Practice Policies & Patient Information
Access Policy
In accordance with the Data Protection Act 1998 and Access to Health Records Act, patients may request to see their medical records.
Such requests should be made through the site manager and may be subject to an administration charge.
No information will be released without the patient consent unless we are legally obliged to do so.
Complaints
We make every effort to give the best service possible to everyone who attends our practice.
However, we are aware that things can go wrong resulting in a patient feeling that they have a genuine cause for complaint.
To pursue a complaint, please contact the site manager who will deal with your concerns appropriately.
Further written information is available regarding the complaints procedure from reception.
Confidentiality & Medical Records
The practice complies with data protection and access to medical records legislation. Identifiable information about you will be shared with others in the following circumstances:
- To provide further medical treatment for you e.g. from district nurses and hospital services.
- To help you get other services e.g. from the social services department. This requires your consent.
- When we have a duty to others e.g. in child protection cases. Anonymised patient information will also be used at local and national level to help the Health Policy makers and Government plan services e.g. for diabetic care.
If you do not wish that anonymous information about you be used in such a way, please let us know.
Reception and administration staff require access to your medical records in order to do their jobs. These members of staff are bound by the same rules of confidentiality as the medical staff.
Freedom of Information
Information about the General Practioners and the practice, required for disclosure under this act, can be made available to the public. All requests for such information should be made to the site manager.
General Practice Transparency Notice for GPES Data for Pandemic Planning and Research (COVID-19)
This practice is supporting vital coronavirus (COVID-19) planning and research by sharing your data with NHS Digital.
The health and social care system is facing significant pressures due to the coronavirus (COVID-19) outbreak.
Health and care information is essential to deliver care to individuals, to support health, social care and other public services and to protect public health.
Information will also be vital in researching, monitoring, tracking and managing the coronavirus outbreak.
In the current emergency it has become even more important to share health and care information across relevant organisations.
This practice is supporting vital coronavirus planning and research by sharing your data with NHS Digital, the national safe haven for health and social care data in England.
How NHS Digital will use and share your data
NHS Digital will analyse the data they collect and securely and lawfully share data with other appropriate organisations, including health and care organisations, bodies engaged in disease surveillance and research organisations for coronavirus response purposes only.
These purposes include protecting public health, planning and providing health, social care and public services, identifying coronavirus trends and risks to public health, monitoring and managing the outbreak and carrying out of vital coronavirus research and clinical trials.
The British Medical Association, the Royal College of General Practitioners and the National Data Guardian are all supportive of this initiative.
NHS Digital has various legal powers to share data for purposes relating to the coronavirus response.
It is also required to share data in certain circumstances set out in the COVID-19 Direction and to share confidential patient information to support the response under a legal notice issued to it by the Secretary of State under the Health Service (Control of Patient Information) Regulations 2002 (COPI Regulations).
Legal notices under the COPI Regulations have also been issued to other health and social care organisations requiring those organisations to process and share confidential patient information to respond to the coronavirus outbreak.
Any information used or shared during the outbreak under these legal notices or the COPI Regulations will be limited to the period of the outbreak unless there is another legal basis for organisations to continue to use the information.
Data which is shared by NHS Digital will be subject to robust rules relating to privacy, security and confidentiality and only the minimum amount of data necessary to achieve the coronavirus purpose will be shared.
Organisations using your data will also need to have a clear legal basis to do so and will enter into a data sharing agreement with NHS Digital. Information about the data that NHS Digital shares, including who with and for what purpose will be published in the NHS Digital data release register.
For more information about how NHS Digital will use your data please see the NHS Digital Transparency Notice for GP Data for Pandemic Planning and Research (COVID-19).
National Data Opt-Out
The application of the National Data Opt-Out to information shared by NHS Digital will be considered on a case by case basis and may or may not apply depending on the specific purposes for which the data is to be used.
This is because during this period of emergency, the National Data Opt-Out will not generally apply where data is used to support the coronavirus outbreak, due to the public interest and legal requirements to share information.
