Data Protection

Data Protection

In order to provide the right level of care, we are required to hold personal information about you on our computer systems and in paper records to help us to look after your health needs, and your doctor is responsible for their accuracy and safe-keeping. Please help to keep your record up to date by informing us of any changes to your circumstances.

Confidentiality and Personal Information

Doctors and staff in the practice have access to your medical records to enable them to do their jobs. From time to time information may be shared with others involved in your care if it is necessary. Anyone with access to your record is properly trained in confidentiality issues and is governed by both legal and contractual duty to keep your details private.

All information about you is held securely and appropriate safeguards are in place to prevent accidental loss.

In some circumstances we may be required by law to release your details to statutory or other official bodies, for example if a court order is presented, or in the case of public health issues. In other circumstance you may be required to give written consent before information is released – such as for medical reports for insurance, solicitors etc.

To ensure your privacy, we will not disclose information over the telephone or fax unless we are sure that we are talking to you. Information will not be disclosed to family, friends or spouses unless we have prior written consent, and we do not, leave messages with others.

You have a right to see your records if you wish. Please ask at reception if you would like further details about our patient information leaflet. An appointment may be required. In some circumstances a fee may be payable.


Known as the General Practice Data for Planning and Research (GPDPR) service, the system launches on September 1st this year, with the aim of collecting data from GP practices to use for planning and research purposes. This will replace the previous scheme, the GPES (General Practice Extraction Service), news that will be welcomed by many. A National Audit Office review of GPES done as far back as 2015 found that the system was costly and inefficient, required significant improvement, and ultimately needed replacing.

The benefits of the new system are said to be that data – which will be pseudonymised and encrypted before being sent - can be collected quicker and more easily.

What data will be collected?

Data in primary care is of particular value because it encompasses so many conditions, some of which are treated primarily (or entirely) in primary care settings. This data can be used to more accurately predict the demand for future care provision.

The data will consist of symptoms, observations, diagnoses, results, allergies, referrals, immunisations, appointments, sexual health and mental health, as well as sex, ethnicity, and the staff who have treated them.

The data that will not be collected includes names, addresses, written notes from doctors, images, any information over 10 years old (old medicines or appointment data), or any data that GPs cannot ordinarily share by law – including IVF treatment or gender reassignment data.

What will the data be used for?

A good example of the need for high-quality, insightful data is in tracking the long-term impact of the Coronavirus pandemic. Using patient data we can learn more about the virus and how it affects people. Linked to this is the area of healthcare inequalities, something which the Covid-19 crisis has highlighted repeatedly. Data can be used to study how people access healthcare, and how their outcomes may differ compared to others. Finally, this sort of data will allow research and development work to confirm the safety and efficacy of things like vaccines, and investigate benefit/risk ratios.

Can patients opt out?

GP surgeries cannot opt out of the scheme, but patients can, in what is known as a Type 1 opt-out. Patients who do not consent to share their data should submit a form to their practice