GDPR - General Data Protection Regulation
The new General Data Protection Regulation (GDPR) legislation came into effect on 25th May 2018. As such, we wanted to let you know how our practice uses your data in compliance with this new legislation.
Your data, privacy and the law: how we use your medical records.
- This practice handles medical records according to the laws on data protection and confidentiality.
- We share medical records with health professionals who are involved in providing you with care and treatment. This is on a need to know basis and event by event.
- Some of your data is automatically copied to the Shared Care Summary Record.
- We do share some of your data with hospitals; local out of hours; emergency services; Liverpool CCG and other outside agencies when required.
- Data about you is used to manage national screening and vaccination campaigns such as seasonal flu; cervical cytology; breast screening and diabetes prevention.
- Data about you, usually de-identified, is used to manage the NHS and make payments.
- We share information when the law requires us to do so, for example: when we are inspected or reporting certain illnesses or safeguarding vulnerable people.
- Your data is used to check the quality of care provided by the NHS.
- We may also share medical records for medical research.
More detailed information on how we use your data in specific areas can be found in the following documents:
CQC (Care Quality Commission) GDPR Notice
Direct Patient Care GDPR Notice
Emergencies - GDPR Privacy Notice
NHS Digital Privacy Statement
Practice Payment Privacy Notice
Public Health Authorities Privacy Notice
Risk Stratification Privacy Notice
Safeguarding Privacy Notice
Screening Process Privacy Notice
Summary Care Record Privacy Statement
NHSBSA (NHS Business Services Authority) Privacy Notices (Website)