Loading...

This site uses cookies to store information on your computer. Some cookies on this site are essential, and the site won't work as expected without them. Read More

St Johns Surgery

 

St John’s Surgery and Your Information

St John’s Surgery takes your privacy very seriously. We are registered with the Information Commissioner’s Office as a Data Controller and

our registration number is ZA036702.

 

If you have any questions or wish to make a request in relation to your information, please contact us at;

 

St John’s Surgery
Main Road
Terrington St John
PE14 7RR

 

For the attention of: Data Protection Officer

 

Or email our Data Protection Officer at emma.cooper35@nhs.net

 

St John’s Surgery aims to provide you with the highest quality health care. To do this we must keep records about you, your health and the

care we have provided or plan to provide to you.

Your doctor and other health professionals caring for you, such as nurses or physiotherapists, keep records about your health and treatment

so that they are able to provide you with the best possible care.

 

These records are called your ‘health care record’ and may be stored in paper form or on computer and electronic systems and may include Personal Data;

  • basic details about you, such as address, date of birth, NHS number, and next of kin

as well as Sensitive Personal Data;

  • contact we have had with you, such as clinical visits
  • notes and reports about your health
  • details and records about your treatment and care
  • results of x-rays, laboratory tests etc.

Healthcare providers are permitted to collect, store, use and share this information under Data Protection Legislation which has a specific

section related to healthcare information.

What do we do with your information?

  • Refer you to other healthcare providers when you need other service or tests
  • Share samples with laboratories for testing (like blood samples)
  • Share test results with hospitals or community services (like blood test results)
  • Allow out of hours GPs to look at your practice record when you go to an appointment
  • Send prescriptions to a pharmacy
  • Patients are texted in relation to healthcare service
  • Samples are provided to the courier for delivery to pathology
  • Share reports with the coroner
  • Receive reports of appointments you have attended elsewhere such as with the community nurse or if you have had a stay in hospital

Click HERE for a list of the partners that we share with.

 

 

What else do we do with your information?

Along with these activities that allow us to provide health care to you, we use information in other ways which allow us to ensure that care is

safe and to provide data for the improvement and planning of services.

  • Quality / payment / performance reports are provided to service commissioners
  • As part of clinical research – information that identifies you will be removed, unless you have consented to being identified
  • Undertaking clinical audits within the Centre
  • Supporting staff training
  • Incident and complaint management

CCTV

CCTV is in place in the reception area and the corridor area of our practice.

It has been installed solely for the safety and security of our patients and staff, to prevent and deter crime.

Images are recorded 24 hours a day and stored on the hard drives of the recording devices that are situated in secure areas and only the

practice managers and those delivering technical support services will have access to the system.

The CCTV only records images and does not record audio.

All CCTV recordings are stored on our recording devices for 14 days before being deleted.

There are signs in the practice telling you that CCTV is in place.

We will only ever share information with the relevant authorities in connection with the safety and security of patients and staff and will not

share with any other third parties.

Visitors to the practice have the right to request to see images of themselves on CCTV as part of a request made under the privacy legislation.

Like all subject access requests, it should be made in writing.

We have followed the CCTV guidelines produced by the Information Commissioners’ Office.

Telephone Recording

This practice records the calls coming into and going out of the practice.

It has been installed solely for training and monitoring purposes.

Recordings are retained and stored on the hard drives of the recording devices that are situated in secure areas and only the practice

manager and those delivering technical support services will have access to the system.

 

Sharing when Required by Law

Sometimes we will be required by law to share your information and will not always be able to discuss this with you directly. Examples might

be for the purposes of detection or prevention of crime, where it is in the wider public interest, to safeguard children or vulnerable adults or

where required by court order.

Information Access and Rights

Data protection law provides you with a number of rights that the practice must support you with.

Right to Access

You have the right to obtain:

  • confirmation that your information is being used, stored or shared by the practice
  • a copy of information held about you

We will respond to your request within one month of receipt or will tell you when it might take longer.

We are required to validate your identity including the identity of someone making a request on your behalf

 

Right to Object or Withdrawn Consent

We mainly use, store and share your information because we are permitted in order to deliver your healthcare but you do have a right to

object to us doing this.

Where we are using, storing and sharing your information based on explicit consent you have provided, you have a right to withdraw that

consent at any time.

Our Data Protection Officer will be happy to speak with you about any concerns you have.

 

 

Right to Correction


If information about you is incorrect, you are entitled to request that we correct it

There may be occasions, where we are required by law to maintain the original information – our Data Protection Officer will talk to you about

this and you may request that the information is not used during this time.

We will respond to your request within one month of receipt or will tell you when it might take longer.

 

We will respond to your request within one month of receipt or will tell you when it might take longer.

Complaints

You also have the right to make complaints and request investigations into the way your information is used. Please contact our

Data Protection Officer or visit the link below for more information.

For more detailed information on your rights visit 

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

 

 

Case Finding

Sometimes your information will be used to identify whether you need particular support from us. 

Those involved in your care might look at particular ‘indicators’ (such as particular conditions) and contact you or take action for healthcare

purposes. For example, this might be to prevent you from having to visit accident and emergency by supporting you in your own home or in

the community.

We will use automated technology to help us to identify people that might require support but ultimately, the decision about how or whether to

provide extra support you is made by those involved in your care.

Our Data Protection Officer will be happy to speak to you about this if you have concerns or objections.

 

Partnerships/Federations

Our practice uses West Norfolk Health to support us to deliver some of our services such as providing appointments when our practice is

closed or community based services.

Here https://www.westnorfolkhealth.co.uk/patient-services is some more information about who they are and what they do.

 

Information Technology

The practice will use third parties to provide services that involve your information such as;

  • Removal and destruction of confidential waste
  • Provision of clinical systems
  • Provision of connectively and servers
  • Digital dictation services

Data analytics or warehousing (these allow us to make decisions about care or see how effectively the practice is run – personal data will

never be sold or made available to organisations not related to your care delivery)

We have contracts in place with these third parties that prevent them from using it in any other way that instructed. These contracts also

require them to maintain good standards of security to ensure your confidentiality.

 

Please visit this link to find out more about our sharing partners and providers. 

How do we Protect your Information?

We are committed to ensuring the security and confidentiality of your information. There are a number of ways we do this;

  • Staff receive annual training about protecting and using personal data
  • Policies are in place for staff to follow and are regularly reviewed
  • We check that only the minimum amount of data is shared or accessed
  • We use ‘smartcards’ to access systems, this helps to ensure that the right people are accessing data – people with a ‘need to know’
  • We use encrypted emails and storage which would make it difficult for someone to ‘intercept’ your information
  • We report and manage incidents to make sure we learn from them and improve
  • We put in place contracts that require providers and suppliers to protect your data as well
  • We do not send your data outside of the EEA

How Long Do We Keep Your Information?

In line with the Department of Health Code, we will retain / store your health record for your lifetime. When a patient dies, we will review the

record and generally it will be destroyed 10 years later, unless there is a reason to keep it for longer.

If you move away or register with another practice, we will send your records to the new practice.

News


Choose font size: A A A
Search:  


GP Website from Wiggly-Amps Ltd. | Total visitors:153960 | Disclaimer