Relevant information from other health and social care professionals, relatives or those who care for you.We will hold your information on computers and paper and we use a combination of sound working practices and technology to ensure that your information is kept confidential and secure. We will protect your information by: -
Training – staff are trained to understand their duty of confidentiality and their responsibilities regarding the security of information both on our premises and when out in the community.
Access controls – any member of staff using computer systems holding patient information will be given their own user name and password to access your information.
Audit trails – we will keep a record of anyone who has accessed your health record or added to your record.
Records Management – all healthcare records are stored confidentially and in secure locations.
Computer Controls – We have complex security controls to ensure our computers cannot be accessed by those not authorised to do so – such as hackers
How do we use your Information?
To ensure you receive the best possible care your records are used to provide staff with details about your health, care and treatment and what is needed for your future progress or health management. We will also use your information to monitor the quality of the service provided and to protect the health of the public (for example, where we can see a measles outbreak). We will also use your information to help us manage the NHS and for statistical purposes, and sometimes your information may be used for research purposes. Where we do this, we take strict measures to ensure that individual patients cannot be identified
We are committed to protecting your privacy and will only use information collected in accordance with the law and standards of work such as: -
- Data Protection Act
- General Data Protection Regulations
- Human Rights Act 1998
- Common Law Duty of Confidentiality
- Health & Social Care Act 2012
- NHS Code of Confidentiality, Information Security and Records Management
If you are a Welsh resident who has received treatment by an NHS care provider in England, your information will be shared back into NHS Wales in order to verify and combine with your information held in Wales. That information will be used by the Health Board/Trust to identify you and validate what care was provided.
Every member of staff who works for the NHS has a legal obligation to keep information about you confidential and secure. There are times when it is appropriate to share information about you and your healthcare with others such as, GPs and Social Care. The need to share relevant information is to help us work together for your benefit. Where we have a contract in place, it may be necessary to share your information with third parties such as oxygen suppliers and voluntary organisations. There may also be exceptional circumstances where your information is disclosed particularly in life or death situations or where the law requires information to be disclosed. We will use the information provided to us such as email address, telephone number, postal address to contact you by means of letter, email, text message etc.
We will hold your data in accordance with the law and the Practice has a Retention Schedule detailing the length of time we hold your records.
As part of the Data Protection Act you have a number of rights including:
Being able to request access to view or to obtain copies of what information the Practice holds about you. This is known as a Subject Access Request.
You also have the right to have information about you amended should it be inaccurate. For more information, please refer to: https://nwis.nhs.wales/files/services/your-information-your-rights/
Should you wish to make a Subject Access Request or have you information amended, please contact the Surgery to request. Should you have any concerns about how your information is managed within the Practice please contact the Data Protection Officer. If you believe your information is being viewed, used or disclosed inappropriately please contact the Data Protection Officer to discuss your concerns or request an investigation.
Should you have any queries, please contact the Data Protection Officer, Practice Manager Mrs Anne Dunn on: - Telephone numbers: 029 20887316. This person is your point of contact for any concerns regarding the use of your information.
If you are still unhappy following a review by the Data Protection Officer you can then contact the
Information Commissioner's Office,
Wycliffe House, Water Lane,
Telephone: 0303 123 1113
Fax: 01625 524510Or via their website (www.ico.gov.uk).