Accountable GP
An accountable GP will be assigned to every patient and where a preference is expressed reasonable efforts will be made to accommodate this.
Health Checks
You will be offered a health check when you join the practice. Any patients aged 16 –74 years who have not had a consultation within the last three years may request a consultation.
Patients 75 years and over who have not had a consultation within the last twelve months may request a health check with one of our practice team. If you are unable to attend the surgery, a home visit could be arranged.
Complaint Procedure
What happens when I complain?
Stage One
We hope that most problems can be sorted out locally and informally. This should be done, if you feel able to, by first speaking to the member of staff who you have already had contact with. If the complaint is about that person, ask to see the person in charge. Tell them clearly that you are not satisfied and why.
Stage Two
How our Formal Complaints procedure works
If we have been unable to resolve your concerns with the person in charge or if you have asked for your complaint to be registered as formal the following procedure will take place:
What action can I take if I am not happy with the outcome of my complaint?
If you are dissatisfied without final response, you should contact the Practice Manager in the first instance to discuss your concerns further. We will ensure that every effort is made to satisfactorily address any outstanding issues.
In the event that you believe the organisation has not provided a satisfactory response to the matter that you confirmed in your initial correspondence you can contact NHS England complaint service on the contact details below.
NHS England National Call Centre Service 0300 311 2233
They will pass your concerns to the local locality to be dealt with.
COVID 19 Privacy Notice
Direct Care Privacy Notice
How Health & Beyond uses your information to provide you with healthcare
This practice keeps medical records confidential and complies with the General Data Protection Regulation.
We hold your medical record so that we can provide you with safe care and treatment.
We will also use your information so that this practice can check and review the quality of the care we provide. This helps us to improve our services to you.
- We will share relevant information from your medical record with other health or social care staff or organisations when they provide you with care. For example, your GP will share information when they refer you to a specialist in a hospital. Or your GP will send details about your prescription to your chosen pharmacy.
- For more information on how we share your information with organisations who are directly involved in your care can be found here
- Healthcare staff working in A&E and out of hours care will also have access to your information. For example, it is important that staff who are treating you in an emergency know if you have any allergic reactions. This will involve the use of your Summary Care Record.
For more information see: https://digital.nhs.uk/summary-care-records or alternatively speak to your practice.
- You have the right to object to information being shared for your own care. Please speak to the practice if you wish to object. You also have the right to have any mistakes or errors corrected.
Other important information about how your information is used to provide you with healthcare
Registering for NHS care
· All patients who receive NHS care are registered on a national database. · This database holds your name, address, date of birth and NHS Number but it does not hold information about the care you receive. · The database is held by NHS Digital, a national organisation which has legal responsibilities to collect NHS data. · More information can be found at: Information Commissioner’s Office https://ico.org.uk/ or the phone number for general enquires at NHS Digital is 0300 303 5678
|
Identifying patients who might be at risk of certain diseases
· Your medical records will be searched by a computer programme so that we can identify patients who might be at high risk from certain diseases such as heart disease or unplanned admissions to hospital. · This means we can offer patients additional care or support as early as possible. · This process will involve linking information from your GP record with information from other health or social care services you have used. · Information which identifies you will only be seen by this practice. · For more information speak to the practice. |
Safeguarding
· Sometimes we need to share information so that other people, including healthcare staff, children or others with safeguarding needs, are protected from risk of harm. · These circumstances are rare. · We do not need your consent or agreement to do this. · Please see our local policies for more information: Up to date Safeguarding |
We are required by law to provide you with the following information about how we handle your information.
Data Protection Officer contact details
|
|
Purpose of the processing
|
· To give direct health or social care to individual patients.
· For example, when a patient agrees to a referral for direct care, such as to a hospital, relevant information about the patient will be shared with the other healthcare staff to enable them to give appropriate advice, investigations, treatments and/or care.
· To check and review the quality of care. (This is called audit and clinical governance). |
Lawful basis for processing
|
These purposes are supported under the following sections of the GDPR:
Article 6(1)(e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’; and
Article 9(2)(h) ‘necessary for the purposes of preventative or occupational medicine for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services…”
Healthcare staff will also respect and comply with their obligations under the common law duty of confidence. |
Recipient or categories of recipients of the processed data
|
The data will be shared with:
· healthcare professionals and staff in this surgery; · local hospitals; · out of hours services; · diagnostic and treatment centres; · or other organisations involved in the provision of direct care to individual patients. · Local Hospitals: Newcross, Russells Hall, etc.
|
Rights to object
|
· You have the right to object to information being shared between those who are providing you with direct care.
