The General Data Protection Regulation (GDPR) comes into action on 25th May 2018.
The regulation has a number of principles, ie:
- Lawfulness, Privacy and Transparency
- Purpose Limitation
- Data Minimisation
- Storage Limitation
- Integrity and Confidentiality
The rules surrounding GDPR are designed to protect your personal data.
We have produced a comprehensive PRIVACY NOTICE that explains:
- The types of information we process
- How we use your personal data and special categories of personal data
- The details of the practice – as we are the Data Controllers
- The details of our Data Protection Officer
- Who we share your information with
- How your data may be processed (under several headings):
- Direct Medical Care and Administration
- Other Primary Care Services delivered for the purposes of Direct Care
- Statutory Disclosures of Information
- Processing for the Purposes of Commissioning, Planning, Research and Risk Stratification
- Data Sharing Databases
- Data Processors
- How we use your anonymised data (ie, data that cannot identify you)
- Links to other datasets
- How we safeguard your data
- Your rights in relation to the processing of your data
- How you can access the data you have about you
- How long we store your personal data
You can download a copy of our full PRIVACY NOTICE here Patient Privacy Notice - there is also a copy displayed in reception.
If you have any queries, please address them to Miles Dagnall our Data Protection Officer by email via firstname.lastname@example.org or by writing to the City & Hackney Data Protection Officer, Sun House, 24 Castle Hill, Maidenhead SL6 4JJ.