At Friends Medical Service, we are committed to ensuring protection of all personal information that we hold, and to provide and to protect all such data. We recognise our obligations in updating and expanding this program to meet the requirements of GDPR.
Friends Medical Service are dedicated to safeguarding the personal information under our control and in maintaining a system that meets our obligations under the new regulations. Our practice is summarised below.
Personal information we collect
We receive following information from NHS:
- Full Name of Patient
- Address
- Date of Birth
- Health and Care Number
- Phone Number
- Reason for Referral
- Clinical Indication
- Priority Level
- Referral details
We will never share your information outside of health partner organisations without your explicit consent unless there are exceptional circumstances such as when the health or safety of others is at risk, where the law requires it or to carry out a statutory function.
Your information, what you need to know
This privacy notice explains why we collect information about you, how that information may be used and how we keep it safe and confidential.
Why we collect information about you
Health care professionals who provide you with care are required by law to maintain records about your health and any treatment or care you have received. These records help to provide you with the best possible healthcare. We collect and hold data for the sole purpose of providing healthcare services to our patients. In carrying out this role we may collect information about you which helps us respond to your queries or secure specialist services. We may keep your information in written form and/or in digital form. The records may include basic details about you, such as your name and address. They may also contain more sensitive information about your health and also information such as outcomes of needs assessments.
Details we collect about you
The health care professionals who provide you with care maintain records about your health and any treatment or care you have received previously (eg. NHS Trust, GP Surgery, Walk-in clinic, etc.). These records help to provide you with the best possible healthcare.
Records FMS may hold about you may include the following:
We receive following information from NHS:
- Full Name of Patient
- Next of Kin
- Address
- Date of Birth
- Health and Care Number
- Phone Number
- Reason for Referral
- Clinical Indication
- Priority Level
- Referral details
- Notes and reports about your health
- Details about your treatment and care
- Results of investigations, such as laboratory tests, x-rays, etc.
- Relevant information from other health professionals, relatives or those who care for you
How we keep your information confidential and safe
Information provided in confidence will only be used for the purposes advised with consent given by the patient, unless there are other circumstances covered by the law.
Your records are backed up securely in line with NHS standard procedures. We ensure that the information we hold is kept in secure locations, is protected by appropriate security and access is restricted to authorised personnel.
We also make sure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.
We are committed to protecting your privacy and will only use information collected lawfully in accordance with:
- Data Protection Act 1998
- General Data Protection Regulation 2018
- Human Rights Act
- Common Law Duty of Confidentiality
We maintain our duty of confidentiality to you at all times. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. life or death situations), or where the law requires information to be passed on.
How we use your information
We at FMS use your information to process scanning and reporting service. Once this cycle is complete all the your information including scans and reports are sent back to NHS network.
CCTV
Many of our premises are surveyed by CCTV for the purposes of security and the safe provision of care. Images and videos may be retained for a limited period and purpose.
Data Retention
We will approach the management of patient records in line with the Records Management NHS Code of Practice for Health and Social Care which sets the required standards of practice in the management of records for those who work within or under contract to NHS organisations in England, based on current legal requirements and professional best practice.
Your right to withdraw consent for us to share your personal information (Opt-Out)
If you are happy for your data to be extracted and used for the purposes described in this fair processing notice then you do not need to do anything. If you do not want your information to be used for any purpose beyond providing your care you can choose to opt-out. If you wish to do so, please let us know so we can code your record appropriately. We will respect your decision if you do not wish your information to be used for any purpose other than your care but in some circumstances we may still be legally required to disclose your data.
There are two main types of opt-out.
Type 1 Opt-Out
If you do not want information that identifies you to be shared outside the practice, for purposes beyond your direct care, you can register a ‘Type 1 Opt-Out’. This prevents your personal confidential information from being used other than in particular circumstances required by law, such as a public health emergency like an outbreak of a pandemic disease.
Type 2 Opt-Out
NHS Digital collects information from a range of places where people receive care, such as hospitals and community services. If you do not want your personal confidential information to be shared outside of NHS Digital, for purposes other than for your direct care, you can register a ‘Type 2 Opt-Out’. For further information about Type 2 Opt-Outs, please contact NHS Digital contact centre at enquiries@hscic.gov.uk referencing ‘Type 2 Opt-Outs – Data Requests’ in the subject line; or call NHS Digital on (0300) 303 5678; or visit the website http://content.digital.nhs.uk/article/7092/Information-on-type-2-opt-outs .
If you wish to discuss or change your opt-out preferences at any time please contact the Senior Administrator.
Access to your information
Under the new General Data Protection Regulation (GDPR) 2018 everybody has the right to see, or have a copy, of data we hold that can identify you, with some exceptions. You do not need to give a reason to see your data.
Subject access requests can be made verbally or in writing and the practice has one month to respond to the request. Under GDPR, organisations are not permitted to charge the data subject in most circumstances.
If you want to access your data you must make the request in writing. Under special circumstances, some information may be withheld. If you wish to have a copy of the information we hold about you, please contact the Senior Administrator.
Change of Details
It is important that you tell the person treating you if any of your details such as your name or address have changed or if any of your details are incorrect in order for this to be amended. Please inform us of any changes so our records for you are accurate and up to date.
Mobile Numbers & Email Addresses
If you provide us with your mobile phone number, we may use this to send you reminders about your appointments or other health screening information. Please let us know if you do not wish to receive reminders on your mobile. If you provide us with your email address, we may use this to send you reminders to make an appointment for a review. Please let us know if you do not wish to receive correspondence by email.
Notification – Data Controller information
Friends Medical Service is registered with the Information Commissioners Office (ICO) to describe the purposes for which they process personal and sensitive information.
We are a registered Data Controller and our registration can be viewed online in the public register at: http://ico.org.uk/what_we_cover/register_of_data_controllers .
Complaints
If you have concerns or are unhappy about any of our services, please contact:
Name: Zaheer Baloch
Address: 45 Laurelgrove Dale Belfast BT8 6ZE UK
Phone Number: 07841563844
E-mail: DPO@friendsmedicalservice.com (create this email account)
URL : www.friendsmedicalservice.com
Privacy Notice date: 01/XX/2020
For independent advice about data protection, privacy and data-sharing issues, you can contact: The Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF –
Phone: 0303 123 1113
Website: www.ico.gov.uk .
Further Information
Further information about the way in which the NHS uses personal information and your rights in that respect can be found here: https://www.england.nhs.uk/contact-us/privacy/privacy-notice/your-information/
The NHS Care Record Guarantee
The NHS Care Record Guarantee for England sets out the rules that govern how patient information is used in the NHS, what control the patient can have over this, the rights individuals have to request copies of their data and how data is protected under the Data Protection Act 1998. http://systems.digital.nhs.uk/infogov/links/nhscrg.pdf
NHS Digital
NHS Digital collects health information from the records health and social care providers keep about the care and treatment they give, to promote health or support improvements in the delivery of care services in England. http://content.digital.nhs.uk/article/4963/What-we-collect
Reviews of and Changes to our Fair Processing & Privacy Notice
We will keep our Fair Processing & Privacy Notice under regular review. This notice was last reviewed following GDPR implementation in May 2020.