This Privacy Notice explains how personal information is collected, used, stored, shared, and protected by Quarry Bank Medical Centre (“the Practice”). It applies to all personal data processed by or on behalf of the Practice in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018).

The privacy and confidentiality of your personal information is a priority for us. This notice sets out how we comply with legal obligations and best practices when handling personal data. The Practice is committed to maintaining the highest standards of data protection and information governance.

This Privacy Notice aims to inform you of:

• Who we are and how we use your personal information
• The role and contact details of our Data Protection Officer
• What types of personal and special category (sensitive) information we collect
• The lawful bases for processing your information, including sharing with authorised parties
• How you can inform us of changes to your data
• How long we retain your information and the criteria for doing so
• Your rights under data protection legislation and how to exercise them

Applicability

This Privacy Notice applies to:

• Personal data you provide to us directly (e.g. through registration forms, consultations, or correspondence)
• Personal data we receive from third parties involved in your care (e.g. hospitals, social care providers, community health teams)
• Information we generate during the course of providing you with healthcare (e.g. test results, treatment plans, referrals)

Legal Framework

The UK General Data Protection Regulation (UK GDPR) came into effect on 1 January 2021, following the UK’s exit from the European Union. It sits alongside and is supplemented by the Data Protection Act 2018, which came into force on 25 May 2018. These regulations outline strict rules regarding how organisations must handle personal data.

Data Controller

For purposes of UK data protection legislation, the Data Controller is: Quarry Bank Medical Centre
165 High Street, Quarry Bank, Brierley Hill, West Midlands, DY5 2AE

The term ‘Data Controller’ means that the Practice determines the purpose and means of processing personal data. We are responsible for ensuring that your data is handled in accordance with applicable law.

Our Commitment to You

We understand that your health and personal information is sensitive and private. We will:

• Process your data lawfully, fairly, and transparently
• Only collect data necessary for the provision of your care and treatment
• Keep your information accurate and up to date
• Store it securely and retain it for the minimum period necessary
• Ensure appropriate technical and organisational measures are in place to protect it

---

How we use your information and the law

Quarry Bank Medical Centre is a designated Data Controller under the UK GDPR. This means we are legally responsible for determining how and why your data is used.

We collect both basic personal data and special category data, including:

• Basic personal data: full name, date of birth, NHS number, contact details (telephone, email, home address), and demographic information
• Location-based information: where relevant to services we provide (e.g. home visits or remote consultations)
• Special category (sensitive) personal data: health and medical records, diagnoses, medications, clinical notes, allergies, test results, ethnicity, sexual orientation, sex life, gender identity, religious beliefs (if relevant in a clinical context), and safeguarding concerns

We may also receive this data from external sources, such as:

• NHS Trusts and hospitals
• Social services
• Other GP practices and healthcare professionals
• Care homes and domiciliary care providers
• Pharmacies, opticians, and dentists
• Local authority or law enforcement bodies (in specific lawful cases)

This data is required to enable us to provide appropriate, safe, and high-quality care and to meet our legal and contractual obligations under the NHS framework.

We do not collect more information than we need to fulfil our stated purposes and will not keep it longer than necessary. We are transparent about what we do with your information and aim to explain your rights in clear and accessible terms.

Let us know when your personal information changes so we can keep our records accurate and up to date.

Why do we need your information?

At Quarry Bank Medical Centre, maintaining accurate, relevant, and up-to-date records is fundamental to delivering safe and effective healthcare. Your information enables our healthcare professionals to assess your needs, provide appropriate clinical care, monitor your progress, and coordinate services across providers.

When you register at the practice or use our services, information about your health, care interactions, and relevant background is collected and stored in your NHS health record. These records are vital for ensuring continuity of care, supporting clinical decisions, safeguarding your wellbeing, and complying with statutory obligations.

We collect and retain information to:

• Ensure clinicians have a complete and up-to-date view of your medical history
• Facilitate accurate diagnosis and effective treatment planning
• Enable follow-up and recall for chronic disease monitoring and preventive care
• Communicate with you regarding your appointments, investigations, or results
• Share relevant details with authorised professionals to deliver coordinated care
• Protect public health, manage NHS resources, and support commissioning

Types of Records We Maintain

Your NHS record may include information stored electronically (via EMIS), on paper (e.g. scanned documents, referral letters), or a combination of both. Examples of the information recorded include:

• Identifying and demographic details: Name, date of birth, NHS number, address, contact numbers, email, marital status, ethnicity, preferred language
• Contact and liaison details: Next of kin, carers, legal guardians, power of attorney representatives, and emergency contacts
• Medical and treatment history: Diagnoses, test results (e.g. bloods, scans, X-rays), prescribed medication, allergies, long-term conditions, treatment plans, immunisations
• Clinical encounters: GP and nurse consultations, hospital discharge summaries, out-of-hours contacts, A&E attendances, mental health reviews, palliative care involvement
• Observational and administrative data: Height, weight, BMI, lifestyle factors (e.g. smoking, alcohol), social care needs, home visit records
• Communications and referrals: Letters from secondary care, correspondence with social services, safeguarding reports, opt-in/opt-out preferences, and complaints

Confidentiality and Security

To safeguard your data:

• Records are accessed only by authorised personnel using secure logins and role-based permissions
• EMIS Web and associated platforms are hosted within UK-based secure servers compliant with NHS Digital security standards
• Paper documents are stored in locked facilities, scanned into the system, and then disposed of securely in accordance with NHS retention schedules

Purpose and Limited Use

We use your information for direct care and administration of your treatment. Additionally:

• Clinical audits: We use anonymised or pseudonymised data internally to monitor service quality, prescribing trends, and adherence to clinical guidelines
• Public health initiatives: Data may contribute to immunisation campaigns, screening recalls, or pandemic response coordination
• Population health and NHS planning: Your anonymised data may be used to improve health outcomes across the wider community

You have a right to request that certain information is not shared, and to be informed about how decisions using your information are made.

How do we lawfully use your data?

We have a legal obligation to ensure that the way we collect, store, and use your personal and healthcare data is justified by clearly established legal bases. This section explains the lawful grounds under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018) that support how and why we use your information.

Legal Bases for Processing

We rely on a combination of the following provisions:

UK GDPR Article 6(1)(e) – Public Task / Official Authority:
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
As an NHS-commissioned GP surgery, our core functions—including diagnosis, prevention, and ongoing management of disease—fall under public health responsibilities delivered under statutory duty.

UK GDPR Article 9(2)(h) – Special Category Data for Health Purposes:
Processing is necessary for the purposes of preventive or occupational medicine, medical diagnosis, the provision of health or social care, or the management of health or social care systems.

