All patients’ records on file or computer are completely confidential. The practice complies with the Access to Medical Records Act, the General Data Protection Regulations and the Freedom of Information Act. Access to patient records is limited to health professionals and administration staff who are bound by a code of confidentiality. In order to maintain confidentiality, test results will only be given to the patients themselves or parents of minors.

Rights

• All patients registered at the practice have a named, accountable GP responsible for their overall care, but any patient can see any doctor or nurse they choose.
• Patients have the right to say if they would prefer to see a particular doctor or nurse and we will try to arrange this (as long as they are available). We understand that ‘continuity of care’ is important. Seeing the same nurse or doctor for a particular condition can make it easier to get the right diagnosis and plan your treatment/management better.
• Registered patients are invited to have a health check from time to time. We hope you will take up this service.
• We also offer all patients over 40 an NHS Health Check every 5 years. Please contact reception to discuss this.
• Patients have the right to see their own health records, subject to the terms of the General Data Protection Regulations.

Responsibilities

• Please arrive on time for your appointment. That way clinics are more likely to run on time.
• Please inform the practice if you can’t make an appointment or if the appointment is no longer necessary, so the slot can be offered to another patient.
• Please try and attend the surgery and do not make a request for a home visit unless absolutely necessary. Home visits are for housebound or seriously ill patients. In the time it takes to conduct 1 home visit we can typically see at least 4 patients at the surgery.
• Please make requests for repeat prescriptions in good time. We suggest up to one week before you need more medication.
• Please co-operate with all practice staff and treat them courteously. They are trying to help you.

Your Suggestions

We are always seeking to enhance our service and welcome suggestions for the improvement of the practice and the website. Our address is:

Mrs Helen Craggs, Practice Manager, Hyde Park Surgery, Woodsley Road, Leeds LS6 1SG

Complaints

Everyone at Hyde Park Surgery endeavours to provide the best service and care possible. Unfortunately, we understand that there may be times when you feel this has not happened. If you have a complaint about the practice please feel free to talk to one of the Doctor or our Practice Manager. You can do this in person, or by phoning the practice or by writing to us at the above address.

Overview

Under the Health and Social Care Act 2008 every registered provider must have a Statement of Purpose that includes the required set of information about our service. The Statement describes:

• The Provider’s aims and objectives in providing the service
• The kinds of service provided
• The health or care needs the service sets out to meet
• The locations where the services are actually provided or provided from
• Details from the provider including their legal status, and any manager, including the ‘address for service’ for all registered persons

Overview

All the health care professionals that look after you maintain records about your health and any treatment or care that you have previously received. This includes hospitals, GP surgeries, walk-in clinics etc.

NHS health records may be electronic, paper-base or a mixture of both and we will ensure that all your information is kept confidential and secure.

Information which this GP Practice holds about you may include:

• Details about you, such as your address, carer, legal representative, emergency contacts
• Any contact the surgery has had with you in the past, such as appointments, clinic visits, emergency appointments, etc.
• Notes and reports about your health
• Details about your treatment and care
• Results of investigations such as laboratory tests, x-rays etc
• Relevant information from other health professionals, relatives or those who care for you

Your records are used to ensure you receive the best possible care. Information held about you may also be used to help protect the health of the public and for a clinical audit to monitor the quality of the service provided.

Some of this information will be held centrally and used for statistical purposes. Where we do this, we take strict measures to make sure that individual patients cannot be identified. Occasionally your information may also be requested for research purposes. The practice will always ask for your consent before agreeing to do this.

Identifying patients’ health risks

Risk identification tools are increasingly being used in the NHS to help understand a patient’s risk of suffering from a particular condition in the future. As once we know this we can offer preventative intervention.

Information about you is collected from a number of sources including NHS Trusts and from this GP Practice. A risk score is then arrived at through an analysis of your de-identified information using software managed by NHS England. Risk stratification enables your GP to focus on preventing ill health and offer you additional services to help you not to become ill in the future. Please note that you have the right to opt-out of your data being used in this way.

Medicines Management

The Practice may carry out reviews of the medications prescribed to its patients to ensure that all patients are receiving the most appropriate, up to date and cost-effective treatments.

How Do We Maintain The Confidentiality Of Your Records?

We are committed to protecting your privacy and will only use information collected lawfully in accordance with:

• General Data Protection Regulations
• Human Rights Act 1998
• Common Law Duty of Confidentiality
• Health and Social Care Act 2012
• NHS Codes of Confidentiality, Information Security and Records Management
• Information: To Share or Not to Share Review

Every member of staff who works for an NHS organisation has a legal obligation to keep information about you confidential.

We will only ever use or pass on information about you if others, involved in your care, have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. life or death situations), where the law requires information to be passed on and/or in accordance with the new information sharing principle following Dame Fiona Caldicott’s information sharing review where “The duty to share information can be as important as the duty to protect patient confidentiality.” This means that health and social care professionals should have the confidence to share information in the best interests of their patients within the framework set out by the Caldicott principles. They should be supported by the policies of their employers, regulators and professional bodies.

Who Are Our Partner Organisations?

