General Data Protection Regulation

How we use your information

• We collect and hold data about you for the purpose of providing safe and effective healthcare
• Your information may be shared with our partner organisations to audit services and help provide you with better care
• Information sharing is subject to strict agreements on how it is used
• We will only share your information outside of our partner organisations with your consent. Unless the health & safety of others is at risk, the law requires it or it is required to carry out a statutory function
• If you are happy with how we use your information you do not need to do anything
• If you do not want your information to be used for any purpose beyond providing your care please let us know so we can code your record appropriately
• You can object to sharing information with other health care providers but if this limits your treatment options we will tell you
• Our guiding principle is that we are holding your information in the strictest confidence Alma Medical Centre

Also see

• Data Provision Notice (DPN) Privacy Statement
• Patient Information on GDPR Transparency Notice

Find out why your data matters

1. Overview
2. Benefits of data sharing
3. Who uses your data
4. How data is protected
5. Manage your choice

• Research
• Prevent serious illness
• Develop new treatments
• Learn more about diseases

Your confidential patient information provides numerous benefits. It is used in research to find cures and better treatments for diseases like diabetes and cancer.

With your data, we are better able to develop and improve health and care services for the future.

• Planning
• Plan NHS health services
• Make services safer
• Improving quality of care

Confidential patient information can also be used to plan health and care services more effectively. The NHS and local authorities can plan where they need to provide further care services more efficiently.

This helps to improve health and social care for you and your family.

NHS Digital will not collect patients’ names or addresses

Any other data that could directly identify patients (such as NHS Number, date of birth, full postcode) is replaced with unique codes which are produced by de-identification software before the data is shared with NHS Digital.

This process is called pseudonymisation and means that patients will not be identified directly in the data. NHS Digital will be able to use the software to convert the unique codes back to data that could directly identify patients in certain circumstances, and where there is a valid legal reason.

We will collect structured and coded data from patient medical records.

• data about diagnoses, symptoms, observations, test results, medications, allergies, immunisations, referrals, recalls and appointments, including information about physical, mental and sexual health.
• data on sex, ethnicity, and sexual orientation.
• data about staff who have treated patients.

• name and address (except for postcode, protected in a unique coded form).
• written notes (free text), such as the details of conversations with doctors and nurses.
• images, letters, and documents. 
• coded data that is not needed due to its age - for example medication, referral and appointment data that is over 10 years old.
• coded data that GPs are not permitted to share by law - for example certain codes about IVF treatment, and certain information about gender re-assignment.