Policies - Hetton Group Practice

Access to Records

he practice is registered with the Information Commissioner’s Office for the purposes of data protection. We will not release information about you without your prior consent unless we are legally obliged to do so. We may share information with other staff or organisations who provide you with healthcare to ensure you get the best treatment possible. See our Fair Processing Notice below.

In accordance with data protection legislation you may access your medical records. If you wish to access your records please apply in writing to the practice manager. A form is available from reception.

Online Access to Patient Records

We offer patients the facility to :

book, view, amend and cancel GP appointments online
order, view and print a list of their repeat medication online
view online, export and print information relating to allergies, adverse reactions, immunisations, test results and coded data from their medical record

If you would like to sign up for online access please speak to one of our receptionists who can set this up for you.

Accessible Information and Reasonable Adjustments

Accessible information –

The Accessible Information Standard is a requirement that all NHS organisations, including GP practices must follow to make sure that people who have a disability, impairment or sensory loss or their carers are given information in a format they can easily read or understand.

So, we can help and support you we want to know;

If you need information in a specific format e.g. braille, large print or easy read
If you need to receive information in a particular way
if you need someone to support you at appointments e.g. a sign language interpreter or an advocate
We want to know if you lip read or use a hearing aid or communication tool

Please let us know if you require any type of support so we can record this information and add it to your record. You can do this by telling our reception team, doctor or nurse the support you need. It is best you do this prior to needing an appointment, so the practice can make the necessary adjustments in advance.

NHS England has more information on the standard which is available in a range of formats including easy read, audio and BSL video with subtitles. You can see these by clicking the link below:

NHS England » Patients

Healthwatch Sunderland have created a leaflet to explain this

Do you have communication needs? | Healthwatch Sunderland

Reasonable Adjustments

All disabled people have the right to reasonable adjustments. This includes when using healthcare, including GP practices.

We need to make it as easy for disabled people to use health services. This is called making reasonable adjustments.

Reasonable adjustments are changes which mean people with a disability can access the healthcare they need.

Reasonable adjustments are dependent on the person. Everyone has different needs. Some examples might include:

making sure there is good access for people who use a wheelchair in the surgery
providing plain English or easy read appointment letters.
giving someone a priority appointment if they find it difficult waiting in their GP surgery or hospital.
offering a longer appointment if someone needs more time with a doctor or nurse to make sure they understand the information they are given.
having a quiet space available for people waiting for their appointment.
making sure there is a hearing loop system in consultation rooms
using a communication chart to support a person with dementia during an appointment.

Please let us know if you require any type adjustment to access your appointments so we can record this information and add it to your record. You can do this by telling our reception team, doctor or nurse the adjustments you need. It is best you do this prior to needing an appointment, so the practice can make the necessary adjustments in advance.

Accessing someone else’s information

As a parent, family member or carer, you may be able to access services for someone else. We call this having proxy access. We can set this up for you if you are both registered with us.

To requests proxy access:

collect a proxy access form from reception from 10am to 6pm

Linked profiles in your NHS account

Once proxy access is set up, you can access the other person’s profile in your NHS account, using the NHS App or website.

The NHS website has information about using linked profiles to access services for someone else.

Chaperone Policy

Hetton Group Practice is committed to providing a safe, comfortable environment where patients and staff can be confident that best practice is being followed at all times and the safety of everyone is of paramount importance.

This Chaperone Policy adheres to local and national guidance and policy –i.e.:
‘NCGST Guidance on the role and effective use of chaperones in Primary and Community Care settings’.

All patients are entitled to have a chaperone present for any consultation, examination or procedure where they consider one is required. The chaperone may be a family member or friend, but on occasions a formal chaperone may be preferred.

Patients are advised to ask for a chaperone if required, at the time of booking an appointment, if possible, so that arrangements can be made and the appointment is not delayed in any way. The Healthcare Professional may also require a chaperone to be present for certain consultations.

All staff are aware of and have received appropriate information in relation to this Chaperone Policy.

All trained chaperones understand their role and responsibilities and are competent to perform that role.

