Castle Surgery has a legal duty to explain how we use any personal information we collect about you as a registered patient at the practice. Staff at this practice maintain records about your health and the treatment you receive in paper and electronic format.
Information we collect
We collect information such as personal details, including name, address, next of kin, records of appointments, telephone calls, your health records, treatment and medications, test results etc. and any other relevant information in relation to your care.
Using your information
Your data is collected for the purpose of providing healthcare services; however, we can disclose this information if it is required by law, if you give consent or if it is justified in the public interest.
At Castle Surgery we will ensure that patients are informed about how the information we hold is processed and shared. All information will be processed lawfully and fairly, in accordance with the DPA 1998 and GDPR 2018.
We are committed to maintaining your confidentiality and protecting the information we hold about you. We adhere to the Data Protection Act (DPA 1998), NHS Codes of Confidentiality and Security, and guidance issued by the Information Commissioner’s Office.
All health and adult social care organisations are required to share information about patients with each other, by law; this is to improve the care delivered to the patient. An additional requirement is that the patient’s NHS number is used as the unique identifier when sharing any information or data.
Should you wish to opt out of data collection, please contact a member of staff who will be able to explain how you can opt out and prevent the sharing of your information. This is done by registering a Type 1 opt-out, preventing your information from being shared.
In accordance with the NHS Codes of Practice for Records Management, your healthcare records will be retained for 10 years after death, or if a patient emigrates, for 10 years after the date of emigration.