what we hold, how we use it and keep it confidential and secure
This privacy notice tells you about information we collect and hold about you, what we do with it, how we will look after it and who we might share it with. It covers information we collect directly from you or receive from other individuals or organisations.
This notice does not provide exhaustive detail. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
We keep our privacy notice under regular review. This privacy notice was last reviewed in November 2016.
Who we are
Lombard Medical Centre are a dynamic team who are dedicated to excellence. We believe in providing high quality care to our patients with a wide range of services on offer. We are an excellent training practice, mentoring both GP Registrars and medical students.
Using your information within the practice
Your information is kept on a safe central server in a national data centre outside the practice so that it is not possible for your computerised information to be stolen if there is a burglary at the practice. The information is backed up safely and there is another central backup system that kicks in if the main server goes down.
All practice staff accessing your information need to log on to a computer and then log on to clinical record system, usually using an NHS issued smartcard.
We will not divulge your record to any other patients or family members (except in the case of children) unless you give us permission to do so. Some patients prefer for a family member or friend to act on their behalf, if you wish for someone else to act on your behalf please let us know and we will ensure this is documented on your record, you can withdraw this consent at any time but you must let us know if you no longer wish for us to discuss your health with the nominated person.
Personal Information we hold about you
We store personal details such as your name, address, date of birth as well as the NHS Number which is used throughout the NHS. We also store:
- Diagnoses and conditions you have now or have had in the past
- Symptoms you describe to us and things we find on examination
- Operations and medical procedures you have had.
- Medications you are taking and when they were prescriptions were issued.
- Allergies and reactions to medication you have taken
- Results of investigations such as blood tests and X-rays
- Letters and discharge summaries from other teams caring for you such as hospitals
- Test results
- Clinical reports and letters
- Recorded patient consultations and some coded diagnostic information
Much of that information is stored using a standard coding system (called Read Codes). That allows us to plot how your blood tests are changing over time, or to search for all people who have had a heart attack to check they have all been offered the chance to be on a statin drug to reduce the chance of a further heart attack.
A lot of your clinical information is simply stored as free text. This might be a description of the signs and symptoms you are presenting with or plans we have made with you to manage the medical problems you have.
From a practical point of view we could not deliver a safe service to you without storing your clinical data. For example all drugs are checked electronically for interactions with other medications you are on before we prescribe them and to see if you have clinical conditions that are contraindications to the drug we are trying to prescribe.
Our records may include relevant information that you have told us, or information provided on your behalf by relatives or those who care for you and know you well, or from health professionals and other staff directly involved in your care and treatment. Our records may be held on paper or in a computer system.
The storing and recording of health information is important to deliver safe care and it is a legal requirement on the NHS to keep health records in line with national retention periods.
Protecting your privacy
We are committed to protecting your privacy and will only process personal information in accordance with theData Protection Act 1998, the Human Rights Act 1998 and the common law duty of confidentiality.
Our practice is a Data Controller under the terms of the Data Protection Act 1998 we are legally responsible for ensuring that all personal information that we process i.e. hold, obtain, record, use or share about you is done in compliance with the 8 Data Protection Principles. All data controllers must notify the Information Commissioner’s Office of all personal information processing activities. Our registration number is Z790960Xand our entry can be found in the Data Protection Register on the Information Commissioner’s Office website
All information that we hold about you will be held securely and confidentially. We use administrative and technical controls to do this. All of our staff, contractors and committee members receive appropriate and on-going training to ensure they are aware of their personal responsibilities and have contractual obligations to uphold confidentiality, enforceable through disciplinary procedures. We will only use the minimum amount of information necessary about you. Where possible we will use information that does not directly identify you, but when it becomes necessary for us to know or use personal information about you, we will only do this when we have either a legal basis or have your consent. All practice staff have access to your clinical record. Our administrative staff for example code and file information from the letters the hospital write to us, advise patients of their blood test results, arrange annual reviews and blood tests for patient with long term conditions, chase up medical queries with hospital teams, run safety reports e.g. to find all patients on long term steroids who should be on a drug to protect their bones from crumbling.
All staff have to sign a confidentiality agreement and are bound by their contract of employment which does not allow them to disclose any information about your health care to anyone outside the practice unless it is with another clinical team for the purpose of your health care.
Your information will not be sent outside of the United Kingdom where the laws do not protect your privacy to the same extent as the law in the UK. Unless required to do so by law, we will not share or distribute any of the information provided to us with any third party organisations/individuals without your explicit consent. We will never sell any information about you.