New Data Protection Regulations from May 2018 (GDPR)
Under the new data protection regulations introduced from 25th May 2018, we will continue to contact patients via text messages regarding the delivery of care if they have provided consent to do so.
If practices are sending messages about recommended treatment for the management of a specific health issue, then this is defined as providing appropriate care for patients, not marketing purposes.
If you would like to opt out of any future contact via text messaging, then please complete the form and indicate in the marked section.
Our legal basis for sharing data with NHS Digital
NHS Digital has been legally directed to collect and analyse patient data from all GP practices in England to support the coronavirus response for the duration of the outbreak.
NHS Digital will become the controller under the General Data Protection Regulation 2016 (GDPR) of the personal data collected and analysed jointly with the Secretary of State for Health and Social Care, who has directed NHS Digital to collect and analyse this data under the COVID-19 Public Health Directions 2020 (COVID-19 Direction).
All GP practices in England are legally required to share data with NHS Digital for this purpose under the Health and Social Care Act 2012 (2012 Act). More information about this requirement is contained in the data provision notice issued by NHS Digital to GP practices.
Under GDPR our legal basis for sharing this personal data with NHS Digital is Article 6(1)(c) – legal obligation. Our legal basis for sharing personal data relating to health, is Article 9(2)(g) – substantial public interest, for the purposes of NHS Digital exercising its statutory functions under the COVID-19 Direction.
Prescribing initiative by NWL
Reducing prescribing of medicines and products that can be purchased without a prescription
North West London CCGs’ Governing Bodies have approved the approach outlined in this letter to reducing prescribing of medicines and products that can be purchased without a prescription.
Clinical judgement should be used when considering whether it is acceptable to ask patients to purchase their medication, e.g. Paracetamol when required for headache can be purchased, and however regular full dose Paracetamol for chronic osteoarthritis may be less suitable for purchase due to the quantities involved.
The General Medical Council’s Good practice in prescribing and managing medicines and devices (2013) includes: “‘Prescribing’ is used to describe many related activities, including …….advising patients on the purchase of over the counter medicines and other remedies…….”
The approach outlined above, is consistent with (legally privileged) legal advice obtained for NWL CCGs.
NWL CCGs envisage aligning their approach with national guidance if and when such guidance is published.
A leaflet for patients about the approach outlined above and a range of relevant posters are available as follows:
Medicines that can be purchased without a prescription
Ordering repeat prescriptions online
Prescriptions Charges and Exemptions
The NHS prescription charge is a flat-rate amount which successive Governments have thought it reasonable to charge for those who can afford to pay for their medicines.
Extensive exemption and remission arrangements protect those likely to have difficulty in paying charges (NHS prescription and dental charges, optical and hospital travel costs).
If you think you may be exempt please ask for a medical exemption form from your pharmacist or doctor.
Prescription prepayment certificates (PPCs) offer real savings for people who need several items of medication on a regular basis.
You can also speak to your pharmacist for further information.
Charges
- Prescription (per item): £9.15
- 12-month prepayment certificate (PPC): £105.90
- 3-month PPC: £29.65
If you will have to pay for four or more prescription items in three months, or more than 15 items in 12 months, you may find it cheaper to buy a PPC .
To order a pre-payment certificate:
Telephone advice and order line 0845 850 0030
General Public – Buy or Renew a PPC On-line
There is further information about prescription exemptions and fees on the NHS website
Useful leaflets and posters
Medicines that can be purchased without a prescription
Ordering repeat prescriptions online
Privacy Policy
We understand how important it is to keep your personal information safe and secure and we take this very seriously.
We have taken steps to make sure your personal information is looked after in the best possible way, and we review this regularly.
Please read this privacy notice (‘Privacy Notice’) carefully, as it contains important information about how we use the personal and healthcare information we collect on your behalf.
Why we are providing this privacy notice
We are required to provide you with this Privacy Notice by Law. It explains how we use the personal and healthcare information we collect, store and hold about you. If you are unclear about how we process or use your personal and healthcare information, or you have any questions about this Privacy Notice or any other issue regarding your personal and healthcare information, then please do contact our Data Protection Officer (details below).
