations - how organisations can ask NHS Digital to collect or provide access to care information
- assurance bodies and processes - how the information requests NHS Digital receive are carefully looked at
- examples of benefits that have been realised through the provision of such information including case studies involving breast cancer and diabetes that are available at: http://content.digital.nhs.uk/benefitscasestudies/extracts
The NHS Digital is absolutely committed to keeping all of the data it handles safe and secure and applies the same principle to any data that is released outside of the organisation.
Information is only ever shared with organisations that have gone through a strict application process, who can demonstrate they have a legitimate reason to access the data to use it for the benefit of health and care purposes, as per the new protections introduced as part of the Care Act 2014, and who have signed a legally binding agreement. So for example commercial companies cannot receive information for insurance or marketing purposes.
As part of the application process the Data Access Advisory Group, an independent group, hosted by the NHS Digital, considers all applications for data that are identifiable or de-identified for limited access.
The NHS Digital also regularly publishes a register of data releases at: http://content.digital.nhs.uk/dataregister showing where data has been released, to which organisation and for which purposes.
If your patients do require any further information that is not already covered within our web pages we can be contacted by email at email@example.com or by phone on 0300 303 5678.