There is no common definition of a chaperone and their role varies considerably depending on the needs of the patient, the healthcare professional and the examination being carried out.

Their role can be considered in any of the following areas:
• Emotional comfort and reassurance to patients
• Assist in examination (e.g. during IUD insertion)
• Assist in undressing
• Act as interpreter
• Protection to the healthcare professional against allegations / attack

Complaints Policy

Although we endeavour to give you the best possible service, there may be times when you feel you have received less than this. If you have any concerns regarding the service you have received, or simply require more information, please ask to arrange an appointment or speak with the Office Manager.

We have to respect our duty of confidentiality to our patients and if you are complaining on behalf of someone else we do need their consent. Our reception staff can provide you with a consent form. Where the patient is incapable of providing consent due to illness or accident it may still be possible to deal with the complaint. Please provide as much details as possible in the letter giving us consent as soon as possible after the event and ideally within a few days, as this helps us to establish what happened more easily. In any event, this should be within 12 months of the incident or within 12 months of you discovering the incident.

We look to settle complaints as soon as possible. We will acknowledge your complaint within 2 working days and aim to have looked into the matter within 10 working days. Occasionally if we have to make a lot of enquiries it may take up to 4 weeks to get back to you with a reply, but we will keep you informed. We will carry out a full investigation of the matter and reply in writing or offer you a meeting to discuss the complaint, investigations and our findings if you so wish.

We hope that at the end of our investigation you will feel satisfied that we have dealt with your complaint thoroughly. If you are dissatisfied with the outcome you have the right to approach the Ombudsman.

The contact details are:

The Parliamentary and Health Service Ombudsman
Millbank Tower
Millbank
London
SW1P 4QP

Tel: 0345 0154033

A copy of our complaints information leaflet is available from reception.

Data Protection Policy

From the 25^th May, the current UK Data Protection Act 1998 is being replaced by the EU General Data Protection Regulation (GDPR) and Data Protection Act 2018.

The new legislation is very similar to the 1998 Act but provides some enhanced rights for individuals around how the Practice uses your information

Why do we Need Your Information?

The NHS Act 2006 and Health and Social Care Act 2012 invests statutory functions on GP Practices to promote and provide the health service to improve quality of services, reduce inequalities, conduct research, review performance of services and deliver education & training. To do this we will need to process your information in accordance with current data protection legislation to:

Protect your vital interests;

Pursue our legitimate interests as a provider of medical care, particularly where the individual is a child or vulnerable adult
Performs tasks in the public’s interests
deliver preventative medicine, medical diagnosis, medical research; and
Manage the health and social system and services.

Should require any further information on GDPR or Data Protection Act, this can be found on the Information Commissioner’s Office (ICO) website:

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

You can also contact the practice’s Data Protection Officer. When contacting the Data Protection Officer please ensure that you include the details of the practice.

Data Protection Officer: Mr James Carroll

Tel No: 0191 404 1000 Ext 3436

Email address: STSFT.DPOSunderlandpractices@nhs.net

Fair Processing Notice

How we Use Your Information

Our GP practice holds information about you and this document outlines how that information is used, with whom we may share that information, how we keep it secure (confidential) and what your rights are in relation to this. The Health Care Professionals (HCP) who provide you with care, maintain records about your health and any treatment or care you have received previously (e.g. NHS Trust, GP surgery, Community clinics or staff etc.).

These records help to provide you with the best possible healthcare.

NHS health records may be electronic, on paper or a mixture of both and we use a combination of working practices and technology to ensure that your information is kept confidential and secure.

What Kind of Information do we Use?

Details about you, such as address and next of kin and carer information etc
Any contact the surgery has had with you such as appointments, clinic visits, emergency appointments and so on
Notes and reports about your health
Details about your treatment and care
Results of investigations such as laboratory tests, x-rays etc.
Relevant information from other HCPs, relatives or those who care for you

To ensure you receive the best possible care, your records are used to facilitate the care you receive. Information held about you may be used to help protect the health of the public and to help us manage the NHS. Information may be used for clinical audit to monitor the quality of the service provided and to plan NHS services. Some of this information will be held centrally and used for statistical purposes. Where we do this, we take strict measures to ensure that individual patients cannot be identified.