This includes:

• Preventive interventions (e.g. vaccinations, screening recalls)
• Diagnosis and care planning
• Treatment delivery
• Healthcare operations (e.g. prescribing reviews, health surveillance, patient safety)

How We Use Your Personal Data

Your information is used to support a wide range of core and secondary healthcare functions:

• Direct patient care: We record consultations, diagnoses, test results, treatments, and referrals in your GP-held record. We share relevant data with community, secondary, and tertiary services to ensure joined-up care.
• Administrative use: Your data is used for prescription management, appointment reminders, test result notifications, recall systems, and onward referrals.
• Emergency access: Where urgent intervention is required, we may share your record with emergency services, out-of-hours providers, NHS 111, or A&E departments.
• Multidisciplinary care coordination: We may liaise with mental health teams, safeguarding leads, social care, learning disability teams, hospices, and voluntary sector providers.
• Health protection and improvement: Information may be shared with the UK Health Security Agency (UKHSA), NHS Digital, and local authorities for outbreak control and population health management.
• Legal disclosure: In limited circumstances, we are legally obliged to disclose information to official bodies (e.g. the police, courts, coroner, regulatory or safeguarding authorities).
• Clinical audits and quality improvement: We may use de-identified or pseudonymised data to audit compliance with NICE guidance, prescribing standards, QOF indicators, or DES requirements.
• Service redesign and planning: Aggregated data may support Integrated Care Board (ICB) planning or NHS England commissioning strategies.

We only share the minimum information necessary to fulfil each purpose and always in accordance with confidentiality principles and national information governance guidance.

Your Carers and Legal Representatives

This privacy notice also applies to any data you have provided about carers, next of kin, or legal representatives, especially where they are documented in relation to your care plan or emergency contact protocols. Where appropriate, we may also process information about your dependents or those you have caring responsibilities for, for the purposes of health or safeguarding.

Situations Where We May Share Information Without Consent

In exceptional cases, we may share your data without your consent if:

• There is a serious risk to your life or the life of another individual
• We are required to do so by law (e.g. court order or safeguarding concerns)
• It is in the wider public interest (e.g. notifiable disease reporting or public safety emergencies)

We will always consider the proportionality and necessity of the disclosure, following Caldicott Principles and GMC guidance.

Additional Legal Grounds

• Contractual obligation: We deliver services under the NHS Standard Contract. This means we must record and report activities in line with our responsibilities to NHS England and the local ICB.
• Consent: Where you give us permission (e.g. sharing information with a third-party family member, or for a non-core healthcare service), we will document your consent clearly. You have the right to withdraw this consent at any time.
• Vital interest: If you are unconscious or otherwise unable to consent, and we need to act to protect your life or that of someone else.
• Legal claims: If required, we may use your data to establish, exercise, or defend legal claims.

Special Categories of Data

Your health, biometric data, and genetic data fall under ‘special category data’, which carries higher protections under data protection law. We may process this data under the following justifications:

• Provision of healthcare and treatment (as above)
• Public health responsibilities, including pandemic responses
• Preventing or detecting unlawful acts, fraud, or safeguarding risks
• Research purposes (only with ethical approval and, where applicable, your consent)
• Statistical purposes or archiving in the public interest

We adhere to strict retention, storage, and access policies to ensure this data remains secure, confidential, and processed in line with best practice.re services

Risk Stratification

Risk stratification tools are used in the NHS to help determine an individual’s risk of developing a condition or requiring hospital admission, and to identify those who may benefit from early preventive intervention. These tools support general practices, Clinical Commissioning Groups (CCGs), and Integrated Care Boards (ICBs) in the effective planning and delivery of health services.

Information about you is collected from multiple sources, including your GP practice and hospital records, and processed through risk stratification software approved for use under NHS Digital’s Data Security and Protection Toolkit. The identifying information is initially pseudonymised for analysis, and once risk scores are calculated, the data is re-identified and returned to the practice in a secure format.

Your GP may use this risk information to proactively offer additional support, interventions, or monitoring. This helps to:

• Identify patients at risk of worsening conditions
• Reduce unplanned hospital admissions
• Deliver more personalised care and support

Individual-level risk management, conducted within the practice and under the care of your GP, is considered part of direct care and is legally permitted under the UK GDPR Article 9(2)(h). However, you may opt out of risk stratification programmes involving data shared beyond direct care. Please contact the practice for more information or to register your choice.

Medicines Management

Our practice may participate in Medicines Management Reviews to ensure that patients receive appropriate, safe, effective, and cost-efficient medication. This process includes reviews of prescribing patterns and clinical indications, and it supports:

• Reducing medication-related harm
• Ensuring best value for NHS funds
• Aligning prescribing practices with current national and local formularies

These reviews are often conducted by trained clinical pharmacists or prescribing advisors working under data processing contracts between the practice and the local ICB’s Medicines Optimisation Team. All activities are carried out under strict data protection and confidentiality arrangements.

Anonymised Information

In some circumstances, we may share anonymised or pseudonymised health data for secondary use purposes such as:

• Health service planning
• Research and clinical studies (subject to ethical and legal review)
• Public health surveillance
• Performance monitoring and policy evaluation

This data cannot be used to identify any individual and is processed in accordance with NHS Digital and ICO guidelines. For example, anonymised datasets may be shared with Public Health England or NHS England to monitor vaccination uptake or chronic disease prevalence.

GP Connect Service

The GP Connect programme facilitates data sharing between NHS organisations to improve patient access and continuity of care. One key aspect is the ability for NHS 111 and other authorised providers to book GP appointments directly into practice systems without needing to access your full medical record.

This functionality means:

• NHS 111 clinicians can book an appointment directly at our surgery, saving you time
• They only see a list of available appointments – no access to your full GP record is given
• When they do share clinical information with us (such as a triage summary or treatment recommendation), you will be informed

If you need to amend or cancel an appointment booked through NHS 111, you must contact our reception team directly. The GP Connect programme operates under a legal framework approved by NHS England, and data sharing is governed by Data Sharing Agreements, role-based access controls, and audit trails.

Summary Care Records

The Summary Care Record is an electronic record of important health information, created from your GP medical record and securely accessible to authorised NHS professionals involved in your care. All patients registered with a GP in England automatically have a basic SCR unless they opt out.

The core SCR includes:

• Current medications
• Allergies and adverse reactions

You may choose to enhance your SCR by giving explicit consent to include Additional Information, such as:

• Long-term conditions
• Care plans (e.g. end-of-life care, anticipatory medications)
• Significant medical history
• Communication preferences and immunisation history

SCR access helps clinicians provide safer, faster, and more informed treatment decisions—especially in urgent or emergency care scenarios where your usual GP may not be available. The use of SCR is tightly controlled by NHS Digital, and every access is logged and monitored. You may opt out at any time by contacting the practice.

Change to information held in your Summary Care Record

During the COVID-19 pandemic, the Department of Health and Social Care (DHSC) issued a temporary legal notice under the Health Service (Control of Patient Information) Regulations 2002. This directive required healthcare organisations to share relevant confidential patient information, including Additional Information in the Summary Care Record (SCR), to support the NHS response to the pandemic.

