General Practice Transparency Notice for GPES Data for Pandemic Planning and Research (COVID-19)
This practice is supporting vital coronavirus (COVID-19) planning and research by sharing your data with NHS Digital.
Due to the significant pressures on the health and social care system faced during the outbreak, it is essential to deliver the best care possible and to do that, certain information needs to be shared with NHS Digital and other health, social and public services.
For more detailed information, including what information will be shared and details on opting-out, click here.
Fair Processing Notice
BrisDoc has its roots firmly in the local NHS health economy and continues to be owned and run by its workforce, most of whom live and work in the community we serve.
The range of health care BrisDoc provides now includes:
- A GP Out of Hours Service – for urgent care when your regular surgery is closed covering all practices in Bristol, North Somerset and South Gloucestershire • GP Services at the Bristol Royal Infirmary and Southmead Hospital work within the Ambulatory Care Teams to assess, diagnose and identify the most appropriate care pathway for patients referred to hospital for urgent assistance, providing same day assessment and medical care, giving patients more options to be safely managed without a full admission into hospital. • Broadmead Medical Centre – our city centre, extended hours GP Practice and Walk-in service. • Northville Family Practice – GP surgery serving patients in the North of Bristol, within South Gloucestershire • Nurse-led outreach teams – going out into the community to treat vulnerable patients.
These services enable BrisDoc to offer 24/7 health care with a focus on supporting patient care in the community wherever possible.
Confidentiality affects everyone: BrisDoc collects, stores and uses large amounts of personal data every day, such as medical records, personnel records and computerised information.
This data is used by many people in the course of their work.
We take our duty to protect your personal information and confidentiality very seriously and we are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper.
Our Information Governance Board monitors are safe and appropriate use of information; our Senior Information Risk Owner is accountable for the management of all information assets and any associated risks and incidents; Our Caldicott Guardian, is responsible for the management of patient information and patient confidentiality.
Why do we collect information about you?
The doctors, nurses and teams of healthcare professionals caring for you, keep records about your health and any treatment and care you receive from a BrisDoc service. These records may be documented on paper or held on computer.
These records may include:
- Basic details about you such as name, address, date of birth, next of kin etc.; • Contact we have had with you such as appointments or clinic visits; • Notes and reports about your health, treatment and care;
It is essential that your details are accurate and up to date. Always check that your personal details are correct when you visit us and please inform us of any changes as soon as possible.
How is your personal information used?
Your records are used to direct, manage and deliver care you receive to ensure that:
- The doctors, nurses and other healthcare professionals involved in your care have accurate and up to date information to assess your health and decide on the most appropriate care for you; • Healthcare professionals have the information they need to be able to assess and improve the quality and type of care you receive; • Your concerns can be properly investigated if a complaint is raised; and • Appropriate information is available if you see another doctor, or are referred to a service or specialist in another part of the health and social care system.
Who do we share personal information with?
Everyone working within the NHS has a legal duty to keep information about you confidential. Similarly, anyone who receives information from us has a legal duty to keep it confidential. In some cases we will work with other organisations to provide onward care for our patients. Where appropriate, we may share information with them. In addition we will also share information with the following specific main partner organisations:
- Other NHS Trusts and hospitals that are involved in your care; and • Ambulance Services • NHS111 • Community healthcare providers
You may receive care from other people as well as the NHS, for example, Social Care Services. We may need to share some information about you with them so we can all work together for your benefit if they have a genuine need for it or we have your permission. Therefore, we may also share your information, subject to strict agreement about how it will be used, with: • Social Care Services; • Education Services; • Local Authorities; and • Voluntary and private sector providers working with the NHS
We will not disclose your information to any other parties without your agreement, unless there are exceptional circumstances, such as the health and safety of you or others is at risk or if the law requires us to pass on information.
Disclosure of information
You have the right to restrict how and with whom we share the personal information in your records that identifies you. This must be noted explicitly within your records in order that all healthcare professionals and staff treating you are aware of your decision. By choosing this option, it may make the provision of treatment of care most difficult or unavailable. You can also change your mind at any time about a disclosure decision.
How can you access your records?