If you do not wish us to process or share your information
If you do not agree to certain information being processed or shared with us or by us, or have any concerns then please let us know. We may need to explain the possible impact this could have on our ability to help you and discuss the alternative arrangements that are available to you.
Complaints or questions
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring concerns to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
NHS data that we receive about service users that we are responsible for
Organisations providing NHS services keep records that contain information about you and your health, and the care and treatment they have provided or plan to provide to you. This information is held as either paper or computerised records and is used to support decisions made by you and the healthcare professionals looking after you to make sure your care is safe and effective.
Everyone working for the NHS has a legal duty to keep information about you confidential. The NHS Care Record Guarantee provides a commitment that all NHS organisations and those providing care on behalf of the NHS will use records about you in ways that respect your rights and promote your health and wellbeing.
Sharing your personal identifiable data locally for direct care
There are many situations when we will share data about relevant aspects of your care with other clinicians. For example we share data about you:
- Whenever you are referred to a hospital for specialist care.
- If you are referred to a community nurse
We are now also sharing some aspects of your record (e.g.lists of medical problems, medications, allergies, investigation results) with the wider local community. This includes:
- Clinicians (but not call handlers) at 111
- EMAS (the East Midlands Ambulance service)
- A&E clinicians at QMC and Sherwood Forest hospitals
- NEMS - the group of GPs who look after you out of hours
- Nursing Home, Residential Home or Care Home
In the majority of cases you will be asked for permission to view your clinical record by the person you are talking to. If for some reason this is not the case the clinician must record the reason this was not done e.g. in an emergency or while talking your GP perhaps about a possible admission. This data comes directly from our GP servers via a service called MIG (Medical Interoperability Gateway) and is not stored anywhere else.
Local Care Teams also have access to some of your clinical information. These teams look after patients in the community with long term conditions such as COPD, Heart failure and end-of-life as well as frail patients who are at risk of admission. If they need access to your GP record for example to safely prescribe heart failure medication or to check lab results to monitor the medication they are giving you they will discuss this with you when you are referred. At other times they will use a distillation of key information from our GP records, community records and hospital records. This is described later in the section titled ‘The General Repository for Clinical Care (GPRCC) project.
If you object to your clinical data being shared for direct (clinical) care then please tell us and we will record this on your record and will not share your information for this purpose, your practice will explain the consequences of this decision to you.
Sharing personal identifiable data to the National Summary Care Record for direct care
Your GP record can be shared to the National Summary Care Record (sometimes called the ‘Spine’) for use in delivering health care. Currently this is limited to some personal identifiable information such as your name and date of birth, your NHS Number, the medications you are taking and any allergies you have.
This information is most widely used by A&E departments and is most valuable if a patient is brought in unconscious or does not know which medication they are on or the doses of that medication. It is used for clinical purposes and can improve the safety and quality of the care you are given by preventing drug interactions for example. It is useful if you fall ill in an area outside of that which you currently reside.
If you object to your clinical data being shared out to the National Summary Care Record for direct (clinical) care then please tell us and we will record this on your record and will not share your information for this purpose, your practice will explain the consequences of this decision to you.
Sharing personal identifiable data for purposes other than your care with your consent
You may want your GP to share health information held about you with others for purposes other than your care. This could include with insurance companies, medical report for a mortgage, life insurance, for immigration purposes, with a solicitor representing you in a personal injury claim.
In such cases this will only be done with your signed and explicit consent.
Sharing your personal identifiable data in exceptional circumstances without your consent
There are a very few cases where we must share your data in the public interest. Such circumstances include:
- Disclosures required by law
- We are lawfully required to report certain information to the appropriate authorities e.g. to prevent fraud or a serious crime;
- It is necessary to protect children and vulnerable adults from harm;
- A formal court order has been served upon us; and/or
- For the health and safety of others, for example to report an infectious disease like meningitis or measles
Generally only disclosures in which an overriding public interest outweighs the duty of confidentiality- on an exceptional case by case basis
Sharing non personal data for secondary/non direct care purposes (in Nottingham area)
‘The Practice will not share personal identifiable data and or other confidential data about patients to support the planning of NHS and social care services, without seeking explicit patient consent to do this.
The Practice may share data about patients in a non-personal format (either anonymised* or pseudonymised**) in order to support the planning of NHS and social care services. This data will only be used for health or social planning purposes and not for any other purposes (such as commercial, insurance or marketing purposes). Sharing of such data will be managed in accordance to a formal sharing arrangement and under tight Information Governance controls’.