As a result, explicit consent was not required for the inclusion of Additional Information in SCRs unless a patient had previously opted out or limited their SCR to Core information.

This temporary measure has now been lifted. The emergency powers enabling automatic inclusion of Additional Information in SCRs without explicit consent ceased with the end of the COVID-19 emergency period. The standard consent model has now resumed.

Current SCR Consent Rules

• Patients who have opted out of the SCR will continue to have no record created.
• Patients who have chosen to limit their SCR to Core information only will retain that setting.
• All other patients must now provide explicit consent to include Additional Information in their SCR.

If you are unsure of your current preference or wish to update your SCR sharing status, please contact the practice. We will update your records accordingly, ensuring that all future Summary Care Record sharing is in line with your informed decision.

Why have we made this change

In order to look after your health and care needs, health and social care bodies may share your confidential patient information contained in your Summary Care Record with clinical and non-clinical staff in other health and care organisations, for example hospitals, NHS 111 and out of hours organisations. These changes will improve the healthcare that you receive away from your usual GP practice.

Your rights in relation to your Summary Care Record

Regardless of your past decisions about your Summary Care Record preferences, you will still have the same options that you currently have in place to opt out of having a Summary Care Record, including the opportunity to opt-back in to having a Summary Care Record or opt back in to allow sharing of Additional Information.

You can exercise these rights by doing the following:

1. Choose to have a Summary Care Record with all information shared. This means that any authorised, registered and regulated health and care professionals will be able to see a detailed Summary Care Record, including Core and Additional Information, if they need to provide you with direct care.
2. Choose to have a Summary Care Record with Core information only. This means that any authorised, registered and regulated health and care professionals will be able to see limited information about allergies and medications in your Summary Care Record if they need to provide you with direct care.
3. Choose to opt-out of having a Summary Care Record altogether. This means that you do not want any information shared with other authorised, registered and regulated health and care professionals involved in your direct care. You will not be able to change this preference at the time if you require direct care away from your GP practice. This means that no authorised, registered and regulated health and care professionals will be able to see information held in your GP records if they need to provide you with direct care, including in an emergency.

To make these changes, you should inform your GP practice or complete this form and return it to your GP practice.

Patient Communication

We are committed to maintaining the confidentiality of any personal and health-related information we hold about you. It is vital that we can reach you securely and appropriately. For this reason, please ensure you notify us immediately if your contact details change, including your address, telephone number(s), or email address.

We may contact you via:

• SMS (text message) – to notify you about appointments, test results, reminders, and other services directly related to your healthcare. This is operated on an opt-out basis. If you have provided your mobile number, we will assume you have consented to SMS communication unless you inform us otherwise.
• Email – if you have provided an email address, we may use it to send you health information, invitations to services (such as flu vaccination clinics), or follow-ups related to your care.

If you wish to opt out of digital communications via SMS or email, please inform the practice in writing. We will record your preferences accordingly.

Participation in Research
Authorised research organisations may, from time to time, wish to invite patients to participate in health research studies. In such cases, your contact details may be used to send an invitation or to ask if you would like to receive more information. You are under no obligation to participate, and you may opt out of being contacted for research purposes.

Safeguarding

The practice is committed to safeguarding and promoting the welfare of children, young people, and vulnerable adults. We approach safeguarding with compassion, consistency, and rigour to ensure the wellbeing of every individual we serve.

We process personal data for safeguarding purposes in line with legal requirements:

• Article 6(1)(e) UK GDPR: Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
• Article 9(2)(b) UK GDPR: Processing is necessary for the purposes of carrying out obligations in the field of social protection law.

In safeguarding situations, we may process:

• Basic demographic and contact details
• Details relevant to the safeguarding concern, which may include special category data such as health records, mental health assessments, and social care involvement

Where there is reasonable cause to suspect abuse or harm, we may share data with local safeguarding authorities, social services, and law enforcement under statutory duties.

Categories of personal data
In a safeguarding situation, we may need to collect extensive personal data in order to assess and address the situation appropriately. This may include:

• Full name, date of birth, and contact details
• Family and social information
• Medical history and records
• Information about any current risks, including mental health, domestic violence, or neglect
• Notes from third parties such as social workers or teachers

with local safeguarding authorities, social services, and law enforcement under statutory duties.

Research

We are a contributing practice to the Clinical Practice Research Datalink (CPRD). CPRD collects de-identified patient data from GP practices to support public health, epidemiological research, and healthcare planning.

Data may be linked to other NHS datasets to create a broader picture of population health. You can opt out of contributing to research data at any time by speaking with the practice or following national opt-out procedures.

Legal basis for data use in research:

• Article 6(1)(e) – Processing is necessary for the performance of a task in the public interest
• Article 9(2)(i) – Processing is necessary for reasons of public interest in the area of public health (e.g., monitoring medicines and medical devices)
• Article 9(2)(j) – Processing is necessary for scientific or historical research purposes or statistical purposes

CPRD does not retain any direct personal identifiers. NHS Digital (formerly the Health and Social Care Information Centre) may process limited personal data under strict agreements as a ‘trusted third party’.

Retention:
CPRD may hold data indefinitely for long-term population studies. However, researchers typically only retain the data for the duration of their specific study, usually no longer than 12 months. Anonymisation complies with the ICO Anonymisation Code of Practice.

You can learn more about CPRD at: https://cprd.com/transparency-information

Sources of the data

The Practice will either receive or collect information when someone contacts the organisation with safeguarding concerns, or we believe there may be safeguarding concerns and make enquiries to relevant providers.

Recipients of personal data

The information is used by the practice when handling a safeguarding incident or concern. We may share information as necessary to ensure duty of care and appropriate investigation with other relevant partners such as:

Third party processors

To deliver high-quality and efficient services, the practice may share data with other NHS bodies such as other GP practices and hospitals. In addition, we utilise the services of carefully selected third-party providers. When these providers process data on our behalf, we ensure robust data protection agreements are in place. These contracts require them to keep your data secure, not use or share it beyond our instructions, and comply with data protection regulations.

Examples of third-party functions include:

• IT services and system support
• Patient-facing digital services (e.g. websites, apps, online consultations)
• Appointment booking systems
• Electronic prescription services
• Data hosting and document management
• Medical delivery services
• Payment processors (e.g. travel vaccinations, private prescriptions)

Further details regarding third-party processors are available on request by contacting the practice’s Data Protection Officer.

Confidentiality and Data Security

We are fully committed to protecting your personal data. We adhere strictly to UK data protection laws, including:

• The Data Protection Act 2018
• The UK General Data Protection Regulation (UK GDPR)
• The Human Rights Act 1998
• The Common Law Duty of Confidentiality
• The Health and Social Care Act 2012
• NHS England Codes of Practice
• Information: To Share or Not to Share Review (Dame Fiona Caldicott)

Confidentiality
Every member of NHS staff has a legal and ethical duty to maintain confidentiality. Your information is only accessed by staff involved in your direct care or support.

