Privacy Notice

Keeping your personal data safe is very important to us. Your personal data is stored in our secure clinical systems, and only those who are involved in delivering your care have access to your personal data. We respect your right with regards to privacy and data protection when you communicate with us through our websites, events, telephone, or attend any of our face-to-face consultation services.

We may share information about you with other General Practices (GPs), NHS acute or mental health Trusts, community health providers, pharmacists, ambulance services, social services, and NHS commissioning organisations who are directly involved in providing or funding your care needs. Your data will not be shared with anyone else, unless we are obliged by law.

We will never share your personal information with marketing and advertising companies.

We hold your information securely in the UK at all times. Your information is not shared anywhere outside the UK.

We will only share personal information about you with medical research organisations with your explicit consent, and you have the right withdraw your consent at any time.

A full list of the organisations we share information with, and why, is provided in the later section of this Privacy Notice.

What is this Privacy Notice about?

A privacy notice is a statement that describes how an organisation collects, use, retain and disclose personal data, or special categories of personal data. Different organisations sometimes use different terms, and it can be referred to as a privacy statement, a fair processing notice or a privacy policy. Being transparent and providing accessible information to individuals about how an organisation will use their personal information is a key element of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. To ensure that we process your personal data fairly, lawfully and transparently we are required by law to provide you with the following information:

- What information we collect and process about you

- How we process your personal data

- The purpose of processing

- Recipients or categories recipients of your personal data

- The identity of our Data Protection Officer

- How long we retain personal information about you

- The lawful bases for processing

- Your rights – to view, request access copies of your personal information, or object to the processing of your personal information.

- Types of personal information we process

At Penceat Medical, we process the following categories of personal information about our patients and service users:

1. Identity data and contact details

Such as name, date of birth, gender, NHS number, telephone number, postal address, postcode, email address (if provided) etc.

2. Support contact details

Names, contact details of carers, relevant close relatives, next of kin and representatives.

3. Special categories of personal data concerning physical, social or mental health condition.

Medical history, diagnosis, treatments, test results, appointment, attendances, referrals, care plans, care packages, medication, medical opinions etc.

4. Special categories of personal with protected characteristics

Racial or ethnic origin, religious or philosophical beliefs, genetic data, sexual life or sexual orientation data, child protection records, adoption records etc.

5. Aggregated data

A combination of personal data, and special categories of personal data for the purpose of business intelligence and analytical services to enable us to predict future trends and plan our services.

6. Usage data

Our websites use cookies to distinguish you from other user when you access our online services. A cookie is a small file of letters and numbers that we store on your browser when you consent to use of our online services. This helps us to provide you with a good experience when you browse our site and enable us to improve our site.

What we process your personal information for

We process personal information about you in a number of ways.

These include:

Primary uses – we process personal information concerning your health to enable our registered and regulated healthcare professionals who are directly involved in your care to provide you with the best possible direct care delivery. Personal information concerning your health or social care is also made available to other health or social care provider organisations who are involved in your health or social care needs to enable them to make the best-informed decision about you when you use their service.

Secondary uses – We process your personal information for purposes of beyond direct care in the following ways:

- Reviewing the care we provide through clinical audit.

- Investigating your queries, complaints and legal claims.

- Ensuring we are reimbursed correctly for the healthcare you receive.

- Preparing statistics on NHS performance.

- Auditing NHS accounts and services.

- Undertaking health research, and development (with your explicit consent, and you have the right choose whether or not to be involved).

- For business intelligence and analytical services to enable us to predict future trends and plan our services.

- Training and educating our healthcare professionals (with your explicit consent, and you have the right choose whether or not to be involved).

Our identity and contact details

Penceat Medical Limited

We can be contacted at: Penceat Medical Limited, 85 Great Portland Street, London, W1W 7LT

info@penceatmedical.com

Our Data Protection Officer

If you have any questions or concerns regarding how your data is being processed, please write to our Data Protection Officer who can be contacted at: Data Protection Officer, Penceat Medical Limited, 85 Great Portland Street, London, W1W 7LT

Organisations we share your personal information with

We will never share your personal information with marketing and advertising companies. We hold your information securely in the UK at all times. Your information is not shared anywhere outside the UK. Included below is a table of the organisations we share information about you for the purposes of direct and indirect care, split into the following categories:

Direct Medical Care and Administration

Other primary care services delivered for the purposes of direct care

Statutory disclosures of Information

Processing for the purposes of Commissioning, Planning, Research and Risk Stratification

Data sharing databases

Processors

Direct Medical Care and Administration

Lawful basis UK General Data Protection Regulation (UK GDPR) – Article 6 – – Article 9 – Data Protection Act (DPA) 2018 – Section 10 – – Schedule 1 –

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provisions”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.
DPA Section 10 (1) (c) – processing is necessary for health and social care purposes.
In accordance with DPA Schedule 1, Part 1, (2) health or social care purposes means the purposes of preventive or occupational medicine; medical diagnosis; the provision of health care or treatment; the provision of social care, or the management of health care systems or services or social care systems or services.

1. NHS Trusts – Hospitals, Community or Mental Health Trusts.

Personal data concerning your health is shared with NHS Trusts to enable their healthcare professionals make the best-informed decision about your health needs, and to provide you with the best possible care if you visit the hospital for routine care and referrals.

