If you would prefer, you can view our Easy Read Privacy Notice.
We are committed to protecting your privacy. You can access our website without giving us any information about yourself. But sometimes we do need information to provide services that you request, and this statement of privacy explains data collection and use in those situations.
In general, you can visit our web site without telling us who you are and without revealing any information about yourself. However there may be occasions when you choose to give us personal information, for example, when you choose to contact us or request information from us. We will ask you when we need information that personally identifies you or allows us to contact you.
We collect the personal data that you may volunteer while using our services. We do not collect information about our visitors from other sources, such as public records or bodies, or private organisations. We do not collect or use personal data for any purpose other than that indicated below:
- To send you confirmation of requests that you have made to us
- To send you information when you request it.
We intend to protect the quality and integrity of your personally identifiable information and we have implemented appropriate technical and organisational measures to do so. We ensure that your personal data will not be disclosed to State institutions and authorities except if required by law or other regulation.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should be aware that we don’t have any control over the other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites.
How we use your information
- We collect and hold data about you for the purpose of providing safe and effective healthcare
- Your information may be shared with our partner organisations to audit services and help provide you with better care
- Information sharing is subject to strict agreements on how it is used
- We will only share your information outside of our partner organisations with your consent*
- If you do not want your information to be used for purposes beyond providing your care please let us know
- You can set your choice about your information being used for research and planning at www.nhs.uk/your-nhs-data-matters
- You can object to sharing information with other health care providers but if this limits your treatment options we will tell you
- Our guiding principle is that we are holding your information in the strictest confidence
- For more information about who are our partner organisations and how your data is used please ask at reception
*Unless the health & safety of others is at risk, the law requires it or it is required to carry out a statutory function
This practice is supporting vital coronavirus (COVID-19) planning and research by sharing your data with NHS Digital. For more information about this see the General Practice Transparency Notice for GPES Data for Pandemic Planning and Research (COVID-19).
The Secretary of State for Health and Social Care has directed NHS Digital to collect and analyse data from providers and other organisations involved in managing the COVID-19 response and then disseminate information and analysis to other bodies for the purpose of planning and managing the response. NHS England and NHS Improvement have been given legal notice to support the processing and sharing of information to help the COVID-19 response under Health Service Control of Patient Information Regulations 2002.
Individual healthcare organisations and Local Authorities have also been given legal notice under the same regulations to support the processing and sharing of information to help the COVID-19 response. This is to ensure that confidential patient information can be used and shared appropriately and lawfully for purposes related to the COVID-19 response.
Third party processors
In order to deliver the best possible service, the practice will share data (where required) with other NHS bodies such as other GP practices and hospitals. In addition the practice will use carefully selected third party service providers. When we use a third party service provider to process data on our behalf then we will always have an appropriate agreement in place to ensure that they keep the data secure, that they do not use or share information other than in accordance with our instructions and that they are operating appropriately. Examples of functions that may be carried out by third parties includes:
- Companies that provide IT services & support, including our core clinical systems; systems which manage patient facing services (such as our website and service accessible through the same); data hosting service providers; systems which facilitate appointment bookings or electronic prescription services; document management services etc.
- Delivery services (for example if we were to arrange for delivery of any medicines to you).
- Payment providers (if for example you were paying for a prescription or a service such as travel vaccinations).
Further details regarding specific third party processors can be supplied on request
Woosehill Practice is compliant with the national data opt-out policy
Our Data Protection Officer (DPO) is Lindsay Blamires.
If you have a Data Protection query please contact Woosehill Medical Centre Operations Manager in the first instance.