Sometimes your information may be requested to be used for research purposes – the surgery or organisation concerned will always endeavour to gain your consent before releasing the information.

The NHS Care Record Guarantee for England sets out the rules that govern how patient information is used in the NHS and what control patients can have over this.

The NHS Constitution https://www.gov.uk/government/publications/the-nhs-constitution-for-england establishes the principles and values of the NHS in England. It sets out rights to which patients, public and staff are entitled, and pledges which the NHS is committed to achieve, together with responsibilities, which the public, patients and staff owe to one another to ensure that the NHS operates fairly and effectively.

What do we use Your Personal and Confidential/Sensitive Information for?

We can only use any information that may identify you (known as personal information) in accordance with the Data Protection Act 1998 and other laws such as the Health and Social Care Act 2012. http://www.legislation.gov.uk/ukpga/1998/29/contents and http://www.legislation.gov.uk/ukpga/2012/7/contents/enacted, however only the minimum necessary identifiers are used in processing personal information for the purpose. We also have a Common Law Duty of Confidentiality to protect your information. This means that where a legal basis for using your personal or confidential information does not exist, we will not do so.

Apart from direct health care sensitive personal information may also be used in the following cases:

To respond to patients, carers or Member of Parliament communication
We have received consent from individuals to be able to use their information for a specific purpose.
There is an overriding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime.
There is a legal requirement that will allow us to use or provide information (e.g. a formal court order).
For the health and safety of others, for example to report an infectious disease such as meningitis or measles.
We have special permission for health and research purposes (granted by the Health Research Authority).
We have special permission called a ‘section 251 agreement’ (Section 60 of the Health and Social Care Act 2001 as re-enacted by Section 251 of the NHS Act 2006) which allows the Secretary of State for Health to make regulations to set aside the common law duty of confidentiality for defined medical purposes. An example of where this is used is in risk stratification. Further information can be found on the Health Research Authority’s web site here http://www.hra.nhs.uk/about-the-hra/our-committees/section-251/what-is-section-251/

Risk Stratification

Risk stratification tools are increasingly being used in the NHS to help determine a person’s risks of suffering from a particular condition, preventing an unplanned or (re)admission and identifying a need for preventative intervention. Information about you is collected from a number of sources including NHS Trusts and from this GP Practice.

A risk score is then arrived at through an analysis of your anonymised information using software managed by North of England Commissioning Support Service (NECS), which is based at John Snow House, Durham, DH1 3YG. The data is provided back to the GP Practice or member of your care team in an identifiable form. Risk stratification enables your GP Practice to focus on the prevention of ill health and not just the treatment of sickness.

If necessary, your GP Practice may be able to offer you additional services.

Should you have any concerns about how information is managed at your GP Practice, please write to the Practice Manager so you can discuss how the disclosure of your personal information can be limited.

Invoice Validation

If you have received treatment within the NHS, access to your personal information is required in order to determine which Clinical Commissioning Group (CCG) should pay for the treatment or procedure you have received. The validation of invoices is undertaken within a controlled environment for finance within the North of England CSU (NECS) which is based at John Snow House, Durham, DH1 3YG. This is carried out via a section 251 agreement and is undertaken to ensure that the CCG is paying for treatments relating to its patients only.

The dedicated NECS team receives patient level information (minimal identifiers are used for this purpose, such as NHS number, post code, date of birth) direct from the hospital providers and undertakes a number of checks to ensure that the invoice is valid and that it should be paid for by the CCG.

The CCG does not receive or see any patient level information relating to these invoices. Further information about invoice validation can be found on NHS England’s web site here https://www.england.nhs.uk/ourwork/tsd/ig/in-val/

How do we Maintain Confidentiality of Your Records?

We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Data Protection Act 1998 (which is overseen by the Information Commissioner’s Office), Human Rights Act, the Common Law Duty of Confidentiality and the NHS Codes of Confidentiality and Security. Every member of staff who works for an NHS organisation has a legal obligation to keep information about you confidential. Anyone who received information from an NHS organisation has a legal duty to keep it confidential. We maintain our duty of confidentiality to you at all times.