Your personal information may also be processed for local administrative purposes such as:

Waiting list management.
Local clinical audit.
Performance against local targets.
Activity monitoring.
Production of datasets to submit for commissioning purposes and national collections.

Your electronic GP record is the source of information that is shared.

2. Emergency Services (Ambulance trusts, police, A&E departments, out of hours services, 111)

There are circumstances when intervention is necessary in order to save or protect a patient’s life or to prevent them from serious immediate harm, for example, during a collapse or diabetic coma or serious injury or accident. In many of these circumstances the patient may be unconscious or too ill to communicate.

Medical professionals have a duty of care to share data in emergencies to protect their patients or other persons. In these circumstances, your GP medical record will be shared with emergency healthcare services, the police or fire service in order to enable you receive the best treatment or service. Make pre-determined decisions about the type and extent of care you will receive in an emergency; these are known as “Advance Directives”.

Your electronic GP record is the source of information that is shared.

3. Pharmacists – Medicines Optimisation

Medicines optimisation looks at the value which medicines deliver, making sure they are clinically-effective and cost-effective. It is about ensuring patients get the right choice of medicines, at the right time, and are engaged in the process by their clinical team.

Medicines optimisation enables community pharmacies to request medication electronically from our GP Practice and view relevant information from your GP record in order to provide you with the best medicines.

Your electronic GP record is the source of information that is shared.

4. Local Authority – Social Services

We work closely with Local Authorities to support and care for people of all ages to deliver the best possible social care.

Personal data concerning your GP medical record may be shared with Local Authorities and Multidisciplinary Team (MDT) delivering social care in order to enable them to make the best-informed decision about your social care needs if required.

Your electronic GP record is the source of information that is shared.

5. Care Homes

If you are a resident of a Care Home, personal data concerning your GP record will be shared with your care provider and other Multidisciplinary Team (MDT) looking after you to enable them to provide you with the best possible care needs.

Your electronic GP record is the source of information that is shared.

Other primary care services delivered for the purposes of direct care

Lawful basis UK General Data Protection Regulation (UK GDPR) – Article 6 – – Article 9 – Data Protection Act (DPA) 2018 – Section 10 – – Schedule 1 –

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provisions”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.
DPA Section 10 (1) (c) – processing is necessary for health and social care purposes.
In accordance with DPA Schedule 1, Part 1, (2) health or social care purposes means the purposes of preventive or occupational medicine; medical diagnosis; the provision of health care or treatment; the provision of social care, or the management of health care systems or services or social care systems or services.

1. Integrated Urgent Care Service (IUC) – covering Out of Hours and NHS 111 service

Integrated Urgent Care Service (IUC) is an urgent care service delivered across England for the provision of a functionally integrated 24/7 urgent care access, clinical advice and treatment service for patients. IUC incorporates NHS 111 and Out of Hours (OOH) services, which is often referred to as an IUC Clinical Assessment Service.

The purpose of IUC is to ensure that patients receive the best possible healthcare service in their community. If you visit the urgent care centre or call NHS 111 for health-related needs, personal data in your GP record will be shared with healthcare professionals in order to enable them to make the best the best-informed decision about your health needs.

Your electronic GP record is the source of information that is shared.

2. Continuing Health Care (CHC)

NHS Continuing Health Care (CHC) is free care outside of hospital that is arranged and funded by the NHS to support living with complex medical conditions and on-going healthcare needs which can be delivered in the patient’s home, at their care home or in non-acute hospitals.

CHC is free, unlike support from social services for which a fee may be charged, depending on your income and savings. CHC is different from NHS Funded Nursing Care, which some people with less complex needs living in care homes receive. If you require CHC needs personal data concerning your GP medical record will be shared with the care home or in non-acute hospitals looking after you.

Your electronic GP record is the source of information that is shared.

Statutory Disclosures of Information

Lawful basis

UK General Data Protection Regulation (UK GDPR) – Article 6 – – Article 9 – Data Protection Act (DPA) 2018 – Section 10 – – Schedule 1-

Safeguarding Concerns – to prevent an individual, or to prevent a serious crime

Some members of public are recognised as needing safeguarding protection, for example children and vulnerable adults. If an individual is identified as being at risk from harm, we have a duty to do what we can to protect that individual, and we are bound ‘Safeguarding’ laws to do so.

Where there is a suspected or actual safeguarding issue, we will share information that we hold about you with other relevant agencies such as local Ambulance trusts, the police, A&E departments, out of hours services, 111 or social services.

The source of the information shared in this way is your electronic GP record.

Children Act 1989 requires local authorities to investigate where a child is the subject of an emergency protection order, is in police protection or where there is a reasonable cause to suspect that a child is suffering or is likely to suffer harm. Care Act 2014 (safeguarding adults) sets out a clear legal framework for how local authorities and other parts of the system should protect adults at risk of abuse or neglect. Both Acts for Parliament require local authorities to safeguard and promote the welfare of children and adults who are in need, and to request help from specified authorities including General Practices, NHS Trusts, Clinical Commissioning Groups (CCGs) and NHS England.

The processing of personal data is permitted under the following UK GDPR “condition”:

UK GDPR Article 9 (2) (c) – the processing is necessary to protect the vital interests of the data subject.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provisions”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes.