We will only ever use or share your data if it is:

• In your best interest or
• Required by law or
• Permitted under the Caldicott Principles

“The duty to share information can be as important as the duty to protect patient confidentiality.”

Practice Policy
We respect the privacy of all patients, staff, and their families. We are committed to maintaining compliance with UK GDPR and associated laws. All employees and subcontractors are required to sign a confidentiality agreement. Any subcontractor acting as a data processor on our behalf will be bound by a UK GDPR-compliant agreement (Articles 24–28).

Right to Withdraw Consent
In certain circumstances, you have the right to withdraw your consent to data processing. To do so, please contact the Data Protection Officer in writing. We may still be required to retain some data where it is necessary to comply with legal or regulatory obligations.

Statistical Use
Some anonymised data may be held centrally for statistical or planning purposes. Where identifiable data is requested for research, we will seek your explicit consent before sharing.

Research Opt-Out
In some cases, we may be asked to share anonymised data for research. You can opt out of sharing your data for research purposes that are not directly related to your individual care.

Visit: https://www.nhs.uk/your-nhs-data-matters/ to manage your national data opt-out preferences

If you require assistance with this, please contact the practice team.

With your consent we would also like to use your information

There are circumstances where we may seek your explicit consent to use your personal information for purposes beyond your direct care. Examples include:

• Contacting you about services not directly related to your healthcare (e.g. social prescribing, community events, or health and wellbeing programmes)
• Inviting you to participate in research or service improvement projects
• Informing you of relevant local initiatives that may benefit your health or wellbeing

Where this is the case, we will only use your:

• Name
• Contact details (including phone number or email address)

We will only do this if you have provided your explicit consent. You may withdraw your consent at any time by contacting the practice team via phone, email, or by writing to the Data Protection Officer. Withdrawing consent does not affect your access to NHS services.

This information will never be sold or shared for marketing purposes. You will never receive unsolicited commercial messages as a result of sharing your data with us.

National Opt-Out Facility

You have the right to choose whether your confidential patient information is used for research and planning. This is known as the National Data Opt-Out.

Who uses confidential patient information?
Confidential data may be used by:

• NHS organisations
• Local authorities
• University and hospital researchers
• Medical colleges
• Approved health charities and research organisations

Data is never shared with marketing or insurance companies.

Your choice
You can opt out of sharing your data for purposes beyond individual care. This does not affect the use of your data for your own treatment, referrals, or care coordination.

To manage your preferences:

• Visit www.nhs.uk/your-nhs-data-matters
• Or call 0300 303 5678 (available Monday to Friday)

You can change your choice at any time. Opting out will not affect your care or the services you receive from the NHS.

NHS Digital Data Collection from the Practice

The NHS requires access to accurate, up-to-date patient data in order to plan, commission, and deliver services safely, efficiently, and equitably. The General Practice Data for Planning and Research (GPDPR) initiative enables the secure and lawful collection of pseudonymised health data from general practices in England.

This collection is essential to help:

• Monitor the long-term safety and effectiveness of treatments and care pathways
• Plan and allocate resources to meet changing population needs
• Prevent and control the spread of infectious diseases
• Identify new treatments, therapies, and service innovations through robust research

GP practices, including this one, already contribute anonymised or pseudonymised data under strict governance frameworks. The updated data collection framework is designed to be more efficient, standardised, and transparent, ensuring maximum public benefit with minimal administrative burden on GPs.

Rather than individual practices responding to frequent data requests, NHS England (via NHS Digital) will coordinate secure data extractions on a scheduled basis, sharing insights with:

• NHS England and its regional bodies
• Local authorities
• University research teams and academic institutions
• Public health bodies
• Research organisations approved by the Health Research Authority

Why this matters:
By contributing to these data collections, patients across England benefit from improvements in public health, policy planning, treatment outcomes, and health equity – all without compromising individual confidentiality.

Stakeholder oversight:
NHS Digital has worked in close consultation with:

• The British Medical Association (BMA)
• The Royal College of General Practitioners (RCGP)
• The National Data Guardian (NDG)

These bodies have been instrumental in ensuring that the GPDPR system includes appropriate safeguards and aligns with patients’ rights under UK data protection law, including the right to opt out.

NHS Digital purposes for processing patient data

Patient data held within GP medical records across England is used daily to enhance the planning, commissioning, and delivery of health and social care services. This includes supporting health research aimed at identifying better treatments, preventing disease, and improving care for all.

To facilitate this, the NHS is implementing an improved, centralised approach to data sharing—known as the General Practice Data for Planning and Research (GPDPR) data collection.

Under this initiative, NHS England (through NHS Digital) will collect, analyse, and share selected pseudonymised patient data to:

• Inform and develop national and regional health and social care policy
• Support effective planning and commissioning of local and national services
• Enable rapid and evidence-based responses to public health threats (including pandemics such as COVID-19)
• Provide individual care in exceptional and authorised cases (e.g. life-saving treatment)
• Enable ethically approved healthcare and scientific research in the public interest

Data Protection Measures
Any data shared under GPDPR is strictly used for health and care purposes. It is never sold, shared, or disclosed for commercial advertising or insurance purposes.

The data is:

• Pseudonymised using industry-standard de-identification processes, removing details such as your name, full postcode, NHS number, or date of birth, and replacing them with coded identifiers
• Encrypted in transit and at rest, ensuring secure storage and transfer
• Subject to strict access controls, with use granted only to approved organisations under legally binding data sharing agreements

In rare and specific circumstances, NHS Digital may re-identify data (e.g. converting pseudonymised data back into identifiable information) only where:

• There is a clear legal basis
• You have given explicit consent
• It is necessary to protect your life or that of others

Your Data, Your Choice
You can opt out of having your identifiable patient data used for planning and research (Type 1 and National Data Opt-Outs). These opt-outs are respected and recorded by your GP and NHS Digital.

For more information, or to update your opt-out preferences, visit:
🔗 https://www.nhs.uk/your-nhs-data-matters/
or call the helpline on 0300 303 5678.rance companies.

What patient data NHS Digital collect

As part of the General Practice Data for Planning and Research (GPDPR) programme, NHS Digital collects specific data from GP records for the purposes of health service planning and research.

Whose data is collected?

• All living patients registered at a GP practice in England when the data collection began, including both adults and children.
• Patients who have died after the collection commenced, provided they were registered at a GP practice in England at the time the programme began.

Important update on the data collection timeline
While a previous date of 1 September had been suggested as a potential deadline for opting out, the government has confirmed that data extraction will not begin until NHS Digital has met all required tests for transparency, privacy, and safety.