The Law says:
We must let you know why we collect personal and healthcare information about you;
We must let you know how we use any personal and/or healthcare information we hold on you;
We need to inform you in respect of what we do with it;
We need to tell you about who we share it with or pass it on to and why; and
We need to let you know how long we can keep it for.
The data protection officer
The Data Protection Officer at First Care Group Practice for our practices including Heathrow Medical Centre, Shakespeare Health Centre, The Pine Medical Centre, Willow Tree Surgery and Yeading Court Surgery is Jackie Quaif and can be contacted at:
jquaif@nhs.net
If you have any questions about how your information is being held;
If you require access to your information or if you wish to make a change to your information;
If you wish to make a complaint about anything to do with the personal and healthcare information we hold about you;
Or any other query relating to this Policy and your rights as a patient.
About Us
We, at First Care Group Practice are a Data Controller of your information. We are a group of five practices
Heathrow Medical Centre situated at 1 St Peter’s Way, Hayes UB3 5AB.
Shakespeare Health Centre situated at Elers Road,Hayes, UB8 1NY
The Pine Medical Centre situated at Fredora Avenue, Hayes, UB4 8RB
Willow Tree Surgery situated at 2 Jollys Lane, Hayes, Middlesex, UB4 9BG
Yeading Court Surgery situated at 1-2 Yeading Court, Masefield Lane, Hayes, Middlesex, UB4 9AJ
This means we are responsible for collecting, storing and handling your personal and healthcare information, when you register with us as a patient at one of our practices.
There may be times where we also process your information. That means we use it for a particular purpose and, therefore, on those occasions we may also be Data Processors. The purposes for which we use your information are set out in this Privacy Notice.
Information we collect from you
The information we collect from you will include:
Your contact details (such as your name and email address, including place of work and work contact details);
Details and contact numbers of your next of kin and/or people you designate as carers;
Your age range, gender, ethnicity, main language;
Details in relation to your medical history;
Appointment details (such as date, time and reason for your visit to the Surgery);
Medical notes and details of diagnosis and consultations with our GPs and other health professionals within the Surgery involved in your direct healthcare;
Details of telephone encounters (such as telephone recordings, date, time and phone number of calls) for training and quality purposes;
CCTV recordings of onsite encounters within public spaces for safety and security of all patients.
Information about you from others
We also collect personal information about you when it is sent to us from the following:
1. a hospital, a consultant or any other medical or healthcare professional, or any other person involved with your general healthcare;
2. Other government agencies (such as DVLA, Home office, firearms applications, court orders etc) involved with your general healthcare.
Your summary care record
Your summary care record is an electronic record of your healthcare history (and other relevant personal information) held on a national healthcare records database provided and facilitated by NHS England.
This record may be shared with other healthcare professionals and additions to this record may also be made by relevant healthcare professionals and organisations involved in your direct healthcare.
You may have the right to demand that this record is not shared with anyone who is not involved in the provision of your direct healthcare. If you wish to enquire further as to your rights, in respect of not sharing information on this record ,then please contact our Data Protection Officer.
Who we may provide your personal information to, and why
We may pass your personal information on to the following people or organisations, because these organisations may require your information to assist them in the provision of your direct healthcare needs. It therefore, may be important for them to be able to access your information in order to ensure they may properly deliver their services to you:
1. Hospital professionals (such as doctors, consultants, nurses, etc);
2. Out of hours professionals (such as doctors, nurses, etc);
3. Community professionals (such as Pharmacists, Dentists, Opticians, Nurses);
4. NHS Services commissioned by NHS Clinical Commissioning groups or NHS England (such as Extended Access Hub, Community Paediatric Services, Diabetic retinal screening, Child immunisations, Cervical Screening, etc)
5. Any other person that is involved in providing services related to your general healthcare, including mental health professionals.
