GDPR – Privacy Notice

General Data Protection Regulation (GDPR)

What’s GDPR, in plain English?

It’s a chunk of rules that formed part of UK data privacy law on 25th May 2018.  These rules set out how organisations can use information they collect about you, and they give you more control over this.  You will have a whole extra set of legal rights around data protection.  Basically, they’re a good thing for everyone and we’ve created a patient leaflet here to detail your rights.

 

What’s the deal?

Because…let’s face it, the world is changing.  Headlines about data breaches and misuse are on the rise.  These new risks need new systems to keep people and organisations safe.  Regulations like GDPR are a leap in the right direction.

We know this stuff matters greatly to our patients, and it matters to us too.

We also know you probably won’t want to read through out full GDPR Privacy Policy – but it is here and we encourage you to read it.  In a nutshell:  the updates are related to how we handle your data and what we can and can’t do with it.

The regulations came into force on 25th May 2018 and if you have any queries or questions, please contact our Data Protection Officer, Paul Couldrey, [email protected] who will be happy to help.

 

Our Data Security and Protection Policies

We have a range of policies and procedures (required by law) that relate to this topic – a full listing is shown below.  These policies are updated regularly and copies are available upon request from the practice:

  • 02-05-KRS – Sharing and Disclosure of Patient Information
  • 06-02-KRS – Caldicott Protocol
  • 06-06-KRS – Computer and Data Security Procedure
  • 06-07-KRS – Confidentiality of Patient Data Policy
  • 06-12-KRS – Electronic Transfer & GP to GP Transfer of Patient Data Procedure
  • 06-20-KRS – Transfer of Patient Records Protocol
  • 06-21-KRS – Covid 19 Policy
  • 21-08-KRS – Third Party Confidentiality Agreement
  • 21-11-KRS – Fax, Post, Mail Handling Protocol