We may also have to share your information, subject to strict agreements on how it will be used, with the following organisations:

• NHS Trusts/Foundation Trusts
• GPs
• NHS Commissioning Support Units
• Independent contractors such as dentists, opticians, pharmacists
• Private sector providers
• Voluntary sector providers
• Ambulance Trusts
• Clinical Commissioning Groups
• Social Care Services
• Health and Social Care Information Centre (HSCIC)
• Local Authorities
• Education Services
• Fire and Rescue Services
• Police & Judicial Services
• Other ‘data processors’ which you will be informed of

You will be informed who your data will be shared with and in some cases asked for explicit consent for this to happen.

We may also use external companies to process personal information, such as for archiving purposes. These companies are bound by contractual agreements to ensure information is kept confidential and secure.

Access To Personal Information

You have a right, under the General Data Protection Regulations, to request access to view or to obtain copies of what information the surgery holds about you and to have it amended should it be inaccurate. In order to request this, you need to do the following:

• Your request must be made in writing to the GP – for information from the hospital you should write direct to them
• We are required to respond to you within one month
• You will need to give adequate information (for example full name, address, date of birth, NHS number and details of your request)and 2 forms of ID (including photo ID and proof of address) that your identity can be verified and your records located

Objections/Complaints

Should you have any concerns about how your information is managed, please contact our Practice Manager at Hyde Park Surgery, Woodsley Road, Leeds, LS6 1SG. If you are still unhappy, following a review by the Practice you can complain to the Information Commissioners Office (ICO) via their website, email: casework@ico.org.uk, Tel: 0303 123 1113 (local rate) or 01625 545 745.

Cookies

We do not use cookies on this website.

Change of Details

It is important that you tell the person treating you if any of your details, such as your name or address or telephone number have changed or if any of your details such as date of birth is incorrect so that we can amend this. You have a responsibility to inform us of any changes so our records are accurate and up to date for you.

Notification

The General Data Protection Regulations requires organisations to register the purposes for which they process personal and sensitive information. This information is publicly available on the Information Commissioner’s website. The practice is registered with the Information Commissioners Office (ICO).

Who is the Data Controller?

The Data Controller, responsible for keeping your information secure and confidential is Dr David Watson (on behalf of Hyde Park Surgery)

This practice is supporting vital coronavirus (COVID-19) planning and research by sharing your data with NHS Digital.

The health and social care system is facing significant pressures due to the coronavirus (COVID-19) outbreak. Health and care information is essential to deliver care to individuals, to support health, social care and other public services and to protect public health. Information will also be vital in researching, monitoring, tracking and managing the coronavirus outbreak. In the current emergency it has become even more important to share health and care information across relevant organisations. This practice is supporting vital coronavirus planning and research by sharing your data with NHS Digital, the national safe haven for health and social care data in England.

Our legal basis for sharing data with NHS Digital

NHS Digital has been legally directed to collect and analyse patient data from all GP practices in England to support the coronavirus response for the duration of the outbreak. NHS Digital will become the controller under the General Data Protection Regulation 2016 (GDPR) of the personal data collected and analysed jointly with the Secretary of State for Health and Social Care, who has directed NHS Digital to collect and analyse this data under the COVID-19 Public Health Directions 2020 (COVID-19 Direction).

All GP practices in England are legally required to share data with NHS Digital for this purpose under the Health and Social Care Act 2012 (2012 Act). More information about this requirement is contained in the data provision notice issued by NHS Digital to GP practices.

Under GDPR our legal basis for sharing this personal data with NHS Digital is Article 6(1)(c) – legal obligation. Our legal basis for sharing personal data relating to health, is Article 9(2)(g) – substantial public interest, for the purposes of NHS Digital exercising its statutory functions under the COVID-19 Direction.

The type of personal data we are sharing with NHS Digital

The data being shared with NHS Digital will include information about patients who are currently registered with a GP practice or who have a date of death on or after 1 November 2019 whose record contains coded information relevant to coronavirus planning and research. The data contains NHS Number, postcode, address, surname, forename, sex, ethnicity, date of birth and date of death for those patients. It will also include coded health data which is held in your GP record such as details of:

• diagnoses and findings
• medications and other prescribed items
• investigations, tests and results
• treatments and outcomes
• vaccinations and immunisations

How NHS Digital will use and share your data

NHS Digital will analyse the data they collect and securely and lawfully share data with other appropriate organisations, including health and care organisations, bodies engaged in disease surveillance and research organisations for coronavirus response purposes only. These purposes include protecting public health, planning and providing health, social care and public services, identifying coronavirus trends and risks to public health, monitoring and managing the outbreak and carrying out of vital coronavirus research and clinical trials. The British Medical Association, the Royal College of General Practitioners and the National Data Guardian are all supportive of this initiative.

NHS Digital has various legal powers to share data for purposes relating to the coronavirus response. It is also required to share data in certain circumstances set out in the COVID-19 Direction and to share confidential patient information to support the response under a legal notice issued to it by the Secretary of State under the Health Service (Control of Patient Information) Regulations 2002 (COPI Regulations).

