GP Practice GP Practice GP Practice

Data protection

Updated on 9th October 2012 at 8:23 am

By

How we use your information

Our GP practice holds information about you, the information below outlines how that information is used, with whom we may share that information, how we keep it secure (confidential) and what your rights are in relation to this.

The Health Care Professionals (HCP) who provide you with care, maintain records about your health and any treatment or care you have received previously (e.g. NHS Trust, GP surgery, Community clinics or staff etc.).  These records help to provide you with the best possible healthcare.

NHS health records may be electronic, on paper or a mixture of both and we use a combination of working practices and technology to ensure that your information is kept confidential and secure.

What kind of information do we use?

  • Details about you, such as address and next of kin and carer information etc
  • Any contact the surgery has had with you such as appointments, clinic visits, emergency appointments and so on
  • Notes and reports about your health
  • Details about your treatment and care
  • Results of investigations such as laboratory tests, x-rays etc.
  • Relevant information from other HCPs, relatives or those who care for you

To ensure you receive the best possible care, your records are used to facilitate the care you receive.  Information held about you may be used to help protect the health of the public and to help us manage the NHS.  Information may be used for clinical audit to monitor the quality of the service provided and to plan NHS services.

Some of this information will be held centrally and used for statistical purposes.  Where we do this, we take strict measures to ensure that individual patients cannot be identified.

Sometimes your information may be requested to be used for research purposes – the surgery or organisation concerned will always endeavour to gain your consent before releasing the information.

The NHS Care Record Guarantee for England sets out the rules that govern how patient information is used in the NHS and what control patients can have over this.

The NHS Constitution https://www.gov.uk/government/publications/the-nhs-constitution-for-england establishes the principles and values of the NHS in England. It sets out rights to which patients, public and staff are entitled, and pledges which the NHS is committed to achieve, together with responsibilities, which the public, patients and staff owe to one another to ensure that the NHS operates fairly and effectively.

 

What do we use your personal and confidential/sensitive information for?

 We can only use any information that may identify you (known as personal information) in accordance with the Data Protection Act 1998 and other laws such as the Health and Social Care Act 2012. http://www.legislation.gov.uk/ukpga/1998/29/contents and http://www.legislation.gov.uk/ukpga/2012/7/contents/enacted, however only the minimum necessary identifiers are used in processing personal information for the purpose. We also have a Common Law Duty of Confidentiality to protect your information. This means that where a legal basis for using your personal or confidential information does not exist, we will not do so.

 

Apart from direct health care sensitive personal information may also be used in the following cases:

  • To respond to patients, carers or Member of Parliament communication
  • We have received consent from individuals to be able to use their information for a specific purpose.
  • There is an over-riding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime.
  • There is a legal requirement that will allow us to use or provide information (e.g. a formal court order).
  • For the health and safety of others, for example to report an infectious disease such as meningitis or measles.
  • We have special permission for health and research purposes (granted by the Health Research Authority).
  • We have special permission called a ‘section 251 agreement’ (Section 60 of the Health and Social Care Act 2001 as re-enacted by Section 251 of the NHS Act 2006) which allows the Secretary of State for Health to make regulations to set aside the common law duty of confidentiality for defined medical purposes. An example of where this is used is in risk stratification. Further information can be found on the Health Research Authority’s web site here http://www.hra.nhs.uk/about-the-hra/our-committees/section-251/what-is-section-251/

 

Risk Stratification

Risk stratification tools are increasingly being used in the NHS to help determine a person’s risks of suffering from a particular condition, preventing an unplanned or (re)admission and identifying a need for preventative intervention.  Information about you is collected from a number of sources including NHS Trusts and from this GP Practice.   A risk score is then arrived at through an analysis of your anonymised information using software managed by North of England Commissioning Support Service (NECS), which is based at John Snow House, Durham, DH1 3YG. The data is provided back to the GP Practice or member of your care team in an identifiable form. Risk stratification enables your GP Practice to focus on the prevention of ill health and not just the treatment of sickness.  If necessary, your GP Practice may be able to offer you additional services.

 

Should you have any concerns about how information is managed at your GP Practice, please write to the Practice Manager so you can discuss how the disclosure of your personal information can be limited.