GDPR (General Data Protection Regulation)
The General Data Protection Regulation (GDPR) aims to give control to individuals over their personal data. Any processor of personal data must clearly disclose any data collection, declare the lawful basis and purpose for data processing, how long data is being retained, and if it is being shared with any third-parties.
- This practice handles medical records in-line with laws on data protection and confidentiality.
- We share medical records with those who are involved in providing you with care and treatment.
- In some circumstances we will also share medical records for medical research, for example to find out more about why people get ill.
- We share information when the law requires us to do so, for example, to prevent infectious diseases from spreading or to check the care being provided to you is safe.
- You have the right to be given a copy of your medical record.
- You have the right to object to your medical records being shared with those who provide you with care.
- You have the right to object to your information being used for medical research and to plan health services.
- You have the right to have any mistakes corrected and to complain to the Information Commissioner's Office.