Other people who we provide your information to
1. NHS Commissioners (such as Hillingdon Clinical Commissioning Group, NHS England);
2. Service providers (such as Hillingdon Primary Care Confederation);
3. Local authorities (such as London Borough of Hillingdon);
4. Community health services (such as Central North West London NHS Trust);
5. For the purposes of complying with the law e.g. Police, Solicitors, Insurance Companies;
Anyone you have given your consent to, to view or receive your record, or part of your record. Please note, if you give another person or organisation consent to access your record we will need to contact you to verify your consent before we release that record. It is important that you are clear, and understand how much and what aspects of your record you give consent to be disclosed.
Anonymised information
Sometimes we may provide information about you in an anonymised form. If we do so, then none of the information we provide to any other party , will identify you as an individual and cannot be traced back to you.
Your rights as a patient
The Law gives you certain rights to your personal and healthcare information that we hold, as set out below:
A. Access and Subject Access Requests
You have the right to see what information we hold about you and to request a copy of this information.
If you would like a copy of the information we hold about you, please email our Data Protection Officer. We will provide this information free of charge, however, we may in some limited and exceptional circumstances have to make an administrative charge for any extra copies if the information requested is excessive, complex or repetitive.
We have one month to reply to you and give you the information that you require. We would ask, therefore, that any requests you make are in writing and it is made clear to us what and how much information you require.
B. Online Access
You may ask us if you wish to have online access to your medical record. However, there will be certain protocols that we have to follow in order to give you online access, including written consent and the production of documents that prove your identity.
Please note that when we give you online access, the responsibility is yours to make sure that you keep your information safe and secure if you do not wish any third party to gain access.
C. Correction
We want to make sure that your personal information is accurate and up to date. You may ask us to correct any information you think is inaccurate. It is very important that you make sure you tell us if your contact details including your mobile phone number has changed.
D. Removal
You have the right to ask for your information to be removed. However, if we require this information to assist us in providing you with appropriate medical services and diagnosis for your healthcare, then removal may not be possible.
E. Objection
We cannot share your information with anyone else for a purpose that is not directly related to your health, e.g. medical research, educational purposes, etc. We would ask you for your consent in order to do this. However, you have the right to request that your personal and healthcare information is not shared by the Surgery in this way. Please note the Anonymised Information section in this Privacy Notice.
F. Transfer
You have the right to request that your personal and/or healthcare information is transferred, in an electronic form (or other form), to another organisation, but we will require your clear consent to be able to do this.
Third parties mentioned on your medical record
Sometimes we record information about third parties mentioned by you to us during any consultation. We are under an obligation to make sure we also protect that third party’s rights as an individual and to ensure that references to them which may breach their rights to confidentiality, are removed before we send any information to any other party including yourself. Third parties can include: spouses, partners, and other family members.
How we use the information about you
We use your personal and healthcare information in the following ways:
A. when we need to speak to, or contact other doctors, consultants, nurses or any other medical/healthcare professional or organisation during the course of your diagnosis or treatment or on going healthcare;
B. when we are required by law to hand over your information to any other organisation, such as the police, by court order, solicitors, or immigration enforcement.
We will never pass on your personal information to anyone else who does not need it, or has no right to it, unless you give us clear consent to do so.
Legal justification for collecting and using your information
The law says we need a legal basis to handle your personal and healthcare information.
CONTRACT: We have a contract with NHS England to deliver healthcare services to you. This contract provides that we are under a legal obligation to ensure that we deliver medical and healthcare services to the public.
CONSENT: Sometimes we also rely on the fact that you give us consent to use your personal and healthcare information so that we can take care of your healthcare needs.
Please note that you have the right to withdraw consent at any time, if you no longer wish to receive services from us.
NECESSARY CARE: Providing you with the appropriate healthcare, where necessary. The law refers to this as ‘protecting your vital interests’ where you may be in a position not to be able to consent.
LAW: Sometimes the Law obliges us to provide your information to an organisation (see above).