· This may affect the care you receive – please speak to the practice.
· You are not able to object to your name, address and other demographic information being sent to NHS Digital.
· This is necessary if you wish to be registered to receive NHS care.
· You are not able to object when information is legitimately shared for safeguarding reasons.
· In appropriate circumstances it is a legal and professional requirement to share information for safeguarding reasons. This is to protect people from harm.
· The information will be shared with the local safeguarding service [Insert name/address]
|
Right to access and correct | · You have the right to access your medical record and have any errors or mistakes corrected. Please speak to a member of staff or look at our ‘subject access request’ policy on the practice website – insert link.
|
Retention period
|
GP medical records will be kept in line with the law and national guidance. Information on how long records are kept can be found at: https://digital.nhs.uk/article/1202/Records-Management-Code-of-Practice-for-Health-and-Social-Care-2016
or speak to the practice.
|
Right to complain
|
You have the right to complain to the Information Commissioner’s Office. If you wish to complain follow this link https://ico.org.uk/global/contact-us/ or call the helpline 0303 123 1113
|
Data we get from other organisations | We receive information about your health from other organisations who are involved in providing you with health and social care. For example, if you go to hospital for treatment or an operation the hospital will send us a letter to let us know what happens. This means your GP medical record is kept up-to date when you receive care from other parts of the health service. |
Electronic Forms
Electronic Forms you may fill in on this WEB Site or any other. Note that by using electronic forms, you will be sending information about yourself across the Internet. Whilst every effort is made to keep this information secure, you should be aware that we cannot offer any guarantees of absolute privacy. If this matter concerns you then you should use another method to notify us of your intended information.
Your IP address will be sent with your communication. In rare cases where abuse or criminal activity can be shown to have taken place this may be used by the authorities to trace you.
Confidentiality, Data Protection & Freedom of Information act
We respect your right to privacy and keep all your health information confidential and secure.
It is important that the practice keep accurate and up-to-date records about your health and treatment so that those treating you can give you the best possible advice and care. This information is only available to those involved in your care.
You have a right to know what information we hold about you. The Freedom of Information Act gives you the right to request information we hold. If you would like to see your records, please contact our Practice Manager. You will be asked to complete a request form and there may be a charge for this information.
Please ask for a listing of all charges for letters, reports and copies of your information.
Information requested by third party organisations outside the NHS will NOT be shared without your explicit written consent.
GDPR Compliance Statement
Introduction
The EU General Data Protection Regulation (GDPR) came into force across the European Union on 25th May 2018 and brings with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.
Our Commitment
Health and Beyond is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection programme in place which complies with existing law. However, we recognise our obligations to meet the demands of the GDPR and the UKs Data Protection Bill.
H&B is dedicated to safeguarding personal information and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of new regulations.
H&B have a consistent level of data protection and security across our organisation, and are fully compliant with the GDPR from 25th May 2018. Our preparation includes:
- Information Audits – scheduled network wide information audit to identify and assess what personal information we hold
- Policies & Procedures – revising data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including : –
- Data Protection – our main policy and procedure document for data protection has been overhauled to meet the standards and requirements of the GDPR. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities.
- Data Breaches – our breach procedures ensure that we have measures in place to identify, assess, investigate and report any personal data breach within the required timeframe. Our procedures have been disseminated to all employees, making them aware of the reporting lines and steps to follow.
- Subject Access Request (SAR) – (Requests for information for insurance reports or legal action) we have revised our SAR procedures to meet the 30-day timeframe for responses to third party requestors provided there is appropriate patient consent. Our new procedures detail how to verify the data subject, what steps to take for processing an access request, and what exemptions apply.
- Privacy Policy – we have revised our Privacy Policy to comply with the GDPR, ensuring that all individuals whose personal information we process are informed of why we need it, how it is used, what their rights are
- Summary Care Record – Consent or Rescind – Patients are requested upon registration if – they agree to participate in Summary Care Records. This means that any medically pertinent – information is able to be shared with other health care professionals who are providing care for our patients. Patients can decline to give consent and this will be recorded clearly in their record.
