Data. North Beverley Medical Centre, Pighill Lane, Off Woodall Way, Beverley, East Yorkshire, HU17 7JY

North Beverley Medical Centre

Pighill Lane
Off Woodall Way
BEVERLEY
HU17 7JY
Telephone: 01482 882546

Medical Emergencies dial 999

Out of Hours:  dial  111

Logo Providing NHS services

Data Protection & Privacy

Data Protection Officer

At North Beverley Medical Centre, we prioritise your privacy and the security of your personal data. Our practices comply with GDPR, the Data Protection Act 2018, and other relevant regulations.

Our DPO ensures compliance with data protection laws. Contact:

General Data Protection Regulations (GDPR)

We process your data lawfully, fairly, and transparently. More information is available on the ICO GDPR page.

doctor, doctor's consultation, check up

Summary Care Records

Your Summary Care Record contains essential health information for your care. You can opt-out if you do not want your information shared. More details are available on the NHS Summary Care Records page:

Type 1 Data Opt-out

You can opt-out of sharing your data for purposes beyond your individual care. To opt-out, submit the Type 1 Data Opt-Out Form.

>> Type 1 Data Opt-out Form>> HOW DATA HELPS THE NHS

Summary Care Records Additional Information
(SCRAI)

Opt-in to share additional information for enhanced care. Details and opt-out forms are available on the NHS SCR Additional Information page.

>> NHS ADDITIONAL INFORMATION

Confidentiality

We ask for your personal information so that you can receive appropriate care and treatment

This information is recorded on computer and we are registered under the Data Protection Act. The practice will ensure that patient confidentiality is maintained at all times by all members of the practice team.

Sometimes it is necessary for the effective functioning of a multi-disciplinary team to share information within that team. More information on this and your health record is detailed below.

All patients have a right to access their health records. Contact the practice if you wish to have access.

The surgery confidentially records details of your consultations, medication and letters on an electronic clinical system. This is only shared with other organisations with your consent, although some relevant information may be shared with other health professionals when we refer you for further treatment.
Reception and administrative staff may require access to your medical record in order to carry out their role. These members of staff are bound by the same rules on confidentiality as their clinical colleagues. Identifiable information about you will be shared with others in the following circumstances: 

  • to provide further medical treatment eg district nurses & hospital services.
  • to obtain other services e.g social workers. This requires your consent.
  • when we have a duty to others e.g in a child protection case

There have been developments to allow other healthcare professionals access to your records to improve the care you receive elsewhere.

Some data was uploaded to your Summary Care Record and this allowed hospitals and other healthcare providers, with your consent) to see limited but important information such as significant illnesses, repeat medication and allergies.

NHS England have also put a system in place to enable the NHS to use health information, sent from your record to a secure system along with your postcode and NHS number - but not your name. This allows those planning NHS services or carrying out medial research to use information from different parts of the NHS in a way which does not identify you.

If you have any concerns or wish to prevent this from happening, please let the practice know of visit the Care Data website page.

National Data Opt-out

You can choose whether your confidential patient information is used for research and planning. To opt-out, visit the NHS National Data Opt-Out page.

Access to Health Records

You have the right to access your health records. To request access, fill out our Subject Access Request Form.

>> VIEW YOUR GP HEALTH RECORD

Freedom of Information (FOI)

The Practice has a Freedom of  Information (FOI Policy)

>> pRACTICE FOI (UPDATING)

Accessible Information Standard

We comply with the Accessible Information Standard to ensure that patients with disabilities have access to information in a way they can understand. For more details, visit the NHS Accessible Information Standard page.

Privacy Notice

Our Privacy Notice details how we collect, use, and protect your data:

  • Purpose of Data Collection
  • Data Sharing
  • Your Rights
>> PRIVACY NOTICE

Consent Forms

Patients can download and submit consent forms for various purposes

>> scr opt-out form

Caldicot Guardian

The Practice has a Freedom of  Information (FOI Policy)

>> DPO@N3I.CO.UK>>Phone DPO 0300 002 001

General Data Protection Regulations

GDPR

Computer disk montage with keyboard

The GDPR is similar to the Data Protection Act (DPA) 1998 (which the practice already complies with), but strengthens many of the DPA’s principles. The main changes are:

Where we need your consent to process data, this consent must be freely given, specific, informed and unambiguous.

There are new protections for patient data:

  • Practices must comply with subject access requests.
  • Where we need your consent to process data, this consent must be freely given, specific, informed and unambiguous.
  • The Information Commissioner’s Office must be notified within 72 hours of a data breach.
  • Higher fines for data breaches – up to 20 million euros.
Subject Access Requests

Due to the Covid-19 pandemic there could be a delay of up to 90 days for all subject access requests

The Information Commissioner's Office has confirmed that penalties will not be issued for delays in fulfilling a subject access request.

Please click the following button to access our Online Services options

PRACTICE ONLINE SERVICES

The General Data Protection Regulations allows you to find out what information is held about you including information held within your medical records, either in electronic or physical format. This is known as the “right of subject access”. If you would like to have access to all or part of your records, you can make a request in writing. 

You will need to give adequate information (for example full name, address, date of birth, NHS number and details of your request) so that your identity can be verified. You should however be aware that some details within your health records may be exempt from disclosure, however this will in the interests of your wellbeing or to protect the identity of a third party.

 If you wish to have access to your medical records, please contact the surgery

Consent 
We define consent as “any freely given specific and informed indication of wishes by which the data subject signifies their agreement to personal data relating to them being processed.”

This is to protect your right to privacy, and we may ask you to provide consent to do certain things, like contact you or record certain information about you for your clinical records. Individuals also have the right to withdraw their consent at any time.


Privacy Notice One of the requirements of this legislation is that all organisations that hold personal data, whether that be data concerning patients, customers or employees, must make their policies and processes around personal information available in the form of a Privacy Notice. 
PRIVACY NOTICE
Confidentiality 
Your confidentiality is very important to us, all NHS staff are bound by law and a strict code of confidentiality and we have strict controls in place to protect your information.

The Surgery's Caldicott Guardian, Dr Andrew Fellows, is responsible for ensuring patients' confidentiality is respected. The GDPR also requires organisations to register a notification with the Information Commissioner to describe the purposes for which they process personal and sensitive information. This information is publicly available on the Information Commissioners Office (ICO) and the practice is registered with them.
ICO website
Our Data Protection Officer is TBA. Our Data Controller, responsible for keeping your information secure and confidential is TBA