Special categories
The law states that personal information about your health falls into a special category of information because it is very sensitive. Reasons that may entitle us to use and process your information may be as follows:
PUBLIC INTEREST: Where we may need to handle your personal information when it is considered to be in the public interest. For example, when there is an outbreak of a specific disease and we need to contact you for treatment, or we need to pass your information to relevant organisations to ensure you receive advice and/or treatment;
CONSENT: When you have given us consent;
VITAL INTEREST: If you are incapable of giving consent, and we have to use your information to
protect your vital interests (e.g. if you have had an accident and you need emergency treatment);
DEFENDING A CLAIM: If we need your information to defend a legal claim against us by you, or by another party;
PROVIDING YOU WITH MEDICAL CARE: Where we need your information to provide you with medical and healthcare services
How long we keep your personal information
We carefully consider any personal information that we store about you, and we will not keep your information for longer than is necessary for the purposes as set out in this Privacy Notice.
Under 16s
There is a separate privacy notice for patients under the age of 16, a copy of which may be obtained on request.
If english is not your first language
If English is not your first language you can request a translation of this Privacy Notice. Please contact our Data Protection Officer.
Complaints
If you have a concern about the way we handle your personal data or you have a complaint about what we are doing, or how we have used or handled your personal and/or healthcare information, then please contact our Data Protection Officer.
However, you have a right to raise any concern or complaint with the UK information regulator, at the Information Commissioner’s Office:
www.ico.org.uk
Our website
The only website this Privacy Notice applies to is the Surgery’s website. If you use a link to any other website from the Surgery’s website then you will need to read their respective privacy notice. We take no responsibility (legal or otherwise) for the content of other websites.
Cookies
The Surgery’s website uses cookies. For more information on which cookies we use and how we use them, please see our Cookies Policy.
Security
We take the security of your information very seriously and we do everything we can to ensure that your information is always protected and secure. We regularly update our processes and systems and we also ensure that our staff are properly trained. We also carry out assessments and audits of the information that we hold about you and make sure that if we provide any other services, we carry out proper assessments and security reviews.
Text messaging and contacting you
Because we are obliged to protect any confidential information we hold about you and we take this very seriously, it is imperative that you let us know immediately if you change any of your contact details.
We may contact you using SMS texting to your mobile phone ,in the event that we need to notify you about appointments and other services that we provide to you involving your direct care. Therefore you must ensure that we have your up to date details. This is to ensure we are sure that we are actually contacting you and not another person.
Where to find our privacy notice
You may find a copy of this Privacy Notice in the Surgery’s reception, on our website, or a copy may be provided on request.
Changes to our privacy notice
We regularly review and update our Privacy Notice. This Privacy Notice was last updated on 24 May 2018.
Privacy Policy ©First Care Group Practice – including Heathrow Medical Centre, Shakespeare Health Centre, The Pine Medical Centre, Willow Tree Surgery and Yeading Court Surgery.
The type of personal data we are sharing with NHS Digital
The data being shared with NHS Digital will include information about patients who are currently registered with a GP practice or who have a date of death on or after 1 November 2019 whose record contains coded information relevant to coronavirus planning and research.
The data contains NHS Number, postcode, address, surname, forename, sex, ethnicity, date of birth and date of death for those patients.
It will also include coded health data which is held in your GP record such as details of:
- diagnoses and findings
- medications and other prescribed items
- investigations, tests and results
- treatments and outcomes
- vaccinations and immunisations
Violence Policy
The NHS operate a zero tolerance policy with regards to violence and abuse, and the practice has the right to remove violent patients from the list with immediate effect, in order to safeguard practice staff, patients and other persons.
Violence in this context includes actual or threatened physical violence, or verbal abuse which leads to fear for a person’s safety.
In this situation we will notify the patient in writing of their removal from the list, and record in the patient’s medical records the fact of the removal and the circumstances leading to it.
Your rights over your personal data
To read more about the health and care information NHS Digital collects, its legal basis for collecting this information and what choices and rights you have in relation to the processing by NHS Digital of your personal data, see: