This website uses cookies to function correctly.
You may delete cookies at any time but doing so may result in some parts of the site not working correctly.

GDPR/Privacy Policy

 

 logo

This policy explains how we use the information we hold about our patients.

 

What information we hold about you

How we use the information about you

Sharing your data

Access to your information and correction

How long we keep your data

Changes to our privacy policy

How to contact us

If you wish to complain

 

What information we hold about you

We hold your personal and medical information in your computerised medical record as well as some information in paper medical records (this information was generated before medical records were computerised). We collect information from you when you register with the practice and we record information whenever you have contact with the practice. We also hold information from third parties, such as hospital letters and test results. All information is treated confidentially and is accessed only by staff who need to in order to provide patient care. In addition, we hold recordings of telephone calls to and from the practice.

 

How we use the information about you

Your information is used by the practice for the purposes of providing direct patient care. The legal bases under which we process your data are covered in articles 6(1)(e) and 9(2)(h) of the Data Protection Act 2018.

 

Sharing your data

If we need to refer you to another healthcare provider e.g. hospital consultant, we will share your data in order to provide relevant information for your referral. We also share anonymised data with the approved medical research databases, SAIL (Secure Anonymised Information Linkage System in Wales) and THIN (The Health Improvement Network).  For further information about SAIL, please visit https://saildatabank.com/ and for THIN please visit http://www.ucl.ac.uk/pcph/research/thin-database   The legal basis for sharing information for medical research is covered in article 9(2)(j) of the Data Protection Act 2018.

 

Access to your information and correction

You have the right to access your medical record and obtain a copy if you wish. If you find any information in your record, which you disagree with, you should notify us. However, it is very unlikely that we will be able to delete any information but we can add a note to explain that you disagree.

 

How long we keep your data

We retain information on our patients until their death. Telephone recording data is held for 2 years.

 

Changes to our privacy policy

We keep our privacy policy under regular review and we will place any updates on our website. This privacy policy was last updated on 22 May 2018.

 

How to contact us

Please contact us if you have any questions on our privacy policy or on the information we hold on you:

  • By phone to the practice’s data controller on 01443 490366
  • By email to enquiries.w95058@wales.nhs.uk
  • Or write to: Data Controller, Taff Vale Practice, Duffryn Road, Rhydyfelin, RCT, CF37 5RW

 

In addition, we are required to have access to the services of a Data Protection Officer. Provision of this role on behalf of GP practices is currently under discussion by the Welsh Government and NHS Wales. We will update this notice once we have further information.

 

If you wish to complain

If you want to complain about how we have processed your data, you can report a concern to:

 

Information Commissioner’s Office – Wales

2nd Floor, Churchill House

Churchill Way

Cardiff

CF10 2HH

 

Telephone: 029 2067 8400

Fax: 029 2067 8399

Email: wales@ico.org.uk



NHS WalesThis site is brought to you by My Surgery Website