Changes to the opt-out system include:

• You do not need to register a Type 1 opt-out by 1 September to prevent your GP data from being shared.
• NHS Digital is developing a mechanism to delete previously uploaded GP data if a Type 1 opt-out is registered later.
• Plans to retire the Type 1 opt-out have been postponed for at least 12 months, and no changes will be made without consultation with:
  • The Royal College of General Practitioners (RCGP)
  • The British Medical Association (BMA)
  • The National Data Guardian (NDG)

What identifiable data is excluded?
NHS Digital does not collect your name, address, or other direct identifiers. Instead, data that could identify you—such as:

• NHS number
• Practice patient ID
• Full postcode
• Date of birth

…is pseudonymised before sharing. This means it is replaced with unique codes using advanced de-identification software, making it extremely difficult to trace the data back to an individual.

What is pseudonymisation?
Pseudonymisation transforms personal data so that individuals cannot be identified without the use of additional information held separately. The resulting data is considered de-personalised and can be safely used for public benefit.

In exceptional, lawful circumstances, NHS Digital retains the technical ability to re-identify data, such as when:

• You have given explicit consent to be part of a research study or clinical trial
• There is a statutory or public interest requirement, such as in a medical emergency

For further clarification, or to ask questions about the GPDPR programme, you can:

Visit: https://www.nhs.uk/your-nhs-data-matters

Email: enquiries@nhsdigital.nhs.uk

The Data NHS Digital collect

NHS Digital collects only the structured and coded data from GP medical records that is required for approved health and social care purposes, as outlined in the previous sections.

What identifiable data is excluded?
Before data is shared with NHS Digital, any information that could directly identify you—including your:

• NHS number
• General Practice Local Patient Number
• Full postcode
• Date of birth
• (If relevant) Date of death

…is replaced with a unique code using de-identification software. This process, called pseudonymisation, ensures that no one can directly identify you from the data.

In certain lawful and controlled circumstances, NHS Digital may reverse this pseudonymisation process to re-identify the data, for example, when:

• There is a valid legal reason, or
• You have given explicit consent, such as taking part in a clinical trial.

Even when re-identification occurs, data is held securely and processed in accordance with robust data protection protocols.

NHS Digital will collect

• Coded information about sex, ethnicity, and sexual orientation
• Clinical codes and structured data relating to:
  • Diagnoses, symptoms, and observations
  • Test results, medications, allergies, and immunisations
  • Referrals, recalls, and appointments
  • Your physical, mental, and sexual health
• Details about clinical staff who have treated you
• More detailed information can be found in the official Data Provision Notice issued to GP practices.

More detailed information about the patient data we collect is contained in the Data Provision Notice issued to GP practices.

NHS Digital Does not collect.

• Your name or full address (only a coded version of your postcode)
• Free-text notes, such as written records of consultations
• Scanned letters, documents, or images
• Outdated coded data, such as medication, referral, or appointment information more than 10 years old
• Coded data restricted by law, such as certain codes relating to:
• IVF treatment
• Gender reassignment procedures

Opting out of NHS Digital collecting your data (Type 1 Opt-out)

If you do not want your identifiable patient data to be shared outside of your GP practice for anything other than your individual care, you can opt out by registering a Type 1 Opt-Out with your GP practice.

Type 1 Opt-Outs:

• Were introduced in 2013 to allow patients to withhold data from being shared with NHS Digital for planning or research purposes.
• May be phased out in future due to the broader National Data Opt-Out scheme now in place.
• Patients will be informed before any changes to the Type 1 Opt-Out policy are implemented.

Important notes about the Type 1 Opt-Out:

• If you are registered with a Type 1 Opt-Out, NHS Digital will not collect any data from your GP record.
• If this policy changes, affected patients will be notified.
• You can register or withdraw a Type 1 Opt-Out at any time.

To register a Type 1 Opt-Out:

• Download and return the NHS Opt-Out form to your GP practice by post or email, or
• Call 0300 303 5678 to request a printed form.

If you register a Type 1 Opt-Out after your data has already been collected by NHS Digital, no further data will be extracted. However, data collected prior to your opt-out will be retained by NHS Digital under existing policy.

If you have already registered a Type 1 Opt-out with your GP practice your data will not be shared with NHS Digital.

If you wish to register a Type 1 Opt-out with your GP practice before data sharing starts with NHS Digital, this should be done by returning this form to your GP practice. If you have previously registered a Type 1 Opt-out and you would like to withdraw this, you can also use the form to do this. You can send the form by post or email to your GP practice or call 0300 3035678 for a form to be sent out to you.

If you register a Type 1 Opt-out after your patient data has already been shared with NHS Digital, no more of your data will be shared with NHS Digital. NHS Digital will however still hold the patient data which was shared with us before you registered the Type 1 Opt-out.

If you do not want NHS Digital to share your identifiable patient data (personally identifiable data in the diagram above) with anyone else for purposes beyond your own care, then you can also register a National Data Opt-out. There is more about National Data Opt-outs and when they apply in the National Data Opt-out section below.

NHS Digital legal basis for collecting, analysing, and sharing patient data.

Legal Framework for Data Processing

NHS Digital operates under strict legislative and regulatory frameworks that govern the collection, analysis, publication, and sharing of patient data. These laws are in place to protect your rights and ensure all personal and confidential information is handled lawfully, ethically, and transparently.

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, NHS Digital must clearly inform you of the legal bases upon which it processes patient data. This includes the use of personal and confidential patient information for purposes beyond individual care, such as planning, commissioning, public health, and research.

The legal directions for this processing are provided under the:

• General Practice Data for Planning and Research (GPDPR) Directions 2021, issued by the Secretary of State for Health and Social Care;
• Health and Social Care Act 2012, which legally mandates all GP practices in England to share data with NHS Digital;
• Regulation 3 of the Health Service (Control of Patient Information) Regulations 2002 (COPI), which allows processing and sharing of confidential information during a public health emergency;
• Statistics and Registration Service Act 2007, for the publication of anonymous statistics.

NHS Digital acts as a Joint Data Controller with the Secretary of State for Health and Social Care for the GPDPR dataset, meaning both parties determine the purpose and means of processing personal data.

Further detail about the requirement for practices to share data is available in the Data Provision Notice issued to all GP practices.

Legal Basis Under UK GDPR

The relevant legal bases for processing your data under UK GDPR are:

Article 9(2)(j) – Processing is necessary for archiving, scientific, or historical research purposes or statistical purposes.

Article 6(1)(e) – Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

Article 9(2)(h) – Processing is necessary for the provision of health or social care or treatment, or the management of health or social care systems and services.

Article 9(2)(i) – Processing is necessary for public health reasons.

How NHS Digital use patient data

NHS Digital collects structured and coded data from GP practices and may link this to other health and care data it holds, in order to:

• Improve the quality, safety, and efficiency of healthcare services;
• Inform national health policy and care planning;
• Support scientific and medical research;
• Monitor diseases and support public health management.

Where necessary, NHS Digital may re-identify pseudonymised data using secure, internal software in cases where:

• There is explicit patient consent;
• There is a legal requirement (e.g. a public health emergency under COPI);
• The processing is necessary for individual care by a health professional;
• Approval has been given via section 251 of the NHS Act 2006 (via CAG).

