Privacy Policy

Summary Privacy Notice

What is this?

We are required by law to provide you with information on how we use your data. There is a highly detailed privacy notice available from our website at, Practice Privacy notice, but this simplified notice is provided for clarity. This notice was last updated June 2022.

Who are we?

We are the Hampstead Group Practice. We provide medical services to you as a patient as part of the NHS.

Address:

Hampstead Group Practice

75 Fleet Road

London

NW3 2QU

Email:

HGP@NHS.Net

Telephone:

02034354000

Website:

https://www.hampsteadgrouppractice.co.uk/

 

Data Protection Officer

The practice is required by law to have a Data Protection Officer. The contact details are:

Name:

Steve Durbin

Email:

Dpo.Ncl@nhs.net

Address:

Please use the practice address above, marking “For the attention of the Data Protection Officer

 

Purposes of Processing, Legal Basis, Types of Data

We process data to carry out our role as your General Practitioner in providing you with healthcare.

The legal basis for this purpose is provided by the various NHS and social care acts. The Data Protection Act 2018 section 8 allows us to process data for these purposes. This provide a legal basis for processing under the UK GDPR Article 6 1(e) – task in the public interest.

For special category data Data Protection Act section 10 applies (health and social care purpose) and hence GDPR Article 9 2(h) – provision of health and social care. There are additionally some situations where other provisions are used; these are given in more detail in the full notice.

The types of data we keep relate to your health and care. These include both personal identifiers (e.g. your name, NHS number) and special category personal data (e.g. your health conditions). Further details are provided in the full notice.

Recipients of Your Data

We share data with other health and social care providers in order to provide you with care. You can opt out of this sharing, but this may affect your care. See the full privacy notice for details.

We are additionally required to supply data to other parts of the NHS for commissioning and audit purposes.

We share data for research purposes and health planning. You again can opt out of these purposes; this will generally not affect you individually, but will mean that research and planning may not take into account needs of people such as yourself. See the full privacy notice for details.

Transfers to Other Countries

We do not store or transmit your data outside of the UK unless this is either:

  1. Required for your care and you have consented to this
  2. Covered by a formal contract with a system provider to the NHS ensuring your data is not used for any purposes not in this notice and compliant with the UK GDPR; or
  3. We are required to under international law

We do not sell your data.

How Long Will You Keep My Data?

This depends on a number of factors such as how long you stay with our practice and the type of data. Generally, when you leave our practice your data is transferred to the new practice or to central records and we do not retain after that point.

Full details of how long data is held is given in the full privacy notice.

Your Rights

You have the right to:

  • Receive a copy of your data 
  • Have your data corrected, erased or restrict processing
  • Complain to our Data Protection Officer or the supervisory authority (the Information Commissioner) about our use or handling of your data

If you wish to exercise your rights, please contact the practice in the first instance - details above. You can also contact the Data Protection Officer if you prefer – details are again given above, or you can contact the Information Commissioner (ICO) – details via their website at https://ico.org.uk.

Provision of Data

It is not generally a legal requirement for you to provide us with data – however if you do not do so we may be unable to provide you with treatment. For more detail see the full privacy notice.

Automated Decision Making

We use various tools to simplify care and ensure that you get the best care possible.

Some of these have a degree of automation, for example, where a regular test is recommended for a health condition you have, or you are in a particular age and gender range and have not had a recommended screening test, we will have an automated list that flags you to be contacted. These recalls are automated, but it’s up to you to book an appointment; no action is taken beyond contacting you.

NO decisions on your care are taken without human intervention.

National Data opt-out

How the NHS and care services use your information

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.

The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:

 

  • improving the quality and standards of care provided
  • research into the development of new treatments
  • preventing illness and diseases
  • monitoring safety
  • planning services

 

This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.

 

Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.

 

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.

To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters.  On this web page you will:

  • See what is meant by confidential patient information
  • Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
  • Find out more about the benefits of sharing data
  • Understand more about who uses the data
  • Find out how your data is protected
  • Be able to access the system to view, set or change your opt-out setting
  • Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
  • See the situations where the opt-out will not apply

 

You can also find out more about how patient information is used at:

https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and

https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)

 

You can change your mind about your choice at any time.

 

Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.

 

Health and care organisations have until 2020 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. Our organisation is compliant with the national data opt-out policy.