In accordance with DPA Schedule 1, Part 1, (2) health or social care purposes means the purposes of preventive or occupational medicine; medical diagnosis; the provision of health care or treatment; the provision of social care, or the management of health care systems or services or social care systems or services.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provision”: Article 9 (2) (c) – the processing is necessary to protect the vital interests of the data subject. In accordance with DPA Schedule 1, Part 2 (18) (1a) – the condition is met where the processing is necessary for protecting an individual from neglect or physical, mental or emotional harm, or protecting the physical, mental or emotional well-being of an individual. Related Legislations: Section 47 of The Children Act 1989. Section 45 of Care Act 2014

2. The Care Quality Commission (CQC)

The Care Quality Commission (CQC) is a regulatory body established under the Health and Social Care Act.

The CQC regulates health and social care services in England to ensure that safe health and care are provided.

The law allows CQC to access identifiable patient data/medical records in our clinical system for the purposes of their assessment and investigation of significant safety incident. The data may be shared with the CQC, its officers and inspection team that visit us from time to time.

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (c) – processing for legal obligation.

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provisions”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provisions”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes.

3. Law Enforcement and Regulatory Bodies

In some circumstances we may be legally required to share personal information with law enforcements and regulatory bodies (without the consent of the data subject) such as: the Police; Courts of Justice; HMRC and DVLA for the purposes of prevention or detection of crime; apprehension or prosecution of offenders; the assessment or collection of any tax or duty or, of any imposition of a similar nature.

Our GPs are obliged to notify the DVLA when fitness to drive requires notification, but an individual cannot or will not notify the DVLA themselves, and if there is concern for road safety, which would be for both the individual and the wider public. We will review each request based on its merits before deciding whether to release information to the relevant authorities.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (c) – processing is necessary for compliance with a legal obligation.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provision”:

Article 9 (2) (G) – the processing is necessary for reasons of substantial public interest.

In accordance with DPA Schedule 1, Part 2, (10) (1c) – the condition is met where the processing is necessary for the prevention or detection of an unlawful act.

4. Medico-Legal

Medico-Legal – Where a medical professional is holding personal data for the purpose of providing medical reports in connection with legal action.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (c) – processing is necessary for compliance with a legal obligation.

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provision”:

GDPR Article 9 (2) (f) – the processing is necessary for the establishment, exercise or defence of legal claims.

In accordance with DPA Schedule 1, Part 3, (33) – the conditions for processing for legal claims is met where it is in connection with, any legal proceedings including prospective legal proceedings or; for the purpose of obtaining a legal advice or; establishing exercising or defending legal rights.

5. General Medical Council (GMC)

General Medical Council (GMC) is a public body that maintains the official register of medical practitioners in the United Kingdom.

Its primary responsibility is ‘to protect, promote and maintain the health and safety of the public’ by controlling entry to the register, and suspending or removing members when necessary. Under the Medical Act 1983, the GMC has the power to request access to a patient’s medical records for the purposes of an investigation into a doctor’s fitness to practise.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (c) – processing is necessary for compliance with a legal obligation.

GDPR Article 6(1) (e) – public interest or in the exercise of official authority;

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provisions”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes.

Related Legislation: The Medical Act 1983

6. The Parliamentary and Health Service Ombudsman

The Parliamentary and Health Service Ombudsman was set up by Parliament to provide an independent complaint handling service for complaints that have not been resolved by the NHS in England and UK government departments, where you believe they have not acted properly or fairly or have provided a poor service.

To do this, the Ombudsman will need to collect and use information we hold about you and your complaint. The Parliamentary and Health Service Ombudsman is allowed to use your information for the purpose of handling your complaint under the Parliamentary Commissioner Act 1967. This legislation also protects information obtained for the purposes of investigating your complaint.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR “conditions”:

GDPR Article 6(1) (a) – the data subject has given consent to the processing of his or her personal data.

GDPR Article 6(1) (c) – processing is necessary for compliance with a legal obligation.

The processing of special categories of personal data is permitted under the following UK GDPR “conditions”:

GDPR Article 9 (2) (a) – the data subject has given explicit consent to the processing of those personal data for one or more specified purposes.

You do not have the right to object to the processing of your personal information, but you have the right to withdraw your consent.

Related Legislation: Parliamentary Commissioner Act 1967.

7. NHS Counter Fraud

Under the NHS Act 2006, investigations into fraud in the NHS may require access to confidential patient information. This means that we are compelled by the law to share your data with the NHS counter fraud team where required.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (c) – processing is necessary for compliance with a legal obligation.

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provision”:

Article 9 (2) (G) – the processing is necessary for reasons of substantial public interest.

In accordance with DPA Schedule 1, Part 2, (14) (1a) – the condition is met where the processing is necessary for the purposes of preventing fraud or a particular kind of fraud.

Related Legislation: S10 NHS Act 2006 Serious Crime Act 2007

8. NHS Digital – Statutory Data Collection

NHS Digital is a national information and technology partner to the health and social care system. NHS Digital use digital technology to transform the NHS and social care.NHS Digital carries out National Data collections/ extraction from the GP clinical system.