This re-identification process is strictly controlled and subject to approval by the Independent Group Advising on the Release of Data (IGARD).

Only anonymised, statistical data is published by NHS Digital. This means no individual patient can be identified from data published in public dashboards or statistical summaries. For more detail, see NHS Digital’s Data and Information and Data Dashboards.

Data Access and Sharing

Any request to access data collected under the General Practice Data for Planning and Research (GPDPR) programme is subject to the stringent approval processes of NHS England’s Data Access Request Service (DARS), available at:

🔗 https://digital.nhs.uk/services/data-access-request-service

DARS manages applications from NHS bodies, academic researchers, local authorities, regulators, and approved commercial entities. These applications are:

• Assessed against UK GDPR principles (lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality, accountability)
• Evaluated on whether there is a valid legal basis and clear public interest justification
• Monitored to ensure the data is used only for approved purposes
• Subject to data minimisation – only the least amount of information necessary is released

Organisations seeking access must clearly demonstrate that the use of data aligns with one or more of the NHS’s primary purposes, including commissioning, public health, service evaluation, and scientific research.

Oversight and Scrutiny: IGARD and PAG

Requests involving the release of data are reviewed by:

• IGARD (Independent Group Advising on the Release of Data)
  🔗 https://digital.nhs.uk/about-nhs-digital/corporate-information-and-documents/independent-group-advising-on-the-release-of-data
  IGARD independently advises NHS England on the appropriateness of data releases, considering legal, ethical, and clinical aspects.
• Professional Advisory Group (PAG)
  This group includes representatives from the British Medical Association (BMA) and the Royal College of General Practitioners (RCGP), ensuring requests are reviewed through the lens of clinical appropriateness and ethical patient care.

Secure Data Access Environments (SDEs)

To maximise data protection and reduce the risk of misuse, NHS England is transitioning to a Trusted Research Environment (TRE) model. This means most data is accessed in secure digital environments that:

• Are non-downloadable, meaning data never leaves the secure NHS system
• Require individual user authentication
• Use auditable, role-based access controls
• Are compliant with the Five Safes Framework (safe people, safe projects, safe settings, safe data, safe outputs)
  🔗 https://uksa.statisticsauthority.gov.uk/about-the-authority/committees/national-statisticians-data-ethics-advisory-committee/

Further information on NHS England’s Trusted Research Environments can be found here:
🔗 https://digital.nhs.uk/data-and-information/nhs-digital-trusted-research-environment-tre

Types of Organisations Accessing Data

Subject to approval, NHS England may provide access to anonymised or pseudonymised data to the following categories of organisations:

• Government agencies and departments, e.g. the Department of Health and Social Care (DHSC) and Office for Health Improvement and Disparities (OHID)
• NHS commissioning bodies, such as Integrated Care Boards (ICBs) and Primary Care Networks (PCNs)
• Regulators, such as Care Quality Commission (CQC) and NHS Resolution
• Academic institutions and universities conducting ethically approved public health research
• Charitable organisations, including those researching rare conditions or promoting patient engagement
• Clinical research organisations (CROs), operating within the framework of NHS ethics
• Life sciences and pharmaceutical companies, strictly when researching new medicines or treatments under MHRA oversight

All organisations are required to sign a Data Sharing Agreement (DSA) that outlines:

• Permitted purposes
• Technical and organisational safeguards
• Data retention periods
• Prohibited uses (e.g., marketing, insurance underwriting)
• Breach notification procedures

Failure to adhere to a DSA can result in immediate termination of access, legal action, and regulatory reporting to the Information Commissioner’s Office (ICO).

What Format Is Data Shared In?

By default, data is shared in a de-personalised format (pseudonymised), using coded identifiers in place of personal details. Re-identification is only permitted when:

• Explicit patient consent has been given (e.g. clinical trial participation)
• There is a legal requirement or exemption, such as a COPI Notice
• Access is required by a licensed clinician for direct care
• A specific exemption is granted under Regulation 5 of COPI via the Confidentiality Advisory Group (CAG)

For more information on the CAG’s role, visit:
🔗 https://www.hra.nhs.uk/about-us/committees-and-services/confidentiality-advisory-group/

National Data Opt-Out: Your Rights and Preferences

If you do not want your identifiable patient data shared beyond your individual care, you can register a National Data Opt-Out at:

🔗 https://www.nhs.uk/your-nhs-data-matters/

This opt-out is respected unless there is a legal mandate for disclosure (e.g., pandemic response or legal proceedings).

To manage your preferences by phone or request support:
Telephone: 0300 303 5678

You may also view NHS England’s statement on data opt-outs here:
🔗 https://digital.nhs.uk/services/national-data-opt-out

Transparency and Audit: The Data Release Register

NHS England publishes a public record of all data releases and the purposes for which data has been shared. This promotes transparency and public trust in the use of patient information.

You can view the Data Release Register here:
🔗 https://digital.nhs.uk/services/data-access-request-service/data-release-register

The register includes:

• The name of the requesting organisation
• Purpose of access
• Type of data accessed (pseudonymised/anonymous)
• Duration of access
• Legal basis and opt-out exclusions (where applicable)

Future Improvements in Access and Security

To strengthen governance and public confidence, NHS England continues to:

• Increase use of centralised secure data environments
• Reduce the number of third-party data exports
• Expand audit trails and real-time monitoring
• Adopt Privacy Enhancing Technologies (PETs), such as differential privacy and synthetic data testing

More information is available at:
🔗 https://digital.nhs.uk/services/general-practice-data-for-planning-and-research/improving-our-data-processing-servicesith the national data opt-out policy

Where do we store your information electronically?

All personal data processed by the Practice is handled securely by staff based in the United Kingdom. For purposes such as IT hosting, maintenance, or resilience, some systems may operate across secure servers located within the European Economic Area (EEA). These are subject to adequacy decisions or standard contractual clauses under the UK GDPR to ensure lawful international transfers.

No third parties have access to your personal data unless a lawful basis permits access, and appropriate Data Processing Agreements (DPAs) are in place. We uphold a rigorous Data Protection Framework and ensure all personal and special category data is stored, accessed, and processed securely and ethically.

EMIS Web

We use EMIS Web, a secure clinical system provided by EMIS Health, a certified Data Processor. As of 10 June 2019, EMIS Web data is stored in a UK-based secure cloud environment managed by Amazon Web Services (AWS).

• Data is stored exclusively within the UK
• Full end-to-end encryption is applied (in transit and at rest)
• AWS has no access to decryption keys or clinical content
• The hosted environment meets NHS Digital’s Data Security and Protection Toolkit (DSPT) standards
  🔗 DSP Toolkit

EMIS is used by clinicians and administrative teams to ensure high-quality care and continuity.