Legal notices under the COPI Regulations have also been issued to other health and social care organisations requiring those organisations to process and share confidential patient information to respond to the coronavirus outbreak. Any information used or shared during the outbreak under these legal notices or the COPI Regulations will be limited to the period of the outbreak unless there is another legal basis for organisations to continue to use the information.

Data which is shared by NHS Digital will be subject to robust rules relating to privacy, security and confidentiality and only the minimum amount of data necessary to achieve the coronavirus purpose will be shared. Organisations using your data will also need to have a clear legal basis to do so and will enter into a data sharing agreement with NHS Digital. Information about the data that NHS Digital shares, including who with and for what purpose will be published in the NHS Digital data release register.

For more information about how NHS Digital will use your data please see the NHS Digital Transparency Notice for GP Data for Pandemic Planning and Research (COVID-19).

National Data Opt-Out

The application of the National Data Opt-Out to information shared by NHS Digital will be considered on a case by case basis and may or may not apply depending on the specific purposes for which the data is to be used. This is because during this period of emergency, the National Data Opt-Out will not generally apply where data is used to support the coronavirus outbreak, due to the public interest and legal requirements to share information.

Your rights over your personal data

To read more about the health and care information NHS Digital collects, its legal basis for collecting this information and what choices and rights you have in relation to the processing by NHS Digital of your personal data, see:

• the NHS Digital GPES Data for Pandemic Planning and Research (COVID-19) Transparency Notice
• the NHS Digital Coronavirus (COVID-19) Response Transparency Notice
• the NHS Digital General Transparency Notice
• how NHS Digital looks after your health and care information

This GP practice is taking part in an important national project about diabetes care and treatment in the NHS. The project is called the National Diabetes Audit (NDA).

To take part, your GP practice will share information about your diabetes care and treatment with the NDA. The type of information, and how it is shared, is controlled by law and enforced by strict rules of confidentiality and security.

For further information about how your information is used please see the NDA patient information leaflet. Taking part in the NDA shows that this GP practice is committed to improving care for people with diabetes.

If you do not want your information to be used, please inform the receptionist, your GP or nurse. This will not affect your care.

Data shared with who and why?

SystmOne online access by patients to your own GP record.

What is shared?

Most Data.

How is the data shared?

Via the internet and mobile phone and tablet apps using username and password provided by the practice.

How is consent given?

You apply for access via the reception desk. The Doctor has the option to accept or deny patients request to access record. We only deny access in exceptional circumstances.

Data shared with who and why?

Many GP practices in Leeds, the out of hours on-call Doctor service and any other organisation who uses the S1 clinical system.

This means that if we refer you to a service that is already using S1, the person you go and see will have access to your full GP record and visa versa. This allows for safer care and means you have to repeat your storey less often.

What is shared?

All data unless specific items are marked as private.

How is the data shared?

Access is restricted to NHS Smartcard holders in Hospitals, Out of Hours Services, Community Health and GPs.

How is consent given?

Initial implied consent with explicit consent for a share in and out at each organisation.

How do I get more information?

We are in the process of asking your sharing preferences regarding your full detailed electronic record. We are telling you about this, as you have a choice to make. You can choose to share or not to share your full electronic record with other NHS care services where you are treated and whether we can view records held by those other services.

If you choose to make your record shareable, your clinical details will only viewable by clinical teams who are treating you.

Each clinical team which cares for you now or in the future will ask your permission to view your shared record. You can also ask for part of your record to be made private – not shareable. All record accesses are recorded and auditable. If you choose not to make your records shareable, we will respect your wishes and will do our best to make your care safe and efficient. However, denying the clinical teams caring for you the ability to access important clinical details could compromise your care.

You Have Two Choices:

• • Sharing Out – This controls whether your full electronic patient record can be shared with other NHS care services where you are treated.

Let us know if your records should be Shareable or Not Shareable.

• • Sharing In – This controls whether you agree for this service to view the information you’ve agreed to share at other NHS care services.

Let us know if we can view your shared record from elsewhere or if you do not want it to be viewable to us.

In the event of an emergency: In certain circumstances, such as if you are unconscious or there is a court order, healthcare staff may look at your record without asking you. If they have to do this, a note will be made on your record. If we share information without your permission, we will make sure that we keep to the Data Protection Act 1998, the NHS confidentiality code of practice and other national guidelines on best practice.

Having this information stored in one place makes it easier for healthcare staff to treat you in an emergency.

Please see changes to how your information is shared due to COVID-19

Who is my data shared with and why?

The National Care Record Service (NCRS) for sharing important summary clinical data nationwide for emergency direct care purposes. For example, if you were admitted to hospital in a different part of the country this record would enable the doctors to see vital information about your care.

What is shared?

Medication, Allergies, Drug reactions, optionally specific Read coded entries (called rich SCR).

How is the data shared?

Access is restricted to NHS Smartcard holders in Hospitals, Out of Hours Services and GPs.

How is consent given?

Implied consent with patient opt out via Read Code and requirement to explicitly opt in for Rich SCR.

How do I get more information?

You can also visit the NHS Care Records website or download the NHS Care Record Guarantee.