GDPR Data protectionAs from the 25th May 2018 there will be a change in the Date Protection if you would like more details please go to:
PRIVACY NOTICE PARBOLD SURGERY
Who are we?
Parbold Surgery are a partnership of general practitioners serving NHS patients in the Parbold locality.
What do we do with your information?
We collect your demographic data (name age sex address etc) and use your medical records with details such as diseases, operations and investigations to provide medical care. We may use your data to plan and improve services. We will process your data in accordance with the Data Protection Act 1998 and successor laws.
How We Use Your Information
In order to provide for your care, we need to collect and keep information about you and your health on our records. Your records are used to:
- Provide a basis for all health decisions made by care professionals with and for you
- Make sure your care is safe and effective
- Work effectively with others providing you with care
We also may use, or share, your information for the following purposes:
- Looking after the health of the general public
- Making sure that our services can meet patient needs in the future
- Auditing accounts
- Preparing statistics on NHS performance and activity (where steps will be taken to ensure you cannot be identified)
- Investigating concerns, complaints or legal claims
- Helping staff to review the care they provide to make sure it is of the highest standards
- Training and educating staff
- Research approved by the Local Research Ethics Committee. (If anything to do with the research would involve you personally, you will be contacted to provide consent).
If you do not wish your Confidential Personal Information (CPI) to be used for these or other purposes please access the NHS Digital website and fill in the opt out form. It will explain fully the reason for opting out or staying in. You will need to make a choice. Anyone from the age of 13 years can make this choice. Or telephone the helpline on 0300 303 5678.
Who will it be shared with?
The staff of Parbold Surgery and any services we refer you to for your further treatment for example referrals to other parts of the NHS such as hospital services, GP Out of Hours services, ambulance, pharmacies, district nurses and other community nursing services.
We are obliged to share data collected as an NHS patient with NHS England under the Health and Social Care Act 2012 which gives NHS Digital statutory powers to require data from health or social care providers in England where NHS Digital has been directed to do so by the Department of Health (on behalf of the Secretary of State for Health) or NHS England.
The Department of Health has directed NHS Digital to perform this work but you can opt out by accessing the NHS digital website and filling in the form which is on there.
Disclosure of Information to Other Health and Social Professionals
We work with a number of other NHS and partner agencies to provide healthcare services to you. Below is a list of organisations that we may share your information with:
Our partner organisations
- Other NHS hospitals
- relevant GP Practices
- dentists, opticians and pharmacies
- Private Sector Providers (private hospitals, care homes, hospices, contractors providing services to the NHS)
- Voluntary Sector Providers who are directly involved in your care
- Ambulance Trusts
- Specialist Trusts
- Health & Social Care Information Centre (HSCIC)
- Clinical Commissioning Groups
- NHS 111
- Out of Hours medical service
- NHS walk in centres
- NHS England
- The Health and Social Care Information Centre (HSCIC)
We may also share your information, with your consent, and subject to strict sharing protocols, about how it will be used, with:
- Local authority departments, including social care and health (formerly social services), education and housing and public health
- Police and fire services
This practice operates a Clinical Computer System on which NHS Staff record information securely. This information can then be shared with other clinicians so that everyone caring for you is fully informed about your medical history, including allergies and medication.
To provide around the clock safe care, unless you have asked us not to, we will make information available to trusted organisations. Wherever possible, their staff will ask your consent before your information is viewed.
We consider patient consent as being the key factor in dealing with your health information.
Shared Care Records
To support your care, and improve the sharing of relevant information to our partner organisations when they are involved in looking after you, we will share information to other systems. The general principle is that information is passed to these systems unless you request this does not happen, but that system users should ask for your consent before viewing your record.
How we keep your information confidential and secure
We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Data Protection Act 1998, Article 8 of the Human Rights Act, the Common Law Duty of Confidentiality, and the NHS Codes of Confidentiality and Security.
Everyone working in, or for, the NHS must use personal information in a secure and confidential way.
We will only ever use or pass on your information if there is a genuine need to do so. We will not disclose information about you to third parties without your permission unless there are exceptional circumstances, such as when the law requires.
To protect your confidentiality, we will not normally disclose any medical information about you over the telephone, or by fax, unless we are sure that we are talking to you. This means that we will not disclose information to your family, friends, and colleagues about any medical matters at all, unless we know that we have your consent to do so or there is a clear best interest urgent medical reason.
Anyone who receives information from us is also under a legal duty to keep it confidential and secure
All persons in the practice sign a confidentiality agreement that explicitly makes clear their duties in relation to personal health information and the consequences of breaching that duty.
Please be aware that your information will be accessed by non-clinical practice staff in order to perform tasks enabling the functioning of the practice. These are, but not limited to:
- Typing referral letters to hospital consultants or allied health professionals
- Opening letters from hospitals and consultants
- Scanning clinical letters, radiology reports and any other documents not available in electronic format
- Photocopying or printing documents for referral to consultants
- Handling, printing, photocopying and postage of medico legal and life assurance reports and of associated documents
Right of Access to your Health Information
The Data Protection Act 1998 allows you to find out what information about you is held on computer and in manual records. This is known as “right of subject access” and applies to personal information held about you. If you want to see the information about you that the practice holds:
- This can be viewed on Patient Access or make an appointment at reception informing them the nature of your appointment.
