Fair Processing Notice
Data protection/Information Governance/Caldicott Guardian
Fair Processing Notice
Security of Information
BrisDoc has its roots firmly in the local NHS health economy and continues to be owned and run by its workforce, most of whom live and work in the community we serve.
The range of health care BrisDoc provides now includes:
• A GP Out of Hours Service – for urgent care when your regular surgery is closed covering all practices in Bristol, North Somerset and South Gloucestershire
• GP Services at the Bristol Royal Infirmary and Southmead Hospital work within the Ambulatory Care Teams to assess, diagnose and identify the most appropriate care pathway for patients referred to hospital for urgent assistance, providing same day assessment and medical care, giving patients more options to be safely managed without a full admission into hospital.
• Broadmead Medical Centre – our city centre, extended hours GP Practice and Walk-in service.
• Northville Family Practice – GP surgery serving patients in the North of Bristol, within South Gloucestershire
• Nurse-led outreach teams – going out into the community to treat vulnerable patients.
These services enable BrisDoc to offer 24/7 health care with a focus on supporting patient care in the community wherever possible.
Confidentiality affects everyone: BrisDoc collects, stores and uses large amounts of personal data every day, such as medical records, personnel records and computerised information.
This data is used by many people in the course of their work.
We take our duty to protect your personal information and confidentiality very seriously and we are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper.
Our Information Governance Board monitors are safe and appropriate use of information; our Senior Information Risk Owner is accountable for the management of all information assets and any associated risks and incidents; Our Caldicott Guardian, is responsible for the management of patient information and patient confidentiality.
Why do we collect information about you?
The doctors, nurses and teams of healthcare professionals caring for you, keep records about your health and any treatment and care you receive from a BrisDoc service. These records may be documented on paper or held on computer.
These records may include:
• Basic details about you such as name, address, date of birth, next of kin etc.;
• Contact we have had with you such as appointments or clinic visits;
• Notes and reports about your health, treatment and care;
It is essential that your details are accurate and up to date. Always check that your personal details are correct when you visit us and please inform us of any changes as soon as possible.
How is your personal information used?
Your records are used to direct, manage and deliver care you receive to ensure that:
• The doctors, nurses and other healthcare professionals involved in your care have accurate and up to date information to assess your health and decide on the most appropriate care for you;
• Healthcare professionals have the information they need to be able to assess and improve the quality and type of care you receive;
• Your concerns can be properly investigated if a complaint is raised; and
• Appropriate information is available if you see another doctor, or are referred to a service or specialist in another part of the health and social care system.
Who do we share personal information with?
Everyone working within the NHS has a legal duty to keep information about you confidential. Similarly, anyone who receives information from us has a legal duty to keep it confidential.
In some cases we will work with other organisations to provide onward care for our patients. Where appropriate, we may share information with them. In addition we will also share information with the following specific main partner organisations:
• Other NHS Trusts and hospitals that are involved in your care; and
• Ambulance Services
• Community healthcare providers
You may receive care from other people as well as the NHS, for example, Social Care Services. We may need to share some information about you with them so we can all work together for your benefit if they have a genuine need for it or we have your permission. Therefore, we may also share your information, subject to strict agreement about how it will be used, with:
• Social Care Services;
• Education Services;
• Local Authorities; and
• Voluntary and private sector providers working with the NHS
We will not disclose your information to any other parties without your agreement, unless there are exceptional circumstances, such as the health and safety of you or others is at risk or if the law requires us to pass on information.
Disclosure of information
You have the right to restrict how and with whom we share the personal information in your records that identifies you. This must be noted explicitly within your records in order that all healthcare professionals and staff treating you are aware of your decision. By choosing this option, it may make the provision of treatment of care most difficult or unavailable. You can also change your mind at any time about a disclosure decision.
How can you access your records?
The Data Protection Act 1998 gives you the right to access the information we hold about you on our records. Requests must be made in writing to the Head of Governance at Unit 21 Osprey Court, Hawkfield Business Park, Whitchurch, Bristol, BS14 0BB. BrisDoc will provide the information to you within 40 calendar days from receipt of:
• A completed application form, containing adequate supporting information (such as your full name, address, date of birth, NHS number etc.) to enable us to verify your identity and locate your records;
• The fee up to £50.00 to be paid in advance; and
• An indication of what information you are requesting to enable BrisDoc to locate the information in an efficient manner.
Mr Nigel Gazzard is the Senior Information Responsible Officer, Dr Kathy Ryan is the Caldicott Guardian. Please contact firstname.lastname@example.org for any queries relating to Data Protection, Information Governance or Confidentiality issues.
The Data Protection Act 1998 requires organisations to lodge a notification with the Information Commissioner to describe the purposes for which they process personal information. These details are publicly available at https://ico.org.uk/esdwebpages/search or from:
Information Commissioners Office
The NHS Care Record Guarantee describes how patient information will be used and protected within the National Systems.
The NHS Code of Confidentiality is based on legal requirements and best practice. It sets out the required standards of practice concerning confidentiality in the NHS and patients’ consent to use their health records.