NEW - Date Protection Act 2018 & GDPR
A new Data Protection Bill ("DPB") in the UK will enact the General Data Protection Regulations with effect from 25 May 2018. The Information Commissioners Office, responsible to regulating data use in the UK, has stated that the introduction of the new legislation is “the biggest change to data protection law for a generation".
They have advised that their primary focus will be safeguarding customer and client data, and most organisations have good grounds for requesting, retaining and processing employee data. However, this does not exempt GP practices from having to comply. In addition to the financial risks of the practice not complying with data protection law, individuals will also have greater rights to challenge the organisation’s use of their data, which could lead to costly legal action.
Richmond Medical Centre is a data controller and has a legal duty, in line with the General Data Protection Regulation (GDPR), to explain why it is using patient data and what data is being used and processed.The practice will provide guidance and support to help those to whom it applies understand their rights and responsibilities under this policy.
Everyone should be aware of the practice privacy notice and be able to advise patients, their relatives and carers what information is collected, how that information may be used and with whom the practice will share that information.
The first principle of data protection is that personal data must be processed fairly and lawfully. Being transparent and providing accessible information to patients about how their personal data is used is a key element of the General Data Protection Regulation.
Please refer to the following documents for more information of how we use your data:
Richmond Medical Centre Privacy Notice
Richmond Medical Centre Fair Processing Notice
Freedom of Information
Information about the General Practioners and the practice required for disclosure under this act can be made available to the public. All requests for such information should be made to the practice manager.
Access to Records
In accordance with the Data Protection Act 1998 and Access to Health Records Act, patients may request to see their medical records. Such requests should be made through the practice manager and may be subject to an administration charge. No information will be released without the patient consent unless we are legally obliged to do so.
We make every effort to give the best service possible to everyone who attends our practice.
However, we are aware that things can go wrong resulting in a patient feeling that they have a genuine cause for complaint. If this is so, we would wish for the matter to be settled as quickly, and as amicably, as possible.
To pursue a complaint please contact the practice manager who will deal with your concerns appropriately. Further written information is available regarding the complaints procedure from reception.
The NHS operate a zero tolerance policy with regard to violence and abuse and the practice has the right to remove violent patients from the list with immediate effect in order to safeguard practice staff, patients and other persons. Violence in this context includes actual or threatened physical violence or verbal abuse which leads to fear for a person’s safety. In this situation we will notify the patient in writing of their removal from the list and record in the patient’s medical records the fact of the removal and the circumstances leading to it.