We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (e.g. life or death situations) or where the law requires information to be passed on.

The NHS Digital Code of Practice on Confidential Information applies to all of our staff, and they are required to protect your information, inform you of how your information will be used, and allow you to decide if and how your information can be shared. All practice staff are expected to make sure information is kept confidential and receive annual training on how to do this. This is monitored by the practice and can be enforced through disciplinary procedures.

We also ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only and protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot see or make sense of it).

We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where information that could or does identify a person is processed.

We have a senior person responsible for protecting the confidentiality of patient information and enabling appropriate information sharing. This person is called the Caldicott Guardian. The Caldicott Guardian for the practice is Dr M Woodhouse. We also have a Senior Information Risk Owner (SIRO) who is responsible for owning the practice’s information risk. The SIRO is Emma Middleton (practice manager).

We are registered with the Information Commissioner’s Office (ICO) as a data controller which describes the purposes for which we process personal data. A copy of the registration is available from the ICO’s web site by searching on our practice name.

Who are our Partner Organisations?

We may also have to share your information, subject to strict agreements on how it will be used, with the following organisations:

• NHS Trusts
• Specialist Trusts
• Independent contractors such as dentists, opticians, pharmacists
• Private sector providers
• Voluntary sector providers
• Ambulance Trusts
• Clinical Commissioning Groups
• Social Care and Health
• Local Authorities
• Education Services
• Fire & Rescue Services
• Police
• Other data processors

What Are Your Rights?

Where information from which you can be identified is held, you have the right to ask to:

View this or request copies of the records by making a subject access request – also see below.
request information is corrected
have the information updated where it is no longer accurate
ask us to stop processing information about you where we are not required to do so by law – although we will first need to explain how this may affect the care you receive.

Access to Personal Information

You have a right under the Data Protection Act 1998 to access/view what information the surgery holds about you, and to have it amended or removed should it be inaccurate. This is known as ‘the right of subject access’. If we do hold information about you we will:

Give you a description of it
Tell you why we are holding it
Tell you who it could be disclosed to, and
Let you have a copy of the information in an intelligible form
If you would like to make a ‘subject access request’, please do so in writing to the Practice Manager.

Summary Care Records (SCR)

The Summary Care Record is a national scheme to share information about the medicines you are prescribed and any allergies or other adverse reactions you have experienced. Health Professionals at other organisations will only be able to access this information with your permission. You can opt-out of the scheme; please ask at the surgery if you need more information or follow the appropriate link on our website.

Summary Care Record with Additional Information

This is a national scheme to share more detailed information including your current medical problems and your care wishes. Health Professionals at other organisations will only be able to access this information with your permission. This information will only be available to other agencies if you have given us your permission to share it.

Great North Care record (GNCR)

This is a local initiative to share medical information in the North East. The information shared is similar to that in the Summary Care Record with Additional Information. Health Professionals at other organisations will only be able to access this information with your permission. The health organisations with whom we share this information include the local hospitals, out of hours services and the ambulance service. This information will be shared unless you tell us in writing that you don’t want us to share it.

You can opt-out of this scheme – please ask at the surgery.

Your Right to Withdraw Consent

If you are happy for your data to be extracted and used for the purposes described in this Fair Processing Notice, then you do not need to do anything. If you do not want your personal data being extracted and used for the purposes described in this Fair Processing Notice, then you need to let us know as soon as possible in writing to the Practice Manager.

Please note that withdrawing your consent from sharing data may, in some circumstances, cause a delay in your receiving care.

How Long do You hold Information for?

All records held by the practice will be kept for the duration specified by national guidance from the Department of Health, The Records Management Code of Practice for Health and Social Care 2016. Confidential information is securely destroyed in accordance with this code of practice.