- Obtaining Consent – we have revised our consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information. We have developed a simple process to withdraw consent at any time.
Any patient over 16 must give written consent for any family member who will need to have access to medical information. If consent is not given we will be unable to share ay information with parents or care givers.
GP GDPR Privacy Notice
GP Net Earnings
We are an accredited training practice and believe in helping the future of healthcare and for that reason from time to time we have Medical Students at the centre & help them with the development in a variety of skills you will always be informed and asked for consent for them to be part of a consultation and you do have the right to decline.
Practice Charter
We welcome comments from all our patients, and we will never discriminate on grounds of race, gender, social class, religion, sexual orientation or appearance, disability or medical condition.
Policy on Violent or Abusive Patients
We are committed to always being courteous, professional and respectful toward everyone that comes to our surgeries. We expect our patients to treat our staff in a similar respectful way.
The practice operates a Zero Tolerance Policy Health and Beyond and therefore will not tolerate Rude, Bullying or Aggressive behaviour by patients or family/carers toward our staff or other patients. We take seriously any threatening, abusive or violent behaviour patients exhibiting this behaviour will be warned to stop their behaviour immediately.
If they persist, we may exercise our right to take action to have them removed, immediately if necessary, and also from our list of patients through the NHS Zero Tolerance Removal procedure. Persons removed from the practice list will be made to find alternative care.
Privacy Policy
Confidentiality, Data Protection & Freedom of Information act
It is important that the practice keep accurate and up-to-date records about your health and treatment so that those treating you can give you the best possible advice and care. This information is only available to those involved in your care.
You have a right to know what information we hold about you. The Freedom of Information Act gives you the right to request information we hold. If you would like to see your records, please contact our Practice Manager. You will be asked to complete a request form and there may be a charge for this information.
Please ask for a listing of all charges for letters, reports and copies of your information.
Information requested by third party organisations outside the NHS will NOT be shared without your explicit written consent.
GDPR Compliance Statement
Introduction
The EU General Data Protection Regulation (“GDPR) came into force across the European Union on 25th May 2018 and brings with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.
Our Commitment
Health and Beyond is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection programme in place which complies with existing law. However, we recognise our obligations to meet the demands of the GDPR and the UK’s Data Protection Bill.
H&B is dedicated to safeguarding personal information and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of new regulations.
H&B have a consistent level of data protection and security across our organisation, and are fully compliant with the GDPR from 25th May 2018. Our process includes:
- Information Audits – scheduled network wide information audit to identify and assess what personal information we hold
- Policies & Procedures – revised data protection policies and procedures which meet the requirements and standards of the GDPR and any relevant data protection laws.
- Data Protection – our main policy and procedure document for data protection meets the standards and requirements of the GDPR laws. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities.
- Data Breaches – our breach procedures ensure that we have measures in place to identify, assess, investigate and report any personal data breach within the required timeframe. Our procedures have been disseminated to all employees, making them aware of the reporting lines and steps to follow.
- Subject Access Request (SAR) – (Requests for information for insurance reports or legal action) we have revised our SAR procedures to meet the 30-day timeframe for responses to third party requestors provided there is appropriate patient consent. Our new procedures detail how to verify the data subject, what steps to take for processing an access request, and what exemptions apply.
- Privacy Policy – we have revised our Privacy Policy to comply with the GDPR, ensuring that all individuals whose personal information we process are informed of why we need it, how it is used, what their rights are.
- Summary Care Record – Consent or Rescind – Patients are requested upon registration if they agree to participate in Summary Care Records. This means that any medically pertinent information is able to be shared with other health care professionals who are providing care for our patients. Patients can decline to give consent and this will be recorded clearly in their record.
- Obtaining Consent ” we have revised our consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information. We have developed a simple process to withdraw consent at any time.
Any patient over 16 must give written consent for any family member who will need to have access to medical information. If consent is not given we will be unable to share ay information with parents or care givers.
If you have any questions about our compliance with GDPR, please contact your surgery.
Training Practice
We are an accredited training practice and believe in helping the future of healthcare and for that reason from time to time we have Medical Students at the centre & help them with the development in a variety of skills you will always be informed and asked for consent for them to be part of a consultation and you do have the right to decline.