Penny Lane Surgery

General Data Protection Regulations (GDPR)

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union.

How we use your medical records. Important information for patients...  

  • We share medical records with those who are involved in providing you with care and treatment.
  • This practice handles medical records in-line with laws on data protection and confidentiality
  • In some circumstances we will also share medical records for medical research, for example to find out more about why people get ill.
  • We share information when the law requires us to do so, for example, to prevent infectious diseases from spreading or to check the care being provided to you is safe.
  • You have the right to be given a copy of your medical record.
  • You have the right to object to your medical records being shared with those who provide you with care.
  • You have the right to object to your information being used for medical research and to plan health services.
  • You have the right to have any mistakes corrected and to complain to the Information Commissioner’s Office. Please see the practice privacy notice on the website or speak to a member of staff for more information about your rights.

For more information ask at reception for a leaflet OR view the privacy notices below;

Privacy Notice - General

Privacy Notice Care Quality Commission

Privacy Notice Emergencies

Privacy Notice for Direct Care

Privacy Notice for National screening programs

Privacy Notice for Payments

Privacy Notice for Summary Care Record

Privacy Notice NHS Digital

Privacy Notice Public Health

Privacy Notice Risk Stratification

Privacy Notice Safeguarding

Privacy Notice IT System

Information Governance Policy