*Anonymisation: is the process of rendering data into a form which does not identify individuals or makes the risk of re-identification sufficiently low in a particular context that does not constitute personal data.
**Pseudonymised: Pseudonymised data are data in which individuals are disguised by using a unique identifier that does not reveal their ‘real world’ identity. Provided the organisation holding the pseudonymised data does not have access to the key to re-identify the subjects, such data are effectively anonymous and does not constitute personal data.
Some of the time when the Nottingham Clinical Commissioning Groups (CCGs) are commissioning new services or working out how effectively we deliver healthcare to you we use your data to answer questions such as:
- How many patients with severe heart failure were admitted when not under the care of a community team?
- Which clinical pathways might we establish in the community to better prevent hospital admissions?
Most of this work can be done within the NHS Nottingham CCGs by their Data Management Team. It requires your data to be joined up (linking GP data to community and hospital data) but analysts do not see personal identifiers such as your name, date of birth or NHS Number. This information is stored in a safe data warehouse.
Sometimes this work is done outside the Data Management team. Recently the community transformation team has requested that patient data be analysed using actuarial methods (an accurate way of analysing the costs of alternative clinical pathways) where the expertise lies with an external company.
You can request us to stop your data being used in such analyses. If you do this we will not pass any of your information onto the analysing partner.
Sharing your data for non-direct care nationally
Data about your health can be extracted by NHS Digital (previously known as the HSCIC). They receive monthly streams from each hospital about your admissions, outpatient attendances and A&E visits, from community services and from mental health care services They can also receive a flow from the GP data servers.
The main users of this data about you are in fact the 6 Nottingham Clinical Commissioning Group (CCGs) who commission health care services on your behalf and who monitor the effectiveness of all parts of the healthcare system locally. The CCGs receive your NHS Number, but not your name, date of birth or address, and then encode that. However we can use the code (pseudonym) to link your records together to understand your healthcare journey.
However this data may be used for various purposes such as research. Organisations wishing to access this data must go through a formal process and will not receive personal identifiers such as your name, address or date of birth.
You can object to your data being used in such analyses and we will record it in our information system using specific codes so that NHS Digital can in theory react to this.
If you object to your clinical data being shared out by NHS Digital then please tell us and we will record this.
National Diabetes Audit
The National Diabetes Audit (NDA) collects information about diabetes care from GP practices and hospitals. This information helps the NHS to improve care. The use of NDA information is controlled by law and strict rules of confidentiality.
More information is available here.
The Medical Interoperability Gateway (MIG) Project
What is this project?
This project is one part of a wider programme to develop integrated patient records across Nottinghamshire. MIG is a piece of NHS approved technology that allows clinical staff outside of a patient’s GP practice to view core medical items within a patient’s GP record in ‘real-time’ and as ‘view only’ via an explicit consent model at the point of viewing. For example this could prove vital when treating patients during periods when GP practices are closed. The ability to view patients records will either be within an organisation’s existing clinical system or via a bespoke clinical portal within the secure NHS network.
What will it deliver?
The two main deliverables of the project are:
- To enable all GP practices across Nottinghamshire to make key medical information to be available to be viewed by MIG
- To enable all other clinical settings across Nottinghamshire to be able to view this medical information from within their organisational settings when treating patients
The key medical data that will be made available to view via the MIG will be:
- Summary information
- Problems (current and past)
- Diagnosis (current and past)
- Current medication, past medication and any medication issues
- Risks and warnings (allergies and contraindications)
- Procedures (operations, vaccinations and immunisations)
- Examinations (blood pressures)
- Events (encounters, referrals and admissions)
- End-of-life care information e.g. about your preferences for where you want to be cared for and whether or not medicines are available in your house in case of an urgent need.
What are the benefits for you as a patient?
Many people think their GP Record is available to all healthcare professionals involved in their care; but this is not generally the case. It is very common that each health care professional you see keeps a separate electronic record about you. This can mean important information may not be communicated between health services as well as it could be.
Making your GP record available in this way is designed to ensure that the healthcare professionals looking after you have the most relevant up to date information to enable them to provide you with the most appropriate care. It may also mean that you:
- Won’t have to repeat unnecessary medical tests
- Won’t have to repeat information to several different people
- Avoid the risk of being given drugs that you may be allergic to
- Benefit from more informed clinical decision-making
- Have an better patient experience through effective sharing of your information with the clinician delivering care
You will be asked for your explicit consent before healthcare professional accesses your GP Record. If you say “No” the care professional will not look at your medical information. However there may be exceptional/emergency situations (e.g. if you were unconscious) where a health professional may access your GP record if deemed in your best interests to provide care.
