Data Protection – Your Personal Data is Safe

We would like to assure you that as a practice we take your personal data very seriously and we have certain processes in place to make sure your personal data is in safe hands at all times.

As a practice we must adhere to UK Data Protection laws, the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, both pieces of legislation are around to make sure we look after your data. Where we do not follow any part of the Data Protection laws we are at risk of being investigated by the Information Commissioner’s Officer (ICO) on your behalf, and possibly being issued with a fine or warning. The ICO is an independent advisory body who report directly to Parliament and make sure your rights around your personal data are protected.

To help us keep on track and make sure we abide by these laws we complete something called the Data Security and Protection Toolkit (DSPT) that incorporates the laws. It helps us measure how we are doing and keeps us in line with the law and we are required to complete this annually.

There will be times when we have to share your personal data with external organisations / companies in order to provide you with the care you need. However, we only do this where we need to, where we have a legal reason to do so and when we are happy they will continue to safeguard your personal data. An example would be the Clinical IT system we use that holds your medical records, this is supplied by an IT company who will host your personal data to enable us to use the system.

In any event where we share your personal data we will conduct the necessary Data Protection checks with the external organisation. Like us, they are required by data protection law to provide us with relevant assurances that any personal data we share with them will remain secure. Under the UK GDPR they are required to provide us with documents to assure us and this will include contracts which must include UK GDPR clauses. If an organisation does not process your personal data in line with law they too will be investigated by the ICO.

We cannot share your personal data without a legal basis, which means we cannot give your personal data to anyone ‘just because’ they want it. The UK GDPR sets out 6 legal bases we can use, the most common one you would have heard of is ‘consent.’ Consent is not often used in healthcare and where we are using your personal data for direct care, it just would not work and the UK GDPR recognise this so we apply a legal basis called ‘public tasks.’ Public tasks covers the use of personal data where it relates to either being in the interest of the patients care or the public interest. This means that we do not need to ask for your consent, although we are obliged to be open and transparent with your personal data which we do via our Privacy Notice (see section ‘How We Use Your Information).

We certainly will not sell your personal data to anyone.

When we share your personal data we need to abide by the UK GDPR principles, one of which is called ‘data minimisation’ – this means we can legally only share what is relevant and necessary for the task.

Finally along with completing the DSPT (as mentioned above) where we have any data protection concerns or need advice we have a dedicated Information Governance team who are on hand to guide us through the do’s and don’ts.

We hope this information has provided you with assurance that we take the necessary steps to make sure your personal data is safe when in our care and that where we share your personal data we do so only if the law allows us to.

How information about you helps us to provide better care

Care Data – Frequently Asked Questions

National Data Opt Out Policy

Type 1 Data Opt Out Form – Please complete and return to the practice

You can find out more on the NHS England Your Data Matters

Average earnings calculation for the year ended 31st March 2024

All GP practices are required to declare the mean earnings for GPs working to deliver NHS services to patients at each practice.

The mean earnings for GPs working in Millbrook Medical Centre in the financial year ended 31st March 2024 was £77,825 before deduction of employee’s superannuation contributions, tax and National Insurance.

This is the average pay for 2 full-time GPs, 6 part-time GPs and 1 Locum GP who worked in the practice for more than 6 months during that year.

The Practice takes it very seriously if a member of staff is treated in an abusive or violent way.

The Practice supports the government’s ‘Zero Tolerance’ campaign for Health Service Staff. This states that GPs and their staff have a right to care for others without fear of being attacked or abused. To successfully provide these services a mutual respect between all the staff and patients has to be in place.

Our Practice staff aim to be polite, helpful, and sensitive to all patients’ individual needs and circumstances. We would respectfully remind patients that very often staff could be confronted with a multitude of varying and sometimes difficult tasks and situations, all at the same time.  The staff understand that ill patients do not always act in a reasonable manner and will take this into consideration when trying to deal with a misunderstanding or complaint.

However, aggressive behaviour, be it violent or abusive, will not be tolerated and may result in you being removed from the Practice list and, in extreme cases, the Police being contacted.

In order for the practice to maintain good relations with our patients, the practice would like to ask all patients to read and take note of the occasional types of behaviour that would be found unacceptable:

• • Using bad language, swearing or threats towards practice staff

• • Any physical violence towards any member of the Primary Health Care  Team or other patients, such as pushing or shoving

• • Verbal abuse towards the staff in any form including verbally insulting the  staff

• • Racial abuse and sexual harassment will not be tolerated within this practice

• • Persistent or unrealistic demands that cause stress to staff will not be accepted. Requests will be met wherever possible and explanations given when  they cannot

• • Causing damage/stealing from the Practice’s premises, staff or patients

• • Obtaining drugs and/or medical services fraudulently

• • We ask you to treat your GPs and their staff courteously at all times

If you want to see your medical records, just ask at the Reception desk. They’ll give you some forms to fill out and your request can take up to 28 days to process. We won’t give your information to anyone else unless you give consent, or if the law says we have to.

You may also be able to see part of your medical records from November 2023 onwards through the NHS App.

Information about the General Practitioners and the practice required for disclosure under this act can be made available to the public. All requests for such information should be made to the Practice Manager.

The practice complies with data protection and access to medical records legislation. Identifiable information about you will be shared with others in the following circumstances:

• To provide further medical treatment for you e.g. from district nurses and hospital services.
• To help you get other services e.g. from the social work department. This requires your consent.
• When we have a duty to others e.g. in child protection cases anonymised patient information will also be used at local and national level to help the Health Board and Government plan services e.g. for diabetic care.

If you do not wish anonymous information about you to be used in such a way, please let us know.

Reception and Administration staff require access to your medical records in order to do their jobs. These members of staff are bound by the same rules of confidentiality as the medical staff.