The Data Protection Act 1998 gives you the right to access the information we hold about you on our records. Requests must be made in writing to the Practice manager. BrisDoc will provide the information to you within 40 calendar days from receipt of:
- A completed application form, containing adequate supporting information (such as your full name, address, date of birth, NHS number etc.) to enable us to verify your identity and locate your records; • The fee up to £50.00 to be paid in advance; and • An indication of what information you are requesting to enable BrisDoc to locate the information in an efficient manner.
Mr Nigel Gazzard is the Senior Information Responsible Officer, Dr Kathy Ryan is the Caldicott Guardian. Please contact firstname.lastname@example.org for any queries relating to Data Protection, Information Governance or Confidentiality issues.
The Data Protection Act 1998 requires organisations to lodge a notification with the Information Commissioner to describe the purposes for which they process personal information. These details are publicly available at https://ico.org.uk/esdwebpages/search or from:
Information Commissioners Office Wycliffe House Water Lane Wilmslow SK9 5AF
The NHS Care Record Guarantee describes how patient information will be used and protected within the National Systems.
Access the NHS Care Record Guarantee
The NHS Code of Confidentiality is based on legal requirements and best practice. It sets out the required standards of practice concerning confidentiality in the NHS and patients’ consent to use their health records.
Access the NHS Code of Confidentiality
What is Population Health Management?
This work is aimed at improving the health of an entire population.
It is about improving the physical and mental health outcomes and wellbeing of people and making sure that access to services is fair and equal. It helps to reduce the occurrence of ill-health and looks at all the wider factors that affect health and care.
The project requires health care organisations to work together with communities and partner agencies. The organisations will share information with each other in order to get a view of health and services for the population in a particular area.
In your area, a population health management programme has been introduced. The programme will combine information from GP practices, community service providers, hospitals and other health and care providers.
How Will my Personal Data be Used?
The information will include information about your health care.
The information will be combined and anything that can identify you (like your name or NHS Number) will be removed and replaced with a code.
This means that the people working with the data will only see the code and cannot see which patient the information relates to.
If we see that an individual might benefit from some additional care or support, we will send the information back to your GP or hospital provider and they will use the code to identify you and offer you services.
The information will be used for a number of healthcare related activities such as;
- improving the quality and standards of care provided
- research into the development of new treatments
- preventing illness and diseases
- monitoring safety
- planning services
Who Will My Personal Data Be Shared With?
Your GP and hospital providers will send the information they hold on their systems to the South Central and West Commissioning Support Unit, who are part of NHS England.
They will link all the information together in order to review and make decisions about the whole population or particular patients that might need support. During this process any identifiable data will be removed berore it is shared with Optum Healthcare.
Both the Commissioning Support Unit and Optum are required to protect your information and maintain confidentiality in the same way that your doctor or hospital provider is.
Is Using My Information in This Way Lawful?
Health Care Providers are permitted by data protection law to use information where it is ‘necessary for medical purposes’. This includes caring for you directly as well as management of health services more generally.
Some of the work that happens at a national level with your information is required by other parts of the law. For more information, speak to our Data Protection Officer.
Sharing and using your information in this way helps to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law and in the majority of cases, anonymised data is used so that you cannot be identified.
What will Happen to My Information When the Project is Finished?
Once the 20-week programme has completed the information will be securely destroyed.
Can I Object?
You have a right to object to information being used in this way.
To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters.
We make every effort to give the best service possible to everyone who attends our practice.
However, we are aware that things can go wrong resulting in a patient feeling that they have a genuine cause for complaint. If this is so, we would wish for the matter to be settled as quickly, and as amicably, as possible.
To pursue a complaint please contact the practice manager who will deal with your concerns appropriately. Further written information is available regarding the complaints procedure from reception.
The NHS operate a zero tolerance policy with regard to violence and abuse and the practice has the right to remove violent patients from the list with immediate effect in order to safeguard practice staff, patients and other persons. Violence in this context includes actual or threatened physical violence or verbal abuse which leads to fear for a person’s safety. In this situation we will notify the patient in writing of their removal from the list and record in the patient’s medical records the fact of the removal and the circumstances leading to it.