This policy explains how we use the information we hold about our patients.
What information we hold about you
How we use the information about you
Sharing your data
Access to your information and correction
How long we keep your data
Changes to our privacy policy
How to contact us
If you wish to complain
What information we hold about you
We hold your personal and medical information in your computerised medical record as well as some information in paper medical records (this information was generated before medical records were computerised). We collect information from you when you register with the practice and we record information whenever you have contact with the practice. We also hold information from third parties, such as hospital letters and test results. All information is treated confidentially and is accessed only by staff who need to in order to provide patient care. In addition, we hold recordings of telephone calls to and from the practice.
How we use the information about you
Your information is used by the practice for the purposes of providing direct patient care. The legal bases under which we process your data are covered in articles 6(1)(e) and 9(2)(h) of the Data Protection Act 2018.
Sharing your data
If we need to refer you to another healthcare provider e.g. hospital consultant, we will share your data in order to provide relevant information for your referral. We also share anonymised data with the approved medical research databases, SAIL (Secure Anonymised Information Linkage System in Wales) and THIN (The Health Improvement Network). For further information about SAIL, please visit https://saildatabank.com/ and for THIN please visit http://www.ucl.ac.uk/pcph/research/thin-database The legal basis for sharing information for medical research is covered in article 9(2)(j) of the Data Protection Act 2018.
Access to your information and correction
You have the right to access your medical record and obtain a copy if you wish. If you find any information in your record, which you disagree with, you should notify us. However, it is very unlikely that we will be able to delete any information but we can add a note to explain that you disagree.
How long we keep your data
We retain information on our patients until their death. Telephone recording data is held for 2 years.
Changes to our privacy policy
We keep our privacy policy under regular review and we will place any updates on our website. This privacy policy was last updated on 22 May 2018.
How to contact us
Please contact us if you have any questions on our privacy policy or on the information we hold on you:
- By phone to the practice’s data controller on 01443 490366
- By email to enquiries.w95058@wales.nhs.uk
- Or write to: Data Controller, Taff Vale Practice, Duffryn Road, Rhydyfelin, RCT, CF37 5RW
In addition, we are required to have access to the services of a Data Protection Officer. Provision of this role on behalf of GP practices is currently under discussion by the Welsh Government and NHS Wales. We will update this notice once we have further information.
If you wish to complain
If you want to complain about how we have processed your data, you can report a concern to:
Information Commissioner’s Office – Wales
2nd Floor, Churchill House
Churchill Way
Cardiff
CF10 2HH
Telephone: 029 2067 8400
Fax: 029 2067 8399
Email: wales@ico.org.uk