Your Right to Opt Out

In some instances, you are allowed to request that your confidential information is not used beyond your own care and treatment and to have your objections considered. To support this patients are able to register objections with the GP Practice to either prevent their identifiable data being released outside of the GP Practice (known as a Type 1 objection) or to prevent their identifiable data from any health and social care setting being released by NHS Digital (known as a Type 2 objection) where in either case it is for purposes other than direct patient care. If your wishes cannot be followed, you will be told the reasons (including the legal basis) for that decision.

There are certain circumstances where a person is unable to opt out but these are only where the law permits this such as in adult or children’s safeguarding situations.

You have a right in law to refuse or withdraw previously granted consent to the use of your personal information. There are possible consequences of not sharing such as the effect this may have on your care and treatment but these will be explained to you to help with making your decision.

If you wish to exercise your right to opt-out, or to speak to somebody to understand what impact this may have, if any, please contact us using the contact details at the top of this document.

What is the right to know?
The Freedom of Information Act 2000 (FOIA) gives people a general right of access to information held by or on behalf of public authorities, promoting a culture of openness and accountability across the public sector.

What sort of information can I request?
In theory, you can request any information that the practice holds, that does not fall under an exemption. You may not ask for information that is covered by the Data Protection Act. Your request must be in writing and can be either posted or emailed to the practice.

Where can I obtain further advice?
For independent advice about data protection, privacy, data sharing issues and your rights you can contact:

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113 (local rate) or 01625 545 745
Email: casework@ico.org.uk

Visit the ICO website here https://ico.org.uk/

Complaints or Questions?

We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring concerns to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.

Please contact us using the contact details below should you have any such concerns.

Hetton Group Practice
Francis Way
Hetton le Hole
Tyne and Wear
DH5 9EZ
Tel: 0191 5261177

Patient’s Repeat Prescriptions Policy

General

Requests for repeat prescriptions can be made in person, by letter phone or online
Please remember it is your responsibility to ensure you order your repeat medication on time and allow adequate time for your request to be processed.
Always allow extra time for weekends and public holidays.
You can order items which are listed on the right hand side of your repeat prescription computer slip.
The practice cannot be held responsible for any delay of your request, nor any technical failure of the system.
When ordering your repeat prescriptions please make sure you give your full name, date of birth and a full list of any medications required.

Post Requests

Please note for postal requests please allow extra time, in the event of postal and/or technical problems.

Online Request

You must bring to reception a form of identification which shows your name and address e.g. Drivers Licence.
You will be issued with a welcome letter containing the appropriate web address and your personal access code.

Request for a Medication That Was Previously Issued as an Acute “one-off” Prescription

If you wish a Special Request item, example a previous acute prescription, please state clearly what this is for i.e. hay fever etc, your GP will then decide if a prescription is appropriate.
Administrative staff who receive your request have been trained to issue prescriptions but they do not have in depth medical knowledge, so please ensure that you provide as much detail for Special Request item as possible.
Please note it is not possible to order the contraceptive pill or hormonal replacement therapy as a repeat prescription and patients should see the Practice Nurse for this.

Hospital Requests for Change of Medications

When you are discharged from hospital you should normally receive 5 days-supply of medication.
On receipt of your medication requirements, which will be issued to you by the hospital, please bring this to the surgery or telephone before your supply of medication has run out
Hospital requests for change of medication will be checked by the practice pharmacist first, and if necessary they will issue you with a Prescription.

Review of Your Repeat Medication

The GPs will review your medication, regularly, which may involve changes to your medications, in accordance with ICB and other National Medicines Organisations and best clinical practice.
Please be reassured that this will not affect your treatment.
Repeat medications which the GP deems inappropriate will not be automatically re-issued even if started by a previous GP from the patient’s old surgery.
Patients are encouraged via messages on the right hand side of the prescription, Practice newsletter and Posters in the Surgery, to tell the GP or Receptionist if they are no longer taking a repeat medication.
Review of your repeat medications is done annually and may be done either face to face with a GP or via a telephone appointment.

Loss or Stolen Prescriptions/Medications

Patients who have lost or had stolen prescriptions for medication liable to abuse must notify the police.
They will obtain an ‘incident or crime number’.
A further prescription may be issued based on the discretion of the GP.
This is not an automatic right i.e. to obtain a repeat for a lost or stolen prescription.