- You will be required to provide ID before any information is released to you.
Who else may ask to access your information
- The law courts can insist that we disclose medical records to them
- Solicitors often ask for medical reports. These will always be accompanied by your signed consent for us to disclose information. We will not normally release details about other people that are contained in your records (eg wife, children, parents etc) unless we also have their consent
- Limited information is shared with Public Health England to help them organise national programmes for Public Health such as childhood immunisations
- Social Services. The Benefits Agency and others may require medical reports on you from time to time. These will often be accompanied by your signed consent to disclose information.
Failure to co-operate with these agencies can lead to loss of benefit or other support. However, if we have not received your signed consent we will not normally disclose information about you.
Life assurance companies frequently ask for medical reports on prospective clients. These are always accompanied by your signed consent form. We must disclose all relevant medical conditions unless you ask us not to do so. In that case, we would have to inform the insurance company that you have instructed us not to make a full disclosure to them.
You have the right, should you request it, to see reports to insurance companies or employers before they are sent.
Sharing your information without consent
We will normally ask you for your consent, but there are times when we may be required by law to share your information without your consent, for example:
- Where there is a serious risk of harm or abuse to you or other people
- Where a serious crime, such as assault, is being investigated or where it could be prevented
- Notification of new births
- Where we encounter infectious diseases that may endanger the safety of others, such as meningitis or measles (but not HIV/AIDS)
- Where a formal court order has been issued
- Where there is a legal requirement, for example if you had committed a Road Traffic Offence.
Parbold Practice is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
You may choose to restrict the collection or use of your personal information in the following ways:
- Information you supply using any electronic form(s) on this website will only be used for the purpose(s) stated on the form
- Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice will be reviewed again on a regular basis.
If you have any concerns about how we use or share your information, or you do not wish us to share your information, then please contact our Practice Manager who will be able to assist you
Guide to GDPR General Data Protection Regulation
DATE PROTECTION IMPACT ASSESSMENT- CLINICAL NOTES STOREAGE EMIS
Data Protection Impact Assessment
Strictly Private and Confidential
Data protection Impact Assessment – Clinical Notes Storage EMIS
A data processor acting on our behalf, EMIS Health, is changing certain technical aspects of the way in which it delivers services to us (see https://www.emisnug.org.uk/blog/next-generation-emis-x-announced), and as part of this transition it will be moving the data which it hosts on our behalf from its own data centre to a third party data centre, which is owned and operated by Amazon Web Services (AWS).
Delivery of the services is subject to the terms of the GP Systems of Choice Framework (GPSOC) which is managed by NHS Digital on behalf of the Secretary of State for Health.
The exercise will involve a change to the manner in which data is being processed on our behalf. Although this change does not introduce processing that is likely to result in a high risk to individuals (which would necessitate the undertaking of a DPIA), given that the data includes special category data we nevertheless
Feel that it is appropriate that we undertake a review.
As detailed above, the data (which includes special category data (i.e. health data) which is collected via the processor’s clinical IT system and which forms the patient’s medical record) will be stored in a third party data centre (which will act on the instructions of EMIS Health, who in turn will act in accordance with instructions received from (or on behalf of) ourselves as the relevant controller pursuant to our call off contract under the GPSOC framework or as otherwise documented).
Aside from the manner in which the data is being hosted, we have not identified, as part of this change, any material change to the manner in which the data is being processed (in terms of data sharing and/or use.
The scope of the data processing is as detailed in the relevant GP Systems of Choice contract (and related call off contract (and deed of undertaking)) or as otherwise agreed in writing between EMIS Health and ourselves.
As noted above, aside from the hosting element the manner in which the data is being used or otherwise processed will not materially change as a result of this change.
This DPIA distinguishes between: (i) the day to day processing undertaken (by us as a controller and EMIS Health as a processor acting on our behalf (and which will not change and so is not covered in detail)); and (ii) the change to the manner in which the data is being hosted by or on behalf of the processor (and which is the focus of this DPIA).
We are aware that cloud computing is an established technology and the adoption of which is something which is being driven within the public sector – https://www.gov.uk/guidance/use-cloud-first
The use of cloud computing has been recognised by the Government as being beneficial because:
· you can avoid upfront investments in your infrastructure, reducing overall costs;
· there’s greater flexibility to trial new services or make changes, with minimal cost;
- pricing models are scalable - instead of building for the maximum usage you buy for less usage and increase or decrease as appropriate;
- it will be easier to meet the Greening Government Commitments - cloud facilities typically try to use server space and power in the most efficient way possible;
- upgrades and security patches can be applied continuously; and
- the supplier will have responsibility for making sure the service has good availability for users.