These include:

National Diabetes Audit (NDA) – A national monitoring system, auditing the care of patients with diabetes. The data extracted for the purpose of NDA includes NHS Number, date of birth and postcode, as well as clinical parameters related to diabetes. NDA is a mandatory data extraction under section 259 of the Health and Social Care Act 2012, this means that we are compelled by law to share your data Individual GP Level Data

(IGPLD) – A national monitoring system to enable NHS Digital to provide GPs with clinical information on the care provision for their patients. The data extracted includes the NHS number. IGPLD is a mandatory data extraction under 259 of the Health and Social Care Act 2012, this means that we are compelled by law to share your data FGM) – NHS Digital collects data on FGM within the NHS in England on behalf of the Department of Health (DH). Data collected is used to produce information that helps improve NHS and local authorities to improve on how they support women and girls who have had or, who are at risk of FGM. FGM Enhanced Dataset is a mandatory data extraction under section 259 of the Health and Social Care Act 2012, this means that we are compelled by law to share your data when required.

Your electronic GP record is the source of information that is shared.

Data Retention Period

All records held by the Practice will be kept for the duration specified in the Records Management Codes of Practice for Health and Social Care

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (c) – processing is necessary for compliance with a legal obligation.

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provision”: GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services. DPA Section 10 (1) (c) – processing is necessary for health and social care purposes; In accordance with DPA Schedule 1, Part 1, (2) – health or social care purposes means the purposes of preventive or occupational medicine; medical diagnosis; the provision of health care or treatment; the provision of social care, or the management of health care systems or services or social care systems or services.

Related Legislation: S259 of the Health and Social Care Act 2012

The processing is necessary for compliance with a legal and professional obligation to which we are subject therefore, you do not have the right to object to the processing of your personal information.

9. NHS England

NHS England is responsible for securing, planning, designing and paying for Primary Care & Specialised NHS services not otherwise funded by Clinical Commissioning Groups (CCGs)

This includes planned and emergency hospital care, mental health, rehabilitation, community and primary medical care (GP) services. We may often share personal information with NHS England potentially for safeguarding concerns that need escalating beyond our borough. The processing is necessary for compliance with a legal and professional obligation to which we are subject therefore, you do not have the right to object to the processing of your personal information.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (c) – processing is necessary for compliance with a legal obligation.

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

10. National Cancer Diagnosis Audit (NCDA).

The National Cancer Diagnosis Audit (NCDA) looks at primary and secondary care data relating to patients diagnosed with cancer. It helps to understand pathways to cancer diagnosis, what works well and where improvements could be made. The audit looks specifically at clinical practice in order to understand:

interval length from patient presentation to diagnosis;

use of investigations prior to referral;

what the referral pathways for patients with cancer are and how they compare with those recorded by the cancer registry

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (c) – processing is necessary for compliance with a legal obligation.

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

Processing for Commissioning, Planning, Research and Risk Stratification Purposes

Lawful basis UK General Data Protection Regulation (UK GDPR) – Article 6 – – Article 9 – Data Protection Act (DPA) 2018 – Section 10 – – Schedule 1-

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (e) – processing is necessary for the performance of a task carried out in the public interest.

The processing of special categories of personal data is permitted under the following UK GDPR “condition”, and DPA “provisions”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes.

1. Clinical Commissioning Groups (CCGs)

Clinical Commissioning Group (CCGs) are responsible for securing, planning, designing and paying for your NHS services, including planned and emergency hospital care, mental health, rehabilitation, community and primary medical care (GP) services. This is known as ‘Commissioning’. To enable CCGs in our geographical areas carry out their statutory responsibilities effectively, efficiently and safely, we may share personal data about you with them for the following purposes:

Individual Funding Requests.

Continuing Health Care.

Complaints, appeals, queries or, safeguarding concerns.

Commissioning purposes such as payment for target achievement known as Quality and Outcomes Framework (QOF) and where we participate in agreed national or local enhanced services.

Your electronic GP record is the source of information that is shared.

2. “Risk Stratification” (Population Health Management and Case Finding)

We perform computerised searches of some or all of our records to identify individuals who may be at increased risk of certain conditions or diagnoses such as diabetes, heart disease, risk of falling.

Your records may be amongst those searched.

This is often called “risk stratification” or “case finding”. These searches are sometimes carried out by Processors who link our records to other records that they access, such as hospital attendance records. The results of these searches and assessment may then be shared with other healthcare workers, such as specialist, therapists, technicians etc. The information that is shared is to enable the other healthcare workers to provide the most appropriate advice, investigations, treatments, therapies and or care.

Risk stratification can be grouped into two purposes namely:

Direct Care – ‘Case Finding’ where carried out by a health professional (for example GPs and Provider) involved in an individual’s care or by a Processor acting under contract with such a provider, it is treated as direct care.

Indirect Care – to understand the local population needs and plan for future requirement. Your electronic GP record is the source of information that is shared.

Related Legislation: Section 251 NHS Act 2006

3. Processing personal data for the purpose of medical research

We only agree to participate in medical research projects if there is an agreed clearly defined reasons for the research, and it is likely to benefit healthcare and patients.

Such proposals will have consents of our patients and service users, and will be in line with the safeguards and derogations required under the UK GDPR.

Research organisations do not usually approach patients directly but will ask us to make contact with our suitable patients to seek their consent. Occasionally research can be authorised under law without the need to obtain consent.

We may also use your medical records to carry out medical research within our Surgeries with your explicit consent.

We share information with the medical research organisations if you give your explicit consent.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR “conditions”:

GDPR Article 6(1) (a) – the data subject has given consent to the processing of his or her personal data.