Accurx – Secure Communication with Patients

The Practice uses Accurx, an NHS-approved communication tool that allows secure messaging between the Practice and its patients. Accurx facilitates:

• SMS and email messaging with appropriate encryption
• Remote consultation tools (video, photos, questionnaires)
• Secure data capture from patients, such as symptom questionnaires, screening prompts, and triage responses

All data processed through Accurx is:

• Stored in the UK
• Encrypted and access-controlled
• Governed by strict NHS Digital and UK GDPR standards
  🔗 Accurx Privacy Notice

Messages and records exchanged via Accurx may be saved directly to the EMIS Web clinical record, ensuring accurate and comprehensive documentation.

Docman10 – Handling Documents and Correspondence

We also use Docman10, a secure platform that enables the Practice to manage clinical correspondence and incoming documents from hospitals, community services, and other providers.

• All documents are routed, actioned, coded, and securely stored
• Docman integrates with EMIS Web, ensuring relevant information is recorded directly into your medical record
• Docman is fully compliant with UK GDPR and NHS DSP Toolkit requirements
  🔗 Docman Privacy Policy

Information in Docman includes:

• Discharge summaries
• Clinic letters
• Investigation results
• Triage referrals and medication instructions

Docman supports safe record-keeping, structured task assignment, and time-sensitive actioning (e.g. medication changes, urgent referrals).

Who are our partner organisations?

Subject to appropriate safeguards and lawful basis, we may share your personal data with:

• NHS Trusts and Foundation Trusts
• Other GP Practices (especially within our PCN)
• NHS England, NHS Digital, and Integrated Care Boards (ICBs)
• Community mental health and social care providers
• Ambulance services and out-of-hours services
• Local authorities, safeguarding teams, and MASH
• Dentists, pharmacists, optometrists (independent contractors)
• Police and judicial authorities
• Archiving or record storage partners (under strict contract)

You will be informed wherever possible about any such sharing, and in some cases, your consent will be explicitly required unless a legal or safeguarding exception applies.

Computer System

The Practice’s clinical computer systems securely record your health information. To ensure continuity and safety of care, this information may be shared with authorised partner clinicians (e.g. out-of-hours doctors or hospital teams).

We support the use of Shared Care Records with other NHS and care providers, enabling those involved in your care to see your relevant medical history, allergies, and medications. If the sharing is based on your consent, you have the right to opt out at any time.

External Processors and Confidentiality

We may use trusted external processors for services such as digital archiving, surveys, or IT support. These organisations must sign contractual Data Processing Agreements (DPA) and undergo due diligence. All personnel (internal or external) are required to sign confidentiality agreements.

Sharing your information without consent

We will normally ask you for your consent, but there are times when we may be required by law to share your information without your consent, for example:

• where there is a serious risk of harm or abuse to you or other people;
• Safeguarding matters and investigations
• where a serious crime, such as assault, is being investigated or where it could be prevented;
• notification of new births;
• where we encounter infectious diseases that may endanger the safety of others, such as meningitis or measles (but not HIV/AIDS);
• where a formal court order has been issued;
• where there is a legal requireIn line with legislation and professional duties, your information may be shared without consent when required by law, for example:
• If there is a serious risk of harm or abuse
• In matters of safeguarding vulnerable individuals
• For the prevention or detection of serious crime
• Court orders or legal notices
• Notifications of notifiable diseases (excluding HIV/AIDS)
• Birth notifications or threats to public healthment, for example if you had committed a Road Traffic Offence.

How long will we store your information?

We are required to follow the NHS Records Management Code of Practice 2021, which outlines how long we must retain different categories of health records. Retention times vary based on the type of record and clinical relevance.

🔗 Records Management Code of Practice

How can you access, amend move the personal data that you have given to us?

You have the following rights regarding your personal data:

Right to Access (Subject Access Request – SAR)

You can request a copy of your records. This will be provided within one calendar month unless exemptions apply.

Right to Rectification

You can request corrections to inaccurate or incomplete data.

Right to Object

If your data is being processed under legitimate interest or public task, you may object. This right may be overridden by clinical or legal necessity.

Right to Withdraw Consent

You may withdraw your consent at any time for non-statutory data uses (e.g. research participation or communications).

Right to Erasure (‘Right to be Forgotten’)

Where data is no longer necessary or has been unlawfully processed, you can request erasure.

Right to Data Portability

You can ask for your data to be transferred to another provider, such as when registering with a new GP practice. This is handled through GP2GP transfer systems.

Primary Care Network

The Practice is a member of a Primary Care Network, allowing us to collaborate with nearby practices and professionals (e.g. paramedics, pharmacists, first contact physios) to improve patient care.

Information may be shared within the PCN for your direct care. This enables shared appointments, enhanced access, and holistic support across the network.

Population Health Management

Population Health Management (or PHM for short) is aimed at improving the health of an entire population.  It is being implemented across the NHS and this Practice is taking part in a project as a time limited pilot across named practices in Derby and Derbyshire.

The PHM approach requires health care organisations to work together with communities and partner agencies, for example, GP practices, community service providers, hospitals and other health and social care providers.   These organisations will share and combine information with each other in order to get a view of health and services for the population in a particular area. This information sharing is subject to robust security arrangements.

As part of this programme, personal data about your health care will have all identifiers removed (like your name or NHS Number) and replaced with a code which will be linked to information about care received in different health care settings.  If we see that an individual might benefit from some additional care or support, we will send the information back to your GP or hospital provider and they will use the code to identify you and offer you relevant services.

As part of this programme your GP and other care providers will send the information they hold on their systems to the North Of England Commissioning Support Unit (NECS).  NECS are part of NHS England. More information can be found here https://www.necsu.nhs.uk

NECS will link all the information together. Your GP and other care providers will then review this information and make decisions about the whole population or particular patients that might need additional support.  NECS work in partnership with a company called Optum to help them with this work.  Both NECS and Optum are legally obliged to protect your information and maintain confidentiality in the same way that your GP or hospital provider is. More information about Optum can be found here www.optum.co.uk.

Health and Social Care Providers are permitted by data protection law to use personal information where it is ‘necessary for medical purposes’. This includes caring for you directly as well as management of health services more generally.

The PHM project is time-limited to 22 weeks.  Once the project has completed all de-identified , information processed by NECS / Optum will be securely destroyed.  This will not affect any personal information held by your GP or other health or social care providers.

Access to your personal information

• You have a right under the Data Protection legislation (UK GDPR and the Data Protection Act 2018) to request access to view or to obtain copies of the information held about you by the surgery, and to have it amended should it be inaccurate. This is known as a Data Subject Access Request (DSAR).
• To request access to your medical records:
• Your request must be made to the practice directly. (For information held by a hospital, NHS Trust or other organisation, you should contact them separately.)
• There is no fee to obtain a copy of your records. However, a reasonable fee may be charged only if the request is manifestly unfounded, excessive, or for further copies of the same information.
• The practice is required to respond to your request within one calendar month of receipt of a valid request.
• You will need to provide adequate information (e.g., your full name, current address, date of birth, and if known, your NHS number) so that your identity can be verified and the correct information located.
• We will provide information from all relevant systems in use at the surgery, including:
• EMIS Web – our clinical system, which holds coded entries, consultation notes, prescriptions, allergies, and immunisations.
• Docman – used for storing letters, documents, and scanned correspondence that forms part of your medical record.
• Accurx – for access to patient messages, questionnaires, appointment responses, and clinical communications recorded in your notes.
• If your request includes a preference for how information is to be provided (e.g. electronic copy, secure email, or printed copy), please inform the practice at the time of your request. You may also be asked to complete a simple DSAR request form to help us process your request efficiently.
• If you wish to make a request or require support completing one, please contact reception or speak with the DSAR lead at the practice.

