Alpha Group Practice fully appreciates the importance of protecting and managing your data and maintaining your privacy. To ensure that we comply with these requirements all our data management and clinical processes fully recognise the data protection law in force in the UK (e.g. the Data Protection Act 1998 and from 25th May 2018, the Data Protection Act 2018 which includes relevant Articles from the EU General Data Protection Regulation (GDPR)
Please read the following information carefully to understand how we process your personal data.
For the purpose of the Data Protection Laws, the Data Controller is Alpha Group Practice whose address is 133 Blackpool Road, Lytham Saint Annes, Lancashire, FY8.
When we refer to ‘we’, ‘us’ and ‘our’, we mean Alpha Group Practice.
Use Of Your Personal Information
This privacy notice explains why we collect information about you and how that information may be used.
Our health care professionals who provide you with our services maintain records about your health and any treatment or care you have received previously. These records help to provide our clients with the best possible healthcare.
Your records may exist is several formats including electronic, paper or a mixture of both, and we deploy many working organisations and approaches to ensure that such information is maintained within a confidential and secure environment. The records which we could hold about you may include the following information:
- Personal details relating to you, including your address and contact details, carer, legal representative and parents’ emergency contact details
- Any contact we have had or intend to have with you such as appointments, clinic or surgery visits, home visits, etc.
- Notes and reports about your health which is deemed to be of a sensitive nature
- Details about your referral, diagnostics procedures, treatment and care
- Results of any additional relevant investigations
- Relevant information from other health professionals, relatives or those who care for you
To ensure you receive the highest levels of care, your records will be used to facilitate the care that we provide. Anonymised information held about could, on occasions, be used to help protect the health and wellbeing of the general public and to help us manage our contracts with commissioners. Information could also be used within our organisation for the purposes of clinical audits which in turn will provide monitoring of the quality of the services we provide.
Some of this information will be used for statistical purposes and we will ensure that individuals cannot be identified. For situations where we may contribute to research projects we will always gain your explicit consent before releasing any relevant information.
Maintaining the Confidentiality of Your Records
We will take all possible care to protect your privacy and will only use information collected with the law including:
Data Protection Act 1998 and the Data Protection Act 2018 from 25th May 2018
Human Rights Act 1998
Common Law Duty of Confidentiality
Health and Social Care Act 2012 (if appropriate)
Codes of Confidentiality, Information Security and Records Management
Our staff are all trained and briefed in data protection principles and understand they have a legal obligation to keep information about you confidential. They also understand that information about you will only be shared with other parties if there is an agreed need to do so or a legal reason. We will only share your data without your permission if there are very exceptional circumstances (i.e. life or death situations), where the law requires information to be passed on and / or in accordance with the Caldicot Principle 7 e.g. to share or not to share. This means that health and social care professionals should have the confidence to share information in the best interests of their patients within the framework set out by the Caldicott Principles. Whilst the Caldicott Principles were originally developed for NHS purposes, we have adopted the underlying principles in order to align with best practice.
All personal information that we manage is stored within the UK within a secure environment and we always use suitably protected methods and systems to transfer your personal information.
Legal Basis For Processing
Our legal basis for processing your data relies on certain conditions set out GDPR Articles 6 and 9 which will be relevant from 25th May as part of the 2018 UK Data Protection Act.
Partner Organisations
It may be possible that we will share your information with other organisations, if this is required we will apply very strong controls. The current organisations who we share data with includes:
- County Council (Public Health Dept.) – Contractual reporting of anonymised data
- NHS Clinical Commissioning Group – Contractual reporting of anonymised data
It is noted that the above list is not exhaustive, and we may contract with other external organisations to undertake processing of your personal information. These 3rd party organisations will abide with our stringent contractual conditions regarding the protection of personal data.
In some cases, you will be requested to provide positive consent if we intend to share your personal details with other organisations.