General Data Protection Regulation (GDPR)
The GDPR is the replacement for the Data Protection Act and came into effect on 25 May 2018. Although it is European Legislation the UK will be adopting GDPR into UK Law even after Brexit.
Using Your Data
Our Privacy Statement explains how we use your data as a patient with Byron Medical Practice.
- Your personal healthcare
- For the interest of the public
- Your records are required by law
- Research purposes
- The Practice needs to use your records to meet contractual needs
In the majority of situations, Byron Medical Practice will ask your permission (consent) to carry out the above tasks. However, the Practice does not need your consent if:
- The practice feels your medical records are needed for public interest
- The information we hold about you is needed by law
- If you are unable to give consent and the practice feels using your medical records would be in your best interest, and allow professionals to provide you with healthcare
We will keep and use it to provide health care and manage our relationship with you in the right way. This includes using your information to allow us to meet legal needs, contract needs, or follow the Practices reasonable interests. We may also use your information to protect ourselves in legal matters. If you do not give us this data, we may not be able to meet our needs. We will inform you about the effects of that choice.
For example, to stop your information being copied by someone else (fraud), or to help us manage your health care needs. We will never use your information where your interests are greater than our reasonable interests.
Such as, clinical and administrative staff, or other health and social care providers.
For example information from other health and social care places, medications; records of appointments, visits.
Where we record or use information about your health and social care records, racial or ethnic origin, religion, biometric data or sexual orientation, we will always ask you if this is ok and get you to sign a form, showing us you understand this (explicit consent). The only time we will not do this is if the information is needed by law, if it is in the public interest or if the information is needed to deliver healthcare and you cannot give consent.
We will only release your information to a different business if we have to do so by law, this action is in the interest of the public, or the Practice feels doing this is in the best needs of your healthcare and you are unable to give consent.
We may also give information about you to other organisations for your healthcare or to meet the needs of Byron Medical Practice. For example giving your information to Commissioning bodies, hospital trusts health and social care services.
To make sure everything is done correctly, we have security, safeguarding measures in place. If you want a copy of our Safeguarding policy please ask reception.
Your information will only be used for as long as we need it the Practice will keep medical records for 10 years after a patient’s death, this is in line with the guidance from the British medical Association(BMA).
As part of General Data Protection Regulation (GDPR) you have rights to your information:
- You have the right to ask us to give you access to your information
- You have the right to control the way we use your information.
- You have the right to stop us using your information.
If you have allowed us to use your information before (gave consent), you have the right (in some situations) to stop us using your information at any time (withdraw consent).
You have the right to complain to the Information Commissioner’s Office (ICO) if you think we have not met the needs of GDPR, whilst using your information. Contact details of controller and data protection officer:
Byron Medical Practice is the controller and user of your information under GDPR.
If you have any questions on how your information is used you should ask to speak to the Practice Manager, Tracey Milburn.
You can also write to:
Byron Medical Practice
Co Durham, SR7 8LF