Electronic Prescription Service

The Electronic Prescription Service allows your prescription to be sent electronically to a pharmacy of your choice.
To sign up, you need to speak to your preferred pharmacy and complete a form to confirm that they can receive your prescription directly.
Once you have signed up, your chosen pharmacy will receive your prescription electronically and you will NOT have to pick up your paper prescription from us.
If you have already nominated a pharmacy, your prescription will be sent to them electronically unless you tell us otherwise.

Repeat Dispensing Service

Available
Please ask Receptionist for more information

Privacy Notice

Hetton Group Practice

PRIVACY NOTICE – DIRECT CARE

Document Control

Document Details

Author and Role:
Organisation:
Current Document Approved By:	DPO Group

Document Revision and Approval History

Date Reviewed	By Whom	Any Changes Yes/No	Any Comments
02/10/2019	Jim Carroll	Yes	Updated to include information on National Opt Out as required by the DSPT.
01/07/2020	Jim Carroll	Yes	Updated to insert information around sharing with GNCR and Opt Out.
08/06/21	Practice Manager	Yes	Updated practice details
26/01/2024	Emma Middleton	Yes	Added shared care PCN clinical services wording

Hetton Group Practice

This practice keeps data on you relating to who you are, where you live, what you do, your family, possibly your friends, your employers, your habits, your problems and diagnoses, the reasons you seek help, your appointments, where you are seen and when you are seen, who by, referrals to specialists and other healthcare providers, tests carried out here and in other places, investigations and scans, treatments and outcomes of treatments, your treatment history, the observations and opinions of other healthcare workers, within and without the NHS as well as comments and aide memoires reasonably made by healthcare professionals in this practice who are appropriately involved in your health care.

When registering for NHS care, all patients who receive NHS care are registered on a national database, the database is held by NHS Digital, a national organisation which has legal responsibilities to collect NHS data.

GPs have always delegated tasks and responsibilities to others that work with them in their surgeries, on average an NHS GP has between 1,500 to 2,500 patients for whom he or she is accountable. It is not possible for the GP to provide hands on personal care for each and every one of those patients in those circumstances, for this reason GPs share your care with others, predominantly within the surgery but occasionally with outside organisations.

If your health needs require care from others elsewhere outside this practice we will exchange with them whatever information about you that is necessary for them to provide that care. When you make contact with healthcare providers outside the practice but within the NHS it is usual for them to send us information relating to that encounter. We will retain part or all of those reports. Normally we will receive equivalent reports of contacts you have with non NHS services but this is not always the case.

Your consent to this sharing of data, within the practice and with those others outside the practice is allowed by the Law.

People who have access to your information will only normally have access to that which they need to fulfil their roles, for instance admin staff will normally only see your name, address, contact details, appointment history and registration details in order to book appointments, the practice nurses will normally have access to your immunisation, treatment, significant active and important past histories, your allergies and relevant recent contacts whilst the GP you see or speak to will normally have access to everything in your record.

Our use of the Great North Care Record

As a partner in the Great North Care Record (GNCR), we are required to request and share your information from and with other relevant parties who are part of your care provision and ongoing support. This includes NHS Providers (such as General Practitioners, Acute Health Providers, Ambulance Services and Mental Health Care Providers) as well as local authorities who provide social care.

Full details of the member organisations of the GNCR, what data may be viewed across the GNCR network, and what are the benefits to being part of the GNCR are available from the GNCR website – https://www.greatnorthcarerecord.org.uk/

If you wish to opt-out of your data being shared via the GNCR, or you wish to speak to someone about this use of your data you can contact the practice manager. Please note that this will only prevent your information being shared via the GNCR and will not opt you out of sharing with those organisations who are currently providing you with your care, or may provide it in the future. Your consent is not required to do this as it is necessary to ensure you receive the safest and highest quality of care and treatment.

Exclusion from the GNCR may have a detrimental effect on the service we can provide to you. We will always seek to comply with your request, but in some circumstances there may be additional reasons where the sharing of your information may be necessary, for example a Court Order or where information is required to be shared should there be a concern that yourself or others are at risk of harm.

