What Is A Privacy Notice And Why Does It Apply To Me?

A Privacy Notice tells people how organisations use information that they hold about them. The UK General Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 20180, says that we need to provide you with this Privacy Notice and let you know:

  • What information we hold about you
  • How we keep this very important information safe and secure and where we keep it
  • How we use your information
  • Who we share your information with
  • What your rights are
  • When the law gives us permission to use your information

Why Does The Law Give You Permission To Use My Information?

The law gives us permission to use your information in situations where we need it to take care of you. Because information about your health is very personal, sensitive and private to you, the law is very strict about how we use it.

So, before we can use your information in the ways we have set out in this Privacy Notice, we have to have a good reason in law, which is called a ‘lawful basis’.  Not only do we have to do that, but we also have to show that your information falls into a special group or category, because it is very sensitive. By doing this the law makes sure we only use your information to look after you and that we do not use it for any other reason.

If you would like more information about this please ask to speak to our Data Controller in the first instance, mentioned in this Privacy Notice who will explain this in more detail.

About Us

We, at Hanscombe House Surgery, 52A St Andrew Street, Hertford, Hertfordshire, SG14 1JA, are responsible for collecting, storing and handling your information when you register with us as a patient. Because we do this, the law says we are Data Controllers.

What Information Do You Hold About Me?

We hold information about you such as:

  • Your name
  • Address
  • Mobile number
  • Information about your parent(s) or person with parental responsibility
  • All your health records
  • Appointment records
  • Visits to see your GP
  • Treatments you have had
  • Medicines prescribed for you and any other information to help us look after you

How Do You Keep It Safe?

  • The law says that we must do all we can to keep your information private, safe and secure.
  • We use secure computer systems and we make sure that any written information held about you is under lock and key and kept in a safe place. This includes taking great care with any passwords we use which we change on a regular basis. We also train our staff to respect your privacy and deal with your information in a manner that makes sure it is always kept and dealt with in a safe way.

What Do You Do With My Information?

  • We only usually use your information to help us care for you. That means we might need to share your information with other people who are concerned and involved with looking after your health.
  • We might need to share your information with the police, courts, social services, solicitors and other people who have a right to your information, but we always make sure that they have a legal right to see it (or have a copy of it) before we provide it to them.
  • We might share information with National Health Service Digital (NHSD) for purposes of national analyses but in a way that does not identify you if it is for non-health care purposes.

Who Else Will See My Information?

  • We only usually use your information to help us care for you. That means we might need to share your information with other people who are concerned and involved with looking after your health.
  • We might need to share your information with the police, courts, social services, solicitors and other people who have a right to your information, but we always make sure that they have a legal right to see it (or have a copy of it) before we provide it to them.
  • We might share information with National Health Service Digital (NHSD) for purposes of national analyses but in a way that does not identify you if it is for non-health care purposes.

What Are My Rights?

  • If you want to see what information we hold about you then you have a right to see it and you can ask for it.
  • To ask for your information you will usually need to put your request in writing and tell us what information you want us to give you. Subject Access Requests can be done verbally.
  • We usually need to answer you within one month. Your parent(s) or adult with parental responsibility can help you with is if you need help.
  • Usually, we will give this to you free of charge.
  • If you think there are any errors in the information we hold about you then you can ask us to correct it but the law says we can’t remove any of the information we hold about you even if you ask us to. This is because we need this information to take care of you.
  • You have a right to ask us not to share your information.
  • If you would like to talk to us about not sharing your information, even if this means you don’t want us to share your information with your parent(s) or adult with parental responsibility, please let us know. We will be happy to help.

Can I Access My Information Online?

  • Subject to your age, you may be able to access your information online.
  • Please ask our receptionist who will put you in touch with your GP.
  • Your GP will discuss this with you and explain how to register.

What If I Have A Question?

  • A member of our staff/receptionist will be happy to talk to you about any questions you may have, and we will do our best to help you. Our receptionist may put you in touch with our Data Controller or her nominated representative who will listen to your concerns and give you the advice you need.
  • Our Data Controller, Janine Ellis, can be contacted at Hanscombe House Surgery by post (address on page 1), by email at [email protected] or by leaving a message with our receptionist on 01992 582025.
  • In the event that your question or concern is not resolved by our named Data Controller, then please contact our Data Protection Officer (DPO) at HBL ICT (Herts, Beds & Luton ICT Services), hosted by Hertfordshire & West Essex Integrated Care Systems (HWEIS) East & North Herts Clinical Commissioning Group (ENHCCG) at [email protected]

What If I Have A Serious Complaint About How You Look After My Information?

  • We will always do our best to look after your information and to answer your questions.
  • If you are still not happy with something we have done with your information you can speak to our DPO.
  • If our DPO has not been able to help you or if you prefer not to speak to our DPO then you have a right to pass your complaint to an organisation called the Information Commissioner’s Office (ICO) who will look into what has gone wrong. For more information visit https://ico.org.uk

Updates To This Privacy Notice

  • The law says we must keep all information we provide in this Privacy Notice up to date.
  • This Privacy Notice was last updated on 26th August 2022 and will be reviewed annually.