What are the benefits for clinical staff?
By enabling 24/7 access to view key medical information when treating patients clinical staff will:
- No longer have to contact GP practices to obtain patient records
- Have access to patient records when surgeries are closed during evenings, weekends or bank holidays
- Have access to detailed up-to-date medical information in ‘real-time’
- Be able to make more informed clinical decisions
- Be in a better position to avoid unnecessary hospital admissions
- Be able to deliver more timely treatment and care
The GP Repository for Clinical Care (GPRCC) Project
What is this project?
The GPRCC project is clinically driven, supported by GP practices, hospitals and NHS provider teams across Nottinghamshire and focuses on improving the delivery of care to specific sets of patients with key medical conditions.
It allows GP practices to regularly review patients who may be for example: most at risk of being admitted to hospital, on an End of Life register, suffering with breathing difficulties, have heart conditions, recovering from a stroke or diagnosed with dementia to ensure these patients are receiving the correct level of care. In addition any local care teams that deliver services to these patients such as community nurses would have access to medical information to help improve the delivery of care as part of their working arrangements with the patient’s GP practice.
What will it deliver?
Each healthcare setting that holds medical records for these specific sets of patients; whether it is a GP practice, hospital or NHS provider team will provide medical coded data so that it can be ‘joined-up’ in a central repository to provide a complete view of each patients care history and journey to date from each NHS service they may have visited. Once this data has been ‘joined-up’ it is controlled by each patient’s GP practice.
The view of your health care that is created by joining this data together significantly improves GP practice team meetings with key community health clinicians such as end-of-life nurses and heart failure specialist nurses where care for these patients is reviewed by having access to your full care journey rather than just their own GP practice records. With permission of the patient’s GP practice this in turn can be shared with local healthcare professionals who are delivering care direct to these patients on a daily basis.
What are the benefits for you as a patient?
By joining-up medical information about a patient’s visits to differing clinical settings GPs and the local care teams they work with will have an improved holistic view of a patient’s care journey and therefore better placed to review if the level of care they are receiving is correct. The benefits to you are:
- Improved care delivery can help reduce un-necessary hospital admissions
- Improved care delivery increases quality of life
- Regularly reviewed care plans ensure the correct level of care at all times
What are the benefits for clinical staff?
By joining-up this medical information about a patient’s visits to differing clinical settings their GP practice has a much improved holistic view of a patient’s care journey and therefore better placed to review if the level of care they are receiving is correct. When this information is also available to each healthcare professional involved in delivering care to a patient the benefits are:
- Integrated care records improve care planning and informed clinical decisions
- Improved preparation for GP practice patient review meetings
- The ability to review more patients more efficiently in GP practice patient review meetings
- A health professional can see at a glance gaps in your care
Some general topics
Other organisations that provide services for us
The CCG has entered into contracts with other NHS organisations to provide Information Technology (IT) services for us. These include holding and processing data including patient information on our behalf. These services are subject to the same legal rules and conditions for keeping personal information confidential and secure. We are responsible for making sure that staff in those organisations are appropriately trained, that procedures are in place to keep information secure and protect privacy.
We will not otherwise share, sell or distribute any of your personal information to any third party (other person or organisation) without your consent, unless required by law. Data collected will not be sent to countries where the laws do not protect your privacy to the same extent as the law in the UK, unless rigorous checks on the security and confidentiality of that data are carried out in line with the requirements of the Data Protection Act (Principle 8).
Details of our Data Processors and the function that they carry out on our behalf can be found in Appendix A.
Clinical audit can provide direct benefit to individuals ensuring that they are getting high quality and effective care and indirect benefit to the population as a whole. Where identifiable data is needed for clinical audit purposes outside of your care team, we will always seek explicit consent to do so.
Researchers can provide direct benefit to individuals who take part in medical trials and indirect benefit to the population as a whole. Service user records can also be used to identify people to invite them to take part in clinical trials, other interventional studies or studies purely using information from medical records. Where identifiable data is needed for research, service users will be approached by the organisation where treatment was received, to see if they wish to participate in research studies. Your consent will be obtained by the organisation holding your records before identifiable information about you is disclosed for any research.
Sometimes research can be undertaken using information that does not identify you. The law does not require us to seek your consent in this case, but the organisation holding your information will make notices available on the premises and on the website about any research projects that are undertaken.
If you do not wish your information to be used for research, whether identifiable or non-identifiable, please let you GP Practice know. They will add a code to your records that will stop you information from being used for research.