In terms of issues of public concern, we understand that individuals may have an issue with their medical record being held by a commercial organisation but, the fact is that the relevant patient records are already being held by third party commercial organisations (either EMIS or one of the other primary system suppliers under GPSoC (or by sub-processors acting on their behalf)) and the only real change here is the identity of the third party (i.e. the data is moving from a processor to a sub-processor).
With regard to questions of security we are aware that the National Cyber Security Centre has issued guidance on cloud security - https://www.ncsc.gov.uk/collection/cloud-security and we understand that the relevant service provider in this instance (AWS) operates at the very highest levels of security (details of which are set out at https://aws.amazon.com/security/)
As noted under the question above, the move to a third party cloud environment is seen as beneficial for a number of reasons for us as a controller (in terms of improved availability, resilience and service in respect of the services being delivered to us by the processor) and in respect of the patients (in terms security, integrity and availability of their data).
The GPSoC services are provided pursuant to a framework agreement as between NHS Digital and EMIS Health (with services then being purchased at a CCG level on our behalf as a service recipient).
Under the terms of the GPSoC framework, NHS Digital essentially acts for and on our behalf in terms of approving the appointment of processors to the framework and, once they are appointed, the use of any sub-contractors (and so sub-processors). We understand that EMIS Health has engaged with NHS Digital in order to secure a variation to the framework agreement to provide for the appointment of AWS as an approved material sub-contractor.
EMIS Health has notified the relevant GP practices, including ourselves, so that we have an opportunity to raise any concerns with regard to the proposed change but as this change is a universal technical/operational change it is more appropriate for such matters to take place at a framework level (which is why the GPSOC Framework Agreement is structured as it is).
In any event, the Guidance issued by the ICO would suggest that this is a move which the processor is entitled to drive on its own behalf provided that it remains within the scope of the relevant contract (i.e. in its Controller/Processor detailed guidance the ICO states “In certain circumstances, and where allowed for in the contract, a processor may have the freedom to use its technical knowledge to decide how to carry out certain activities on the controller’s behalf.”).
The lawful basis for processing (a mixture of consent, explicit consent, fulfilling public duties and providing direct healthcare) the patient records does not change as a result of this proposed change, the only difference is a technical one in terms of how the services is being delivered by the relevant processor (i.e. EMIS Health).
We have in place a privacy notice on the Parbold surgery website firstname.lastname@example.org which refers to the use of third party processors/service providers, which would include EMIS Health.
We are informed that the data will not be transferred overseas in connection with this change of service.
The processing which is undertaken by EMIS Health on our behalf is governed by the terms of the GP Systems of Choice Framework Agreement (together with the relevant Call Off Contract) which includes broad data protection obligations and we are able to directly enforce those obligations against the processor pursuant to a deed of undertaking which has been signed by EMIS Health and which each individual practice can rely upon .
5.RISKS - ASSESSMENT
Likelihood of harm
(Remote. Possible or
Severity of harm
(Low ,medium or
Loss of data in the transfer of data to the sub processor
Misuse of date by the sub-processor
6.RISK – MITIGATION.
Options to reduce or eliminate risk
Effect on Risk
Loss of data in the transfer of data to the sub-processor
We are informed that the data will be transferred in a very secure manner and in any event EMIS Health will retain a copy of the data in its current hosting centre unless or until there is evidence that all of the relevant data has been transferred
Misuse of date by
We are informed that the way in which the AWS service operates means that there is no opportunity for AWS employees to access or view the data held within the EMIS Health allocated areas of the hosting service. The data will be encrypted both at rest and in transit and AWS will not have access to the encryption keys. See https://aws.amazon.com/security/ for further details).
AWS already provides numerous services to Governmental organisations (such as Crown Commercial Services and the Ministry of Justice (see - https://aws.amazon.com/solutions/case-studies/uk-moj/) who will have undertaken their own detailed assessments.
Measures approved by:
Dr Mullen, Dr Gullick, Dr Kinsey, Dr Mason & Dr Dongre
Integrate actions back into project plan, with date and responsibility for completion
Residual risks approved by:
Dr Mullen, Dr Gullick, Dr Kinsey, Dr Mason & Dr Dongre
If accepting any residual high risk, consult the ICO before going ahead
DPO advice provided
DPO should advise on compliance,
Step 6 measures and whether processing can proceed
Summary of DPO advice
[From the information provided by EMIS Health, we are satisfied that the security; availability; integrity and confidentiality, of the patient data will improve as a result of the move to the AWS data service.
As noted above, the ICO guidance states that a processor has the ability to decide certain technical aspects of the processing, including “how the data is stored”. This change does not affect the underlying processing and the manner in which the processing is controlled by the practice (either directly or indirectly via NHS Digital) and from the practice’s and patient’s perspective nothing will change as a result of this technical/background switch.]
DPO advice accepted or overruled by:
If overruled you must explain your reasons
Consultation responses reviewed by:
If your decision departs from
Individuals’ views, you must explain your reasons
The DPA will be kept under review
The DPO should also review ongoing compliance with DPIA