St Marys Medical Centre has a legal duty to explain how we use any personal information we collect about you, as a registered patient, at the organisation. Staff at this organisation maintain records about your health and the treatment you receive in electronic and paper format.
Children's Privacy Notice
Children’s Privacy Notice
WHAT IS A PRIVACY NOTICE AND WHY DOES IT APPLY TO ME?
A privacy notice tells people how organisations use information that they hold about them. The law that supports privacy is the Data Protection Act 2018 and this includes the UK General Data Protection Regulation, also known as UK GDPR. The UK GDPR details what needs to be provided within the privacy notice, this is:
- What information we hold about you
- How we keep this especially important information safe and secure and where we keep it
- How we use your information
- Who we share your information with
- What your rights are
- When the law gives us permission to use your information
WHY DOES THE LAW SAY YOU CAN USE MY INFORMATION?
The law gives us permission to use your information in situations when we need it to take care of you. Because information about your health is very personal, sensitive, and private to you, the law is very strict about how we use it.
So, before we can use your information in the ways we have set out in this privacy notice, we must have a good reason in law which is called a ‘lawful basis.’ Not only do we have to do that, but we also must show that your information falls into a special group or category because it is very sensitive. By doing this, the law makes sure we only use your information to look after you and that we do not use it for any other reason.
If you would like more information about this, please ask to speak to our Data Protection Officer (DPO) mentioned in this privacy notice who will explain this in more detail.
ABOUT US
This practice is responsible for collecting, storing, and handling your information when you are registered with us as a patient. Because we do this, the law says we are the data controller. Sometimes we may use your information for a particular purpose and, when we do so, the law says we are the data processor.
WHAT INFORMATION DO WE HOLD ABOUT YOU?
Personal information is anything that identifies you as a person and we all have personal information. Personal information that tells us something about you includes:
- Your name
- Address
- Mobile number
- Information about your parent(s) or person with parental responsibility
- All your health records
- Appointment records
- Treatments you have had.
- Medicines prescribed for you and any other information to help us look after you
HOW DO WE KEEP IT SAFE?
The law says that we must do all we can to keep your information private, safe, and secure.
We use secure computer systems, and we make sure that any written information held about you is kept securely. We also train our staff to respect your privacy and deal with your information in a manner that makes sure it is always kept and dealt with in a safe way.
WHAT DO WE DO WITH YOUR INFORMATION?
We only usually use your information to help us to care for you. That means we might need to share your information with other people who are concerned and involved with looking after your health.
We might need to share your information with the police, courts, social services, solicitors and other people who have a right to your information, but we always make sure that they have a legal right to see it (or have a copy of it) before we provide it to them.
WHO ELSE WILL SEE MY INFORMATION?
- Usually, only staff at this practice are allowed to see your information. Should you need to go to the hospital then we may be asked to share your information with them, but this is only so that we can take care of you.
- Sometimes we might be asked to take part in medical research that could help you in the future. We will always ask you or your parent(s) or an adult with parental responsibility if we can share your information if this happens.
- Possibly the police, social services, the courts or other organisations and people who may have a legal right to see your information.
WHAT IF I WANT TO SEE MY INFORMATION YOU HOLD ABOUT ME?
If you want to see what information we hold about you then you have a right to see it and you can ask for it.
To ask to see your information you will need to complete a Subject Access Request (SAR). There are some rules on this so, if you are under 16, your parents or adults with parental responsibility can do this on your behalf. But if you are over 12, you may be classed as being competent and you may be able to do this yourself. We will give this to you free of charge.
If you think there are any errors in the information, we hold about you then you can ask us to correct it, but the law says we cannot remove any of the information we hold about you even if you ask us to. This is because we need this information to take care of you.
However, you have a right to ask us not to share your information. Should you like to talk to us about not sharing your information, even if this means you do not want us to share your information with your parent(s) or an adult with parental responsibility, please let us know. We will be happy to help.
WHAT IF I HAVE A QUESTION?
Should you have any questions about our privacy policy or the information we hold about you, you can:
- Contact the organisation via email at repeats.stmarys@nhs.net. GP practices are data controllers for the data they hold about their patients.
- Write to the Data Protection Officer (DPO) at this practice Dr Brian Lewis
- Ask to speak to the Practice Manager Natalie Wood or their deputy Abygayle Clegg
WHAT IF I HAVE A COMPLAINT ABOUT HOW YOU LOOK AFTER MY INFORMATION?
If you are unhappy with any element of our data processing methods, contact the Practice Manager Natalie Wood in the first instance. If you feel that we have not addressed your concern appropriately, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).
The ICO can be contacted on https://ico.org.uk and selecting “Raising a concern” or telephone: 0303 123 1113.
The ICO is the regulator for data protection and offers independent advice and guidance on the law and personal data including your rights and how to access your personal information.