What should you do if your personal information changes?

It is important that the information we hold about you is accurate and up to date. If any of your personal details change—particularly your address, telephone number, or mobile number—please inform the practice as soon as possible.

You may be periodically asked to confirm the accuracy of your personal details during routine contact with the surgery. Outdated details can affect how we contact you, including reminders, referrals, and vaccination invites.

To update your information, please use our secure online Change Personal Details form, available via our practice website or by contacting reception.

We also encourage you to keep your NHS App profile up to date, as this supports the accuracy of your Summary Care Record (SCR) and ensures your contact preferences are applied correctly across NHS services.

Online Access

You may request online access to view your medical records. However, in accordance with NHS guidance and data protection legislation, there are specific protocols we must follow before access can be granted. These include:

• Obtaining written consent from you;
• Verifying your identity through appropriate documentation (such as photographic ID and proof of address);
• Reviewing your record to ensure that granting access would not pose a risk to your wellbeing or breach the confidentiality of others.

If access is approved, you will be able to view your medical information via the NHS App, Patient Access, or another approved platform. Please be aware that once access is granted, you are responsible for ensuring the security of your login details and for keeping your health information private—particularly if you share devices or email accounts with others.

Occasionally, your medical record may contain information about third parties (such as family members or carers), either mentioned during consultations or included in correspondence from other healthcare providers. In such cases, we are legally obliged to redact or withhold any content that may breach the third party’s confidentiality, unless their explicit consent has been obtained.

For more information on online access, or to request an application form, please speak to reception or contact the Practice Manager directly.

Our website

This Privacy Notice applies only to the official website of the surgery. If you follow a link from our website to another external site, please be aware that we are not responsible for the content or privacy practices of those websites. You should consult their own Privacy Notices and policies to understand how they collect and process your data.

Our website uses cookies to enhance functionality, improve user experience, and gather analytics to help us understand how our site is used. For further details about the cookies we use and how you can manage your preferences, please refer to our Cookies Policy.

CCTV Recording

CCTV is installed at our practice to enhance the safety and security of patients, staff, and visitors. Coverage includes both the external areas of the building and the internal communal areas, but excludes all clinical and consulting rooms to protect privacy and confidentiality.

The use of CCTV is in line with our responsibilities under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and is intended to support:

• The personal security of all individuals on the premises
• The prevention and detection of crime
• The protection of the practice’s property

CCTV footage is recorded directly to the system’s secure internal hard drive and is automatically overwritten on a rolling basis to ensure data is not retained longer than necessary.

Access to the recorded images is strictly controlled. Viewing is password-protected and limited to authorised personnel only, namely the Practice Manager, or a designated deputy, under clearly defined circumstances. Any requests for access to CCTV images by third parties, such as law enforcement, will be assessed in accordance with our CCTV Policy and relevant legal requirements.

Telephone System

All telephone calls to and from the surgery are recorded for quality assurance, training, and safety purposes. This includes calls made by both patients and staff.

Recordings are securely stored for a period of up to three years and may be used:

• To resolve disputes or clarify the content of a conversation
• For staff training and development
• To ensure high standards of service and patient safety

Access to call recordings is strictly limited to authorised senior staff, and all access is governed by our confidentiality and data protection protocols. Recordings are not routinely monitored and will only be accessed when deemed necessary and appropriate.

All call recordings are handled in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and are processed under our legitimate interests to provide a safe and effective service.

Medical Examiner Service

In accordance with national guidance and the extension of independent scrutiny into community deaths, Quarry Bank Medical Centre is required to notify the Dudley Integrated Health and Care NHS Trust Medical Examiner Service following the death of any registered patient.

Medical Examiner Offices, initially established within acute hospital trusts, are now responsible for reviewing non-coronial deaths occurring in both hospital and community settings, including general practice. These offices are led by senior doctors—including GPs—who provide independent, proportionate scrutiny of deaths not referred to the coroner.

The Medical Examiner Service plays a vital role in:

• Supporting bereaved families by offering a chance to ask questions about the cause of death
• Reviewing medical records related to the deceased
• Liaising with the certifying doctor to ensure the Medical Certificate of Cause of Death (MCCD) is accurate and appropriate
• Identifying potential quality-of-care concerns or safeguarding issues

At the request of the Medical Examiner Service, the practice will share relevant patient information to support this process. This is done under a legal obligation and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

For more information about the Medical Examiner system, you may visit the NHS guidance page at:
🔗 www.england.nhs.uk/medical-examiners

If you have concerns following the death of a loved one, you can request to speak to the Medical Examiner Service via the contact details provided by the practice or the local hospital trust.

Objections / Complaints

If you have any concerns about how your personal information is managed at Quarry Bank Medical Centre, please contact the Practice Manager or our Data Protection Officer using the contact details provided earlier in this notice.

We are committed to handling all concerns and complaints professionally and in accordance with NHS guidelines. We will acknowledge your complaint within three working days and aim to provide a full response and resolution within 28 working days. If there is likely to be any delay, we will keep you informed of the reasons and provide a revised timescale.

If you remain dissatisfied following a review by the Practice, you have the right to escalate your concerns to the UK supervisory authority for data protection:

Information Commissioner

Wycliffe house
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 01625 545 745

Website: www.ico.org.uk

If you are content for your data to be extracted and used for the purposes described in this Privacy Notice, you do not need to take any further action.

If you have concerns about how your data is shared or processed, or if you would like more information about your rights under data protection law, please contact our Data Protection Officer.

Data Protection Officer

The practice data protection officer is Michelle Wiles. Any queries in regard to data protection issues should be addressed to them at:

Information Governance Team
Civic Centre
St Peters Square
Wolverhampton
WV1 1SH

Email: bcicb.dpo@nhs.net

Changes

This Privacy Notice has been updated in June 2025 to reflect current data processing practices, legal obligations, and technological systems in use at Quarry Bank Medical Centre, including but not limited to EMIS, Docman, Accurx, and data sharing arrangements with NHS Digital, the Medical Examiner Service, and other partner organisations.

We actively review and update this notice to ensure it remains accurate and compliant with evolving legal requirements and NHS guidance. Any future changes will be published on our website and reviewed regularly as part of our ongoing data governance processes.

If you have concerns about any aspect of this Privacy Notice or how your data is handled, please contact the Practice Data Protection Officer using the contact details provided above.