Confidentiality & Medical Records
The Data Protection Act 1998/ Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR) impose obligations on the use of all personal data held by Dr Holloway & Partners whether it relates to patients and their families, employees, complainants, contractors or any other individual who comes into contact with the organisation. This has implications for every part of the organisation. The Practice also has a duty to comply with guidance issued by the Department of Health, the NHS Executive, NHS Digital and the NHS Information Governance Alliance the specific requirements of the Information Governance (IG) Toolkit Toolkit (from April 2018 the NHS Digital Data Security and Protections Assurance Toolkit) and guidance issued by professional bodies.
The Practice and its employees are bound by a legal duty of confidentiality to all patients which can only be set aside to meet an overriding public interest, legal obligation, or similar duty. The DPA and GDPR apply all staff, contractors and volunteers working for the Practice. Dr Holloway & Partners is a Data Controller, as defined in Article 3 (7) of the GDPR and Section 1 of the DPA and is obliged to ensure that all the Data Protection requirements are implemented. The requirements of Article 5 (1) of the GDPR and be able to demonstrate compliance with those requirements Article 5(2).
Dr Holloway & Partners Privacy Notice
How we use your information
Freedom of Information Act
Information about the General Practitioners and the practice required for disclosure under this act can be made available to the public. All requests for such information should be made to the practice manager.
Access to Medical Records
The law states that NHS organisations must, when requested by an individual, give that person access to their personal health information, and occasionally, certain relevant information pertaining to others. In order to do this, they must have procedures in-place that allow for easy retrieval and assimilation of this information.
There are three main areas of legislation that allow the right of the individual to request such personal information, and they are:
- The Data Protection Act 2018 (formerly DPA 1998) (DPA)
- The General Data Protection Regulation 2016 (GDPR)
- The Access to Health Records Act 1990
- The Medical Reports Act 1988
Where the request for information by an individual falls under the legislation of any of these areas, access must be granted. Patients requesting information about their own personal medical records would usually have their request dealt with under the provisions of the Data Protection Act 2018 and GDPR 2016.The GMS contract and PMS agreement for 2015-2016 require practices to promote and offer their registered patients online access to all coded data in their GP records, referred to as their Detailed Coded Record. The introduction of online patient access to services does not change the right that patients already have to request access to their medical records provided by the provisions of the Data Protection Act (DPA) and GDPR. The DPA principles and confidentiality requirements apply in the same way for online access as they do for paper copies of the record
Compliments & Complaints
We make every effort to give the best service possible to everyone who attends our practice.
However, we are aware that things can go wrong resulting in a patient feeling that they have a genuine cause for complaint. If this is so, we would wish for the matter to be settled as quickly, and as amicably, as possible.
To pursue a complaint please contact the surgery and we will deal with your concerns appropriately. A copy of our Compliments/Complaints procedure can be downloaded here.
Practice Complaints Policy
The NHS operate a zero tolerance policy with regard to violence and abuse and the practice has the right to remove violent patients from the list with immediate effect in order to safeguard practice staff, patients and other persons. Violence in this context includes actual or threatened physical violence or verbal abuse which leads to fear for a person’s safety. In this situation we will notify the patient in writing of their removal from the list and record in the patient’s medical records the fact of the removal and the circumstances leading to it.
All patients are entitled to have a chaperone present for any consultation, examination or procedure where they consider one is required. The chaperone may be a family member or friend, but on occasions a formal chaperone may be preferred. The doctor or nurse may also require a chaperone to be present for certain consultations
The NHS Constitution
The NHS Constitution