Confidentiality & GDPR
What is GDPR?
GDPR stands for General Data Protection Regulations and is a piece of legislation that superseded the Data Protection Act 1998 on Friday 25th May 2018. It not only applies to the UK and EU; it covers anywhere in the world in which data about EU citizens is processed.
The GDPR is similar to the Data Protection Act (DPA) 1998 (which the practice already complies with), but strengthens many of the DPA’s principles. The main changes are:
- Practices must comply with subject access requests.
- Where we need your consent to process data, this consent must be freely given, specific, informed and unambiguous.
- There are new, special protections for patient data.
- The Information Commissioner’s Office must be notified within 72 hours of a data breach.
- Higher fines for data breaches – up to 20 million euros.
- PLEASE SEE BELOW DOCUMENTS FOR FURTHER INFORMATION
- Basic Patient Leaflet - Your personal Information
- Comprehensive Patient Information Leaflet
- Freedon of Information Policy
- GDPR Patient Leaflet
- GDPR Subject Access Request Form
- GDPR Subject Access Request Policy
- Data Security and Protection Information
- Information Governance Policy
- Online Services Form
- Practice Privacy Notice
- Simple Practice Privacy Notice
Health & Care Records (HIE) (Health Information Exchange)
We are joining up your health and care records to improve the local services you receive. What does this mean for you?
Being able to see your health and social care records at any time and in different places means health and care professionals can make quicker and safer decisions about your care
Health and care professionals have shared information on paper for many years – we now plan to do this using digital technology.
GP practices and other health and care organisations are joining up the electronic records of all adults and children across Barnet, Camden, Islington, Enfield and Haringey (north central London) so that those delivering care can understand all your needs and make the best decisions about your care with you.
If you do not want to be part of this, you can opt out by clicking this link /media/content/files/GDPR 2020 PROTOCOLS/Health Information Exchange Opt Out Form.pdf Complete this form and send back to: FREEPOST NLP - JOINED UP CARE RECORD (no postcode required
You can read more about this programme at: https://www.northlondonpartners.org.uk/ourplan/Areas-of-work/Digital/Info-residents/
We have updated our privacy notice, which can be seen on our website - SEE BELOW DOCUMENT
Health Information Exchange (HIE) Privacy Notice
CQRS DATA EXTRACTION
This practice is supporting vital coronavirus (COVID-19) planning and research by sharing your data with NHS Digital. For more information about this see the General Practice Transparency Notice for GPES Data for Pandemic Planning and Research (COVID-19). See link below for further information
Useful Links
- For more detailed information see the Information Commissioner’s Office (ICO) website.
- Understanding Patient Data - An Introduction to the GDPR – and what it means for patient data.