The processing of special categories of personal data is permitted under the following UK GDPR “conditions” and DPA “provision”:

GDPR Article 9 (2) (a) – the data subject has given explicit consent to the processing of those personal data for one or more specified purposes.

GDPR Article 9 (2) (j) processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) (as supplemented by section 19 of the 2018 Act) based on domestic law.

In accordance with DPA Schedule 1, Part 1, (4) – The condition for the processing is met where it is necessary for archiving purposes, scientific or historical research purposes or statistical purposes; carried out in accordance with Article 89(1) of the GDPR and DPA Section 19, and the processing is in the public interest.

You do not have the right to object to the processing of your personal information, but you have the right to withdraw your consent.

4. De-identifying/anonymising personal data for the purpose of medical research

Clinical Practice Research Datalink (CPRD) is a government organisation that provides anonymised patient data for research to improve patient and public health.

You cannot be identified from the information sent to CPRD, and the principles of Data Protection Legislation do not apply to data that has been rendered anonymous however, if you do not want anonymised information from your patient record to be used in research you can opt out by speaking to your doctor.

The processing of personal data is permitted under the following UK GDPR “conditions”:

GDPR Article 6(1) (e) – public interest or in the exercise of official authority.

The processing of special categories of personal data is permitted under the following UK GDPR “conditions” and DPA “provision”:

Article 9 (2) (i) – for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) based on the domestic law.

Data Sharing Databases

Lawful basis UK General Data Protection Regulation (UK GDPR) – Article 6 – – Article 9 – Data Protection Act (DPA) 2018 – Section 10 – – Schedule 1-

National NHS Digital Services “Spine” including:

Patient Demographics Service

e-Referral Service

Electronic Prescription Service

GP2GP

Summary Care Record

Spine supports the IT infrastructure for health and social care in England, joining together over 23,000 healthcare IT systems in 20,500 organisations. It hosts key services to support the delivery of your care, to enable healthcare professionals, authorised with an NHS smartcard, to view relevant information about you as follows: Patient Demographics Service – The Personal Demographics Service (PDS) is the national electronic database of NHS patient details such as name, address, date of birth and NHS Number (known as demographic information). It helps healthcare professionals to identify patients and match them to their health records. It also allows them to contact and communicate with patients. Summary Care Record (SCR) – is an electronic record of important patient information, created from GP medical records. It can be seen and used by authorised staff in other areas of the health and care system involved in the patient’s direct care. When your personal health records on your GP Record is uploaded to the spine, NHS Digital becomes the data controller for the uploaded information. The source of the information shared in this way is your electronic GP record. At a minimum, the SCR holds important information about;

current medication

allergies and details of any previous bad reactions to medicines

the name, address, date of birth and NHS number of the patient

The patient can also choose to include additional information in the SCR, such as details of long-term conditions, significant medical history, or specific communications needs.

e-Referral Service – The NHS e-Referral Service (e-RS) combines electronic booking with a choice of place, date and time for first hospital or clinic appointments. Patients can choose their initial hospital or clinic appointment, book it in the GP surgery at the point of referral, or later at home on the phone or online.

Electronic Prescription Service – The Electronic Prescription Service (EPS) sends electronic prescriptions from GP surgeries to pharmacies. Eventually EPS will remove the need for most paper prescriptions.

GP2GP – GP2GP allows patients’ electronic health records to be transferred directly, securely, and quickly between their old and new practices, when they change GPs. This improves patient care by making full and detailed medical records available to practices, for a new patient’s first and later consultations.

Your electronic GP record is the source of information that is shared in all of the above instances.

Data Retention Period: All records held in the Practice clinical system are kept for the duration specified in the Records Management Codes of Practice for Health and Social Care

The processing of personal data is permitted under the following UK GDPR condition:

GDPR Article 6(1) (e) – public interest or in the exercise of official authority.

The processing of special categories of personal data is permitted under the following UK GDPR “condition” and DPA “provision”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes;

In accordance with DPA Schedule 1, Part 1, (2) – health or social care purposes means the purposes of preventive or occupational medicine; medical diagnosis; the provision of health care or treatment; the provision of social care, or the management of health care systems or services or social care systems or services.

You have the right to raise an objection or opt-out of out of having an SCR by returning a completed opt-out form to their GP practice. Although we will first need to explain how this may affect the care you receive.

2. NHS Digital – National Data Opt-Out

The national data opt-out applies to the disclosure of confidential patient information for purposes beyond individual care (research and planning) across the health and adult social care system in England.

In broad terms the national data opt-out applies unless there is a mandatory legal requirement or an overriding public interest for the data to be shared. The opt-out does not apply when the individual has consented to the sharing of their data or where the data is anonymised. Any person registered on the Personal Demographic Services (PDS) and who consequently has an NHS number allocated to them is able to set a national data opt-out. The opt-out is stored in a central repository against their NHS number on the Spine.

The national opt-out applies to a number of datasets including:

National Clinical Audit of Rheumatoid and Early Inflammatory – NHS Digital collects this data on behalf of the British Society for Rheumatology to improve the quality of care for patients with Rheumatoid and early.

National Adult Community Acquired Pneumonia (CAP) Audit – NHS Digital collects this data on behalf of the British Thoracic Society to assess variation in the care of patients hospitalised with pneumonia in the UK.

