Confidentiality & GDPR
What is GDPR?
The General Date Protection Regulations (GDPR) is European Union (EU) legislation that is applicable from 25 May 2018. It is a regulation by which the European Parliament, the Council of the EU and the European Commission intend to strengthen and unify data protection for all individuals within the EU. It replaces the Data Protection Act 1998
GDPR requires practices to process data ‘fairly’ and in a ‘transparent manner’ which is ‘easily accessible and easy to understand’. This means that practices must provide information to patients about how the practice processes patient data.
Documents
GDPR Patient Leaflet for Patients
GDPR Subject Access Request Policy - If you wish to access your electronic data, please complete this form and either bring in to or send to the practice.
Health Information Exchange (HIE) Privacy Notice
Useful Links
- For more detailed information see the Information Commissioner’s Office (ICO) website.
- Understanding Patient Data - An Introduction to the GDPR – and what it means for patient data.