General Practice Data for Planning and Research

Hetton Group Practice is one of many organisations working in the health and care system to improve care for patients and the public.

Whenever you use a health or care service, such as attending the Practice, Accident & Emergency or using Community Care services, important information about you is collected to help ensure you get the best possible care and treatment and to ensure that the standards of service provided are of the highest quality. Your data may be used to contact you about your experiences of using such services via surveys and questionnaires.

The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:

• improving the quality and standards of care provided

• Monitor the long-term safety and effectiveness of care

• research into the development of new treatments

• preventing illness and diseases

• monitoring safety

• plan how to deliver better health and care services

• prevent the spread of infectious diseases

• identify new treatments and medicines through health research

This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.

The data is collected about any living patient registered at a GP practice in England when the collection of data started and any patient who dies after the collection of data started.

Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.

Data that directly identifies you as an individual patient, including your NHS number, General Practice Local Patient Number, full postcode, date of birth and if relevant date of death, is replaced with unique codes produced by de-identification software before it leaves the practice. In some circumstances and where allowed by legislation organsiations such as NHS Digital will be able to convert the unique codes back to identifiable information.

Further information can be found on the NHS Digital Website by clicking this link:

https://digital.nhs.uk/data-and-information/data-collections-and-data-sets/data-collections/general-practice-data-for-planning-and-research/transparency-notice

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.

If you do not want your identifiable patient data to be shared outside of the practice for purposes other than the provision of care please ask the practice for a form to register your Type 1 Opt-out preference.

For further information on the National Opt-Out, please visit www.nhs.uk/your-nhs-data-matters. On this web page you will:

· See what is meant by confidential patient information

· Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care

· Find out more about the benefits of sharing data

· Understand more about who uses the data

· Find out how your data is protected

· Be able to access the system to view, set or change your opt-out setting

· Find the contact telephone number if you want to know any more or to set/change your opt-out by phone

· See the situations where the opt-out will not apply

You can also find out more about how patient information is used at:

https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and

https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)

You can change your mind about your choice at any time.

Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.

Health and care organisations have until 2020 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. Our organisation ‘is currently’ compliant with the national data opt-out policy.

You have the right to object to our sharing your data in these circumstances but we have an overriding responsibility to do what is in your best interests. Please see below.

We are required by Articles in the General Data Protection Regulations to provide you with the information in the following 9 subsections.

Shared PCN Clinical Services

As a partner practice in Coalfields Primary Care Network (PCN) we will share your information with other shared services within the PCN who are part of your care provision and ongoing support. Where you engage with these services, your healthcare information will be held within a common system that can be accessed by all practices within the PCN.

All individuals who will have access to your records via PCN shared services are bound be the same requirements to maintain the confidentiality of your information as the staff within your practice.

The information held about you is used to provide health and social care, for the management of the services that the PCN provide, the management of the NHS, and also for public health reasons. It may also be used to contact you regarding the provision of these services.

Where you are receiving care from PCN shared services, information relating to the care provided will be added to your practice clinical record.

Information about you held within the PCN Clinical system will be accessed by authorised individuals who are involved in providing direct care to you or who support the provision of direct care or the management of these services. This will include:

· Doctors and nurses who provide you with treatment

· Other clinical staff such as Pharmacists and Radiologists

· Clinical Managers

The Coalfields PCN consists of the following practices; Hetton Group Practice, Houghton Medical Group, Kepier Medical Practice, Grangewood Medical Surgery, Westbourne Medical Group and Herrington Medical Group.

To access any of your healthcare information held within the PCN Shared services, please contact the practice manager.