You have certain legal rights, including a right to have your information processed fairly and lawfully and a right to request access any personal information we hold about you. You have the right to privacy and to expect the NHS to keep your information confidential and secure. You also have a right to request that your confidential information is not used beyond your own care and treatment and to have your objections considered. These are commitments set out in the NHS Constitution, for further information please visit
You have the right to refuse/withdraw consent to information sharing at any time. The possible consequences will be fully explained to you and could include delays in receiving care, if you wish to discuss withdrawing consent please contact us on 01636 702363.
Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:
- Give you a description of it;
- Tell you why we are holding it;
- Tell you who it could be disclosed to; and
- Let you have a copy of the information in an intelligible form.
To make a request to any personal information we may hold you need to put the request in writing to the address provided below.
If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting us at the address below.
We will only retain information for as long as necessary. Records are maintained in line with the Department of Health retention schedule which determines the length of time records should be kept.
If you have any questions or concerns regarding how we use your information, please contact us at:
Lombard Medical Centre
2 Portland Street
Or by calling 01636 702363
The links below give more information about your rights and the ways that the NHS uses personal information:
Read Codes for your GPs to enter to control access to your data
Here is more detail about how your data is stored and how you can help your GP find exactly the right way to limit access to your healthcare record. We have used more technical language in this section so that interested people can see exactly what we are doing.
Getting the Read Codes that a GP or their teams insert into your electronic patient record is very important. If for example the Read Code is entered that says you are dissenting from your record being shared for direct care, you may well miss out on getting the best care available. For example GPs can now see when patients with severe COPD are not under a community COPD team that can visit very quickly to prevent an admission to hospital if the patient develops a chest infection. GPs often react to such prompts by discussing with patients putting that referral in place.
Below are 4 different things you can object to.
- Object to your data being shared electronically in Nottinghamshire for your clinical care
- Object to your data being shared nationally for your clinical care
- Object to personal identifiable information being used for any secondary purposes such as commissioning healthcare, evaluating healthcare systems and research
- Object to personal identifiable information being used for secondary purposes such as commissioning healthcare, evaluating healthcare systems and research
The first two are objections to your data being used locally or nationally for your own medical care.
To stop your clinical information for being used outside your GP system but in Nottinghamshire- based local care systems such as MIG, GPRCC and CareCentric for clinical care as in the example above we suggest you advise your GP to record one of the following Read codes:
XaKRw (TPP) or 93C1 (EMIS) Refused consent for upload to local shared electronic record
To stop your patient record being used your clinical care nationally (typically your current medication and drug allergies) on the national ‘spine’ e.g. when you are on holiday in Blackpool ask your GP to add one of the following codes:
XaXj6 (TPP) or 9Ndo (EMIS): Express dissent for Summary Care Record dataset upload
The next two objections are to stop personal identifiable information being used in your data for secondary uses such commissioning NHS services and research. This also prevents use of data that has been linked using pseudonyms as the information commissioner's office (ICO) feels that such rich information enables you to be identified more easily even without identifiers such as your name or date of birth.
To stop your personal identifiable information being used by the NHS Digital (previously known as HSCIC - Health and Social Centre Information Centre) in national datasets for secondary purposes such as research and commissioning health services
XaaVL (TPP) or 9Nu4 (EMIS): Dissent from disclosure of personal confidential data by HSCIC.
To stop personal identifiable information from being used either locally or nationally for secondary purposes such as commissioning health services or research ask your GP to add one of the following codes:
XaZ89 (TPP) or 9Nu0 (EMIS): Dissent from secondary use of GP patient identifiable data
GP clinical information systems
The two clinical information systems that GPs use in Nottinghamshire (including the City) are TPP’s SystmOne and EMIS Web. Our practice uses Systmone.
Appendix A – Data Processors
Newark & Sherwood CCG (http://www.newarkandsherwood.nhs.uk/)
NHS England (https://www.england.nhs.uk/mids-east/)
Primary Care Support England (http://pcse.england.nhs.uk/) – Patient Services, Medical records, Payments and Pensions, National performers list, Screening.
ShredPro (http://shredpro-uk.com/) – Confidential Waste Destruction
Docmail (http://www.docmail.co.uk/index.html) - Mail Management
Nottinghamshire Health Informatics Service (http://www.notts-his.nhs.uk/) – IT provider
Niche Health (http://www.nichehealth.co.uk) – Medical reporting
Ruchcliffe CCG (http://www.rushcliffeccg.nhs.uk/)
National Diabetes Audit (http://content.digital.nhs.uk/nda)