Trauma Audit & Research Network (TARN) – NHS Digital collects this Confidential Patient Information on behalf (CPI) on behalf TARN.

Invoice Backing Data for Contracted Activity – NHS Digital collects this data to enable Commissioners to determine if they are the responsible commissioner. It is important to point out that the national opt-out applies to contracted activity data that has not been rendered anonymous.

Risk Stratification data for Indirect Care – NHS Digital collects this data for data processors working on behalf of GPs and CCGs. The GP data is linked to other records that they access, such as hospital attendance records to enable CCGs understand the local population needs and plan for future requirement.

Your electronic GP record is the source of information that is shared in all of the above instances.

The processing of personal data is permitted under the following UK GDPR condition:

GDPR Article 6(1) (e) – public interest or in the exercise of official authority.

The processing of special categories of personal data is permitted under the following UK GDPR “condition” and DPA “provision”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services;

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes;

Related Legislation: Section 251 NHS Act 2006 You have the right to opt-out of having your data shared for purposes beyond direct care (research and planning).

You can do so via the national opt-out website

3. Open Exeter

Open Exeter is a web-enabled viewer which provides the facility for healthcare professionals to share/access patient data held on the National Health Application and Infrastructure Services (NHAIS) systems, including cervical screening, breast screening, organ donor, blood donor and home oxygen.

Access to Open Exeter is only possible on the Health and Social Care Network (HSCN), and via authorised logons/passwords provided by NHS Digital.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR “condition”:

GDPR Article 6(1) (e) – public interest or in the exercise of official authority;

The processing of special categories of personal data is permitted under the following UK GDPR “condition” and DPA “provisions”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services;

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes; In accordance with DPA Schedule 1, Part 1, (1a) – the processing for employment, social security and social protection is met where it is for the purposes of performing or exercising obligations or rights which are imposed or conferred by law on the controller or the data subject in connection with employment, social security or social protection;

Processors

EMIS Health SystmOne – TPP

EMIS Health and SystmOne – TPP provide clinical systems used by GP Practices to securely store and process your medical records.

Information about your personal health records is stored in your GP electronic record which is accessed by our registered and regulated health and care professionals to provide you with the very best care.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR condition:

GDPR Article 6(1) (e) – public interest or in the exercise of official authority.

The processing of special categories of personal data is permitted under the following UK GDPR “condition” and DPA “provision”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes;

2. Docman and Docmail

Docman Limited act as a Processor and provides cloud-based storage software for electronic patient document.

This includes paper letters that we receive, scan and upload to a patient record, as well as letters that we receive in an electronic format.

Generally, Docman enables primary health care organisations capture, file, workflow, view and manage primary care documents efficiently.

Docmail enables primary health care organisations send letters, invoices and documents directly from computers and other portable devices.

Your electronic GP record is the source of information that is shared.

The processing of personal data is permitted under the following UK GDPR condition:

GDPR Article 6(1) (e) – public interest or in the exercise of official authority.

The processing of special categories of personal data is permitted under the following UK GDPR “condition” and DPA “provision”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes;

3. Video Consultation system

We use an NHS Digital approved a web-based video consultation system allows our healthcare professionals to carry out observations during their consultations in the same way they would during a face-to-face appointment, to provide our patients the with the best possible care.In the video consultation, healthcare professionals are able record the observations and outcome of the consultation in the same way as a face-to-face consultation is recorded in the patient’s electronic record and any agreed actions are carried out.

The connection prioritises ‘peer-to-peer’ between our registered health professionals and patient’s communication device, and follows NHS best practice guidelines on health and social care cloud security. By using video consultations, we can reduce any risk there may be in bringing patients to our Practices.

The processing of personal data is permitted under the following UK GDPR condition:

GDPR Article 6(1) (e) – public interest or in the exercise of official authority.

The processing of special categories of personal data is permitted under the following UK GDPR “condition” and DPA “provision”:

GDPR Article 9 (2) (h) – processing is necessary for medical or social care treatment or, the management of health or social care systems and services.

DPA Section 10 (1) (c) – processing is necessary for health and social care purposes;

Details of data linkage with other datasets

Data may be de-identified and linked so that it can be used to improve health care and development and monitor NHS performance. Where data is used for statistical purposes, stringent measures are taken to ensure individual patients cannot be identified. When analysing current health services and proposals for developing future services it is sometimes necessary to link separate individual datasets to be able to produce a comprehensive evaluation. This may involve linking primary care GP data with other data such as secondary uses service (SUS) data (inpatient, outpatient and A&E). In some cases, there may also be a need to link local datasets which could include a range of acute-based services such as radiology, physiotherapy, audiology etc, as well as mental health and community-based services such as Improving Access to Psychological Therapies (IAPT), community nursing, podiatry etc. When carrying out this analysis, the linkage of these datasets is always done using a unique identifier that does not reveal a person’s identity. Clinical Commissioning Groups within our geographical areas are responsible for processing de-identified and linked data under this category, on our behalf. We ensure that the Processor is legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.

Data retention period

All records held by Penceat Medical Limited will be kept for the duration specified in the Records Management Codes of Practice for Health and Social Care 2020 and supplemented by our Records Management Standards. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. To determine the appropriate retention period for personal data, the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements have all been considered.