What we hold about you:

We hold the following types of information about you:

· Basic details about you, such as your name, date of birth, NHS Number

· Contact details such as your address, telephone numbers, email address

· Contact details of your ‘Next of Kin’, a close relative, friend or advocate

· Contacts we have had with you; scheduled and unscheduled appointments

· Details about your care; treatment and advice given and referrals made

· Results of investigations, eg blood tests

· Relevant information from people who care for you and know you well

1) Data Controller

contact details

Hetton Group Practice, Francis way, Hetton le hole, Houghton le Spring, Tyne & Wear, DH5 9EZ

2) Data Protection Officer contact details

James Carroll

0191 404 1000 Ext 3436

Dpo.sunccg@nhs.net

3) Purpose of the processing

Direct Care is care delivered to the individual alone, most of which is provided in the surgery. After a patient agrees to a referral for direct care elsewhere, such as a referral to a specialist in a hospital, necessary and relevant information about the patient, their circumstances and their problem will need to be shared with the other healthcare workers, such as specialist, therapists, technicians etc. The information that is shared is to enable the other healthcare workers to provide the most appropriate advice, investigations, treatments, therapies and or care.

4) Lawful basis for processing

The processing of personal data in the delivery of direct care and for providers’ administrative purposes in this surgery and in support of direct care elsewhere is supported under the following Article 6 and 9 conditions of the GDPR:

Article 6(1) (e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’

Article 9(2) (h) ‘…necessary for the purposes of preventative or occupational medicine for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services…’

We will also recognise your rights established under UK case law collectively known as the “Common Law Duty of Confidentiality”^*

5) Recipient or categories of recipients of the processed data

The data will be shared with Health and Social care professionals and support staff in this surgery and at hospitals, diagnostic and treatment centres who contribute to your personal care and with Social Care Providers For example:

Sunderland Royal Hospital

Queen Elizabeth Hospital

Royal Victoria Infirmary

Freeman Hospital

James Cook Hospital

All other Clinics used for the purpose of a referral to Secondary Care

6) Rights to object

You have the right to object to some or all the information being processed under Article 21. Please contact the Data Controller or the practice. You should be aware that this is a right to raise an objection; that is not the same as having an absolute right to have your wishes granted in every circumstance.

7) Right to access and correct

You have the right to access the data that is being shared and have any inaccuracies corrected. There is no right to have accurate medical records deleted except when ordered by a court of Law.

8) Retention period

The data will be retained in line with the law and national guidance. https://digital.nhs.uk/article/1202/Records-Management-Code-of-Practice-for-Health-and-Social-Care-2016

or speak to the Practice.

9) Right to Complain

You have the right to complain to the Information Commissioner’s Office, you can use this link https://ico.org.uk/global/contact-us/

or calling their helpline Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)

There are National Offices for Scotland, Northern Ireland and Wales, (see ICO website)

* “Common Law Duty of Confidentiality”, common law is not written out in one document like an Act of Parliament. It is a form of law based on previous court cases decided by judges; hence, it is also referred to as ‘judge-made’ or case law. The law is applied by reference to those previous cases, so common law is also said to be based on precedent.

The general position is that if information is given in circumstances where it is expected that a duty of confidence applies, that information cannot normally be disclosed without the information provider’s consent.

In practice, this means that all patient information, whether held on paper, computer, visually or audio recorded, or held in the memory of the professional, must not normally be disclosed without the consent of the patient. It is irrelevant how old the patient is or what the state of their mental health is; the duty still applies.

Three circumstances making disclosure of confidential information lawful are:

where the individual to whom the information relates has consented;
where disclosure is in the public interest; and
where there is a legal duty to do so, for example a court order.

Sharing Information

You may have heard recent press / media coverage regarding information sharing. For more information – see the categories below:

Summary Care Record – click here for further information
Care Data (hscic) – click here for further information
Local Care Record – This is the use of information held by other places you receive care, such as hospitals and community services.

If you are happy for your information to be shared there is nothing further for you to do.

If you would like to opt out of any/all of the above – please print off the ‘opt out‘ form below, complete details and hand in to reception.

Zero Tolerance Policy

A zero tolerance policy towards violent, threatening and abusive behaviour is now in place throughout the NHS.

The doctors, nurses and staff in this practice have the right to do their work in an environment free from violent, threatening or abusive behaviour and everything will be done to protect that right.

At no time will any such behaviour be tolerated in this practice. If you do not respect the rights of our staff we may choose to inform the police and make arrangements for you to be removed from our medical list.