Confidentiality & Medical Records
General Data Protection Regulations (GDPR)
What is GDPR?
The General Data Protection Regulation (GDPR) is a new EU regulation that comes into force on 25th May 2018. The GDPR will replace the existing data protection legislation including the UK Data Protection Act 1998.
Who Does the GDPR apply to?
The GDPR applies to all individuals and organisations with day-to-day responsibilities for data protection.
What does this mean for patients?
YOUR DATA:
- must be processed lawfully, fairly and transparently.
- collected for specific, explicit and legitimate purposes.
- must be limited to what is necessary for the purposes for which it is processed.
- must be accurate and kept up to date.
- must be held securely.
It can only be retained for as long as is necessary for the reasons it was collected.
Pennan Practice participation in research
As a practice, we feel that research is essential for progress in healthcare and is of considerable benefit to individual patients and the public as a whole. We regularly take part in research studies with the help of experienced NHS staff who search medical records for people who might be suitable so that we can write to them asking if they are interested in taking part.
No personal identifiable data is removed from the NHS provided to any researchers without specific consent from patients.
Patients have the right to opt out of being contacted about research studies. Please let the reception staff or your GP know if you wish to opt out.
If you have any questions, please ask to speak to the Practice Manager-
Tel 0141 959 1704
To access the full NHS Greater Glasgow and Clyde Privacy statement please go to
https://www.nhsggc.org.uk/media/248110/nhsggc_gdpr_data_protection_noticedocx.pdf
Freedom of Information
Information about the General Practioners and the practice required for disclosure under this act can be made available to the public. All requests for such information should be made to the practice manager.
Access to Records
In accordance with the Data Protection Act 1998 and Access to Health Records Act, patients may request to see their medical records. Such requests should be made through the practice manager and may be subject to an administration charge. No information will be released without the patient consent unless we are legally obliged to do so.