The details of transfers of the personal data to any third countries or international organisations

We do not transfer personal data to any third countries or international organisations.

What safeguards are in place to ensure data that identifies me is secure?

We only use information that may identify you in accordance with UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. These legislations require us to process your data only if there is a lawful basis for doing so and that any processing must be fair, lawful and transparent. We also ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only, protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot see or make sense of it). Our appropriate technical and security measures include:

The ability to ensure ongoing confidentiality, integrity, availability and resilience of our systems.

The ability to quickly restore availability and access to personal information in the event of a physical or technical incident; and

A process regularly testing, assessing and evaluating the effectiveness of security measures, and ensure they comply with the concept of privacy by design and default;

Encryption; Firewalls / VPN; Password protected files; Restricted Access Folders and System Audit.

Strictly necessary cookies: These are cookies that are required for the operation of our site. They include, for example, cookies that enable you to login to secure areas of our websites.

Analytical/performance cookies: They allow us to recognise and count the number of visitors and to see how visitors move around our site when they are using it. This helps us to improve the way our websites work, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies: These are used to recognise you when you return to our site. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

Targeting cookies: These cookies record your visit to our site, the pages you have visited and the links you have followed. We will use this information to make our site more relevant to your interests. We may also share this information with third parties for this purpose.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. Except for essential cookies, all cookies will expire after 12 months.

What are your general rights?

Where information from which you can be identified is held, you have the:

Right of access to view or request copies of the record

Right to rectification of inaccurate personal data or special categories of personal data

Right to restriction of the processing of your data where accuracy of the data is contested, processing is unlawful or where we no longer need the data for the purposes of the processing

Right not to be subject to any automated individual decision-making

Right to data portability by requesting the data which you provided to us (not data generated by us) in a structured, commonly used machine-readable format. Your right to portability shall apply only where:

data is processed by automated means, and

you provided consent to the processing or,

the processing is necessary for the fulfilment of a contract.

Right to object

In line with the Data Protection Legislation, you do not have the right to object to the processing of your personal information where:

The purpose of the processing is for direct provision of care or safeguarding concerns. As a primary care and community health provider, we have legitimate compelling grounds under the Health and Social Care Act 2012 to process your personal information for the purposes of direct care delivery, and to prevent an individual from harm, or to prevent a serious crime.

This include personal information concerning your health which we share with other GP Practices, NHS acute or mental health Trusts, social services, community health providers and pharmacists who are also involved in your care.

The processing is necessary for compliance with a legal obligation to which we are subject. This includes information we share with statutory organisations, law enforcement and regulatory bodies such as NHS Digital (statutory data collection), NHS Counter Fraud, the Police, Courts of Justice, HMRC and DVLA.

You do not have the right to object to the processing of your personal information for risk stratification for indirect care purpose such as understanding the local population needs and plan for future requirement. You have the right to opt-out of:

Summary Care Record

NHS Digital – National Data Opt-Out.

Right to erasure (right to be forgotten)

Your right to erasure (right to be forgotten) applies where you had given ‘consent’ to process your personal data and later withdrew the consent.

Right to erasure does not apply to the extent where the processing of your personal health data is necessary for:

Compliance with a legal obligation which we are subject to, under the UK law or, for the performance of a task carried out in the public interest or, in the exercise of official authority vested on us;

medical purposes and/or for reasons of public interest in the area of public health;

archiving purposes in the public interest, scientific or historical research purposes or statistical purposes;

the establishment, exercise or defence of legal claims.

Exercising your right or gaining access to the data we hold about you

By contacting us at the address below, you can exercise your rights at any time, or request to see or have copies of personal information we hold about you:

Data Protection Officer, Soho Square General Practice, 1 Frith Street, London, W1D 3HZ

Data Protection Officer, Cricklewood Health Centre, 2 Cricklewood Lane, London, NW2 1DZ

Right to complain

If you are dissatisfied with the way we process your data, please contact us and we will try to resolve your complaint. You also have the right to appeal/complain to the Information Commissioner (IC). The IC can be contacted at: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire Tel: 0303 123 1113 or 01625 545 745 Web form: https://ico.org.uk/global/contact-us/

Entity Name Data Protection Registration Number

Penceat Medical Limited ZA458801

COVID-19 Privacy Notice

Introduction

This notice describes how we may use your information to protect you and others during the Covid-19 (Coronavirus) outbreak.

It supplements our main Privacy Notice.

In the current emergency it has become even more important to share health and care information quickly across relevant organisations, to deliver care to individuals, support health and social care services and to protect public health. Information will also be vital in researching, monitoring, tracking and managing the outbreak. The health and social care system is facing significant extra pressures due to the Covid-19 outbreak. Existing law allows confidential patient information to be used and shared appropriately and lawfully in a public health emergency is being used during this outbreak. The Secretary of State requires NHS Digital; NHS England and NHS Improvement; Arm’s Length Bodies (such as Public Health England); local authorities; health organisations and GPs to share confidential patient information to respond to the Covid-19 outbreak. Any arrangements put in place specifically to use or share information during the Covid-19 are temporary and will be limited to the period of the outbreak unless there is another existing legal basis that covers the use and sharing of that data. During the COVID-19 outbreak Clinical Commissioning Groups (CCGs) and NHS Digital will not process any new requests to opt-out of local data sharing arrangements such as the Integrated Health and Care Record Programme. All opt-out requests currently submitted will be held until the outbreak ceases at which point, the request to opt-out will be processed. It may take us longer to respond to Subject Access Requests and Freedom of Information requests whilst we focus our efforts on responding to the outbreak.

