Patient Privacy Notice
PRIVACY NOTICE FOR PATIENTS
What is a Privacy Notice?
A Privacy Notice (or ‘Fair Processing Notice’) is an explanation of what information an organisation collects on patients, and how it is used and shared. Being transparent and providing clear information to patients about how an organisation uses their personal data is an essential requirement of the Data Protection Act 1998 and General Data Protection Regulations 2018.
This privacy notice is issued by Probus Surgical Centre as a healthcare provider, and covers the information we hold about our patients and other individuals that may use our services.
Why have we issued this privacy notice for our patients and service users?
By issuing this privacy notice, we demonstrate our commitment to openness and accountability. We recognise the importance of protecting personal and confidential information in all that we do, and take care to meet our legal and other duties, including compliance with the following:
- Data Protection Act 1998
- Human Rights Act 1998
- Common Law Duty of Confidentiality
- Health and Social Care Act 2012, 2015
- NHS Codes of Confidentiality and Information Security
- Access to Health Records Act 1990
- Computer Misuse Act 1990
- NHS Care Records Guarantee for England
- Records Management Code of Practice
- Accessible Information Standards
- General Data Protection Regulations 2018
How do we collect your information?
Your information could be collected in a number of different ways. This might be from a referral made by your GP or another healthcare professional you have seen, or perhaps directly from you – in person, over the telephone or on a form you have completed.
What information do we collect?
The information that we collect about you may include details such as:
- Name, address, telephone, email, date of birth and next of kin
- Any contact we have had with you through appointments and attendances
- Details and records of treatment and care, notes and reports about your health, including any allergies or health conditions
- Results of x-rays, scans, blood tests, etc
We may also collect other information about you, such as your sexuality, race or ethnic origin, religious or other beliefs, and whether you have a disability or require any additional support with appointments (like an interpreter or advocate).
It is important that you tell the person treating you if any of your details such as your name or address have changed or if any of your details such as date of birth is incorrect in order for this to be amended. You have a responsibility to inform us of any changes so our records are accurate and up to date for you.
Why do we collect your information?
We collect personal and confidential information about you to support with the delivery of appropriate healthcare and treatment. In order to provide you with high quality care, we must keep records about you, your health and the care that we provide, or plan to provide to you. It is important for us to have a complete picture as this information enables us to provide the right care to meet your individual needs.
How do we keep your information safe and maintain confidentiality?
We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Data Protection Act 1998, General Data Protection Regulations 2108 (which is overseen by the Information Commissioner’s Office), Human Rights Act, the Common Law Duty of Confidentiality, and the NHS Codes of Confidentiality and Security. Every staff member who works for an NHS organisation has a legal obligation to maintain the confidentiality of patient information.
Your information may be stored within electronic or paper records, or a combination of both. All our records are restricted so that only those individuals who have a need to know the information can get access. This might be through the use of technology or other environmental safeguards.
Every organisation has a senior person that is responsible for protecting the confidentiality of your information and enabling appropriate sharing. This person is known as the The Caldicott Guardian and Data Controller and this role sits with Dr Simon Purchas within Probus Surgical Centre.
All of our staff receive appropriate and regular training to ensure they are aware of their personal responsibilities and have legal and contractual obligations to uphold confidentiality, enforceable through disciplinary procedures.
Probus Surgical Centre is registered as a data controller under the Data Protection Act 1998. The registration number is Z2802557 and can be viewed online in the public register at http://www.ico.gov.uk/
How do we use your information and why is this important?
We use your information to ensure that:
- The right decisions are made about your care
- Your treatment is safe and effective; and
- We can work well with other organisations that may be involved in your care
This is important because having accurate and up to-date information will assist us in providing you with the best possible care. It also ensures that all information is readily available if you see another health professional or specialist within our trust or another part of the NHS.
The Health and Social Care Act 2012 changed the way that personal confidential data is processed, therefore it is important that our patients are aware of and understand these changes, and that you have an opportunity to object and know how to do so.
Probus Surgical Centre collects and holds data for the sole purpose of providing healthcare services to our patients and we will ensure that the information is kept confidential. However, we can disclose personal information if:
- It is required by law
- You provide consent – either implicitly or for the sake of their own care, or explicitly for other purposes
- It is justified to be in the public interest
Information may be used for clinical audit purposes to monitor the quality of service provided, and may be held centrally and used for statistical purposes. Where we do this, we ensure that patient records cannot be identified.
If you provide us with your mobile phone number we may use this to send you reminders about any appointments or contact you regarding any procedures that you may be having.
Do we share your information with anyone else?
To help provide you with the best possible care, sometimes we will need to share your information with others. However, any sharing of information will always be governed by specific rules and laws. We may share your information with a range of health and social care organisations and regulatory bodies. You may be contacted by any one of these organisations for a specific reason, and they will have a duty of telling you why they have contacted you.
Sharing with other organisations
If you have received treatment within the NHS your personal information may be shared within a strictly monitored, secure and confidential environment in order to determine which Clinical Commissioning Group should pay for the treatment or procedure you have received.
Information such as your name, address and date of treatment may be passed on to enable the billing process – these details are held in a secure environment and kept confidential. This information will only be used to validate invoices, and will not be shared for any further commissioning purposes.
We outsource some IT support services to external organisations. These companies are based within the UK and all services are provided under specific contractual terms, which are compliant with UK data protection legislation. Only organisations with a legitimate requirement will have access to your information and only under strict controls and rules.
We will not sell your information for any purpose, and will not provide third parties with your information for the purpose of marketing or sales.
Do you have the right to withhold or withdraw your consent for information sharing?
Should you have any concerns about how your information is managed, or wish to opt out of any data collection at Probus Surgical Centre, please contact us on 01726 885104 to discuss how the disclosure of your personal information can be limited. Patients also have the right to change their minds and reverse a previous decision.
How can you get access to the information that we hold about you?
Under the terms of the Data Protection Act 1998 and the General Data Protection Regulations 2018, you have the right to request access/view the information that we hold about you and to have it amended or removed should it be inaccurate. This is known as ‘the right of subject access’.
If we do hold information about you we will:
- give you a description of it
- tell you why we are holding it
- tell you who it could be disclosed to
- let you have a copy of the information in an intelligible form
If you would like to make a ‘subject access request’, please contact the senior surgical manager in writing.
A copy of this privacy notice is also available via our public website.
How can you contact us with queries or concerns about this privacy notice?
If you have any queries or concerns regarding the information that we hold about you or you have a question regarding this privacy notice, please contact the senior surgical manager on 01726 885104