Nobody outside the practice has access to any of your identifiable data without your consent and within the practice all our staff are trained to respect the rules of confidentiality. Nobody has the right to view your record except on a ‘need to know’ basis, for instance if inputting data or answering a query from the patient. Any breach of our strict data rules would result in dismissal and possibly further action. Any computer engineers or outside health professionals requiring access to the records sign a security agreement before they are allowed access.
In summary:
- Everyone looking at your record, whether on paper or computer, must keep the information confidential.
- We will aim to share only as much information as people need to know to play their part in your healthcare.
- When we provide health care, we will share the appropriate amount of your record with the people providing and supporting your care or checking its quality (unless you have asked that we limit how we share your record).
We will not share health information that identifies you for any reason, other than providing your direct care, unless:
- You ask us to do so;
- We ask and you give us specific permission;
- We have to do so by law;
- We have special permission for health or research purposes; or
- We have special permission because the public good is thought to be of greater importance than your confidentiality.
Special Cases in Law
The law can require us to share information from your medical records in certain circumstances. Information is shared so that the NHS or Public Health England can, for example:
- plan and manage services;
- check that the care being provided is safe;
- prevent infectious diseases from spreading.
We will share information with NHS Digital, the Care Quality Commission and local health protection team (or Public Health England) when the law requires us to do so.
Dr Selwyn acts as the GP responsible for ensuring data security and probity at this practice, Caldicott Lead and Ms Amanda Ure, the Practice Manager is Senior Information Risk Owner (SIRO), ensuring all our systems and procedures are data-safe.