In order to look after your health and care needs, we may share your confidential patient information including health and care records with clinical and non-clinical staff in other health and care providers, for example, neighbouring GP practices, hospitals and NHS 111.

We may also use the details we have to send public health messages to you, either by phone, text or email.

We will also be required to share personal/confidential patient information with health and care organisations and other bodies engaged in disease surveillance, such as Public Health England, for the purposes of protecting public health, providing healthcare services to the public and monitoring and managing the outbreak.

During this period of emergency, you may be offered a consultation via telephone or videoconferencing. Your personal/confidential patient information will be safeguarded in the same way it would with any other consultation.

We may amend this privacy notice at any time so please review it frequently.

Purpose of the processing of your data

The purpose of the envisaged temporary Covid-19 data flows is to effectively treat and prevent the onward spread of COVID-19, as such there is a need to share Patient Identifiable Data and Special Category (or sensitive) information. However, for each new data flow a review will be undertaken to ensure that the minimum amount of personal data is processed and processed securely.

Lawful basis for processing your data

The Secretary of State (SoS) for Health and Social Care served a Notice under Regulation 3(4) of the Health Service (Control of Patient Information) Regulations 2002 (COPI) to require health and care organisations to process confidential patient information in the manner set out below for THE following purposes:

diagnosing communicable diseases and other risks to public health;

recognising trends in such diseases and risks;

controlling and preventing the spread of such diseases and risks;

monitoring and managing understanding COVID-19 and risks to public health, trends in COVID-19 and such risks, and controlling and preventing the spread of COVID-19 and such risks

processing to support the NHS Test and Trace programme

identifying and understanding information about patients or potential patients with or at risk of COVID-19, information about incidents of patient exposure to COVID-19 and the management of patients with or at risk of COVID-19 including: locating, contacting, screening, flagging and monitoring such patients and collecting information about and providing services in relation to testing, diagnosis, self-isolation, fitness to work, treatment, medical and social interventions and recovery from COVID-19

understanding information about patient access to health services and adult social care services and the need for wider care of patients and vulnerable groups as a direct or indirect result of COVID-19 and the availability and capacity of those services or that care

monitoring and managing the response to COVID-19 by health and social care bodies and the government including providing information to the public about COVID-19 and its effectiveness and information about capacity, medicines, equipment, supplies, services and the workforce within the health services and adult social care services

delivering services to patients, clinicians, the health services and adult social care services workforce and the public about and in connection with COVID-19, including the provision of information, fit notes and the provision of healthcare and adult social care services

research and planning in relation to COVID-19

Under the UK General Data Protection Regulation (UK GDPR), Article 6, 1(c)- Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations). There are a number of pieces of legislation currently available to allow the processing of personal data and special category data in response to public health breakouts, which includes:

Public Health (Control of Disease) Act 1984

The Health and Social Care Act 2008 (by virtue of The Care Act 2014)

The Civil Contingencies Act 2004

The relevant basis in UK data protection law is set out in the Data Protection Act (DPA) 2018, in Schedule 1 condition 2. This condition covers the following purposes:

preventive or occupational medicine;

the assessment of an employee’s working capacity;

medical diagnosis;

the provision of health care or treatment;

the provision of social care (this is likely to include social work, personal care and social support services); or

the management of health care systems or services or social care systems or services.

Article 9(3) of the GDPR contains the additional safeguard that you can only rely on this condition if the personal data is being processed by (or under the responsibility of) a professional who is subject to an obligation of professional secrecy. Section 11 of the DPA 2018 makes it clear that in the UK this includes:

a health professional or a social work professional; or

another person who in the circumstances owes a duty of confidentiality under an enactment or rule of law.

By virtue of the Data Protection Act 2018 (c. 12) Schedule 1 — Special categories of personal data and criminal convictions etc data, Part 1 – Conditions relating to employment, health and research etc, paragraph 3(a), processing meet the GDPR Article 9 condition ‘if processing is necessary for reasons of public interest in the area of public health’.

Right to access and correct

All the personal data we process is processed by our staff in the UK however for the purposes of IT hosting and maintenance this information may be located on servers within the European Union. No 3rd parties have access to your personal data unless the law allows them to do so and appropriate safeguards have been put in place such as a Data Processor as above). We have a Data Protection regime in place to oversee the effective and secure processing of your personal and or special category (sensitive, confidential) data.

Retention period

The data will be retained in line with the law and national guidance. https://www.nhsx.nhs.uk/information-governance/guidance/records-management-code/ Note: This Privacy Notice issued sets aside the requirements of Common Law Duty of Confidentially for COVID-19 purposes, Regulation 4 Health Service Control of Patient Information Regulations 2002 provides that ‘information may be processed in accordance with these Regulations, notwithstanding any common law obligation of confidence’, meaning that identifiable patient data can be shared with other organisations where it is ‘necessary’ for a COVID-19 purpose. Three circumstances making disclosure of confidential information lawful are:

where the individual to whom the information relates has consented;

where disclosure is in the public interest; and

where there is a legal duty to do so, for example a court order.