Privacy statement
General Data Protection Regulation 2018 (GDPR)
In the National Health Service (NHS), we aim to provide you with the highest quality healthcare. To do this we must keep information about you, your health and the care we have provided to you or plan to provide to you. This privacy statement provides a summary of how we use your information.
The General Data Protection Regulation (GDPR) 2018 controls how your personal information is used by organisations, businesses or the government. Upminster Bridge Surgery is defined as a ‘data controller’ of personal information. We collect information to help us provide and manage healthcare to our patients.
How we use your medical records
- This practice handles medical records in-line with laws on data protection and confidentiality.
- We share medical records with those who are involved in providing you with care and treatment.
- In some circumstances we will also share medical records for medical research, for example to find out more about why people get ill.
- We share information when the law requires us to do so, for example, to prevent infectious diseases from spreading or to check the care being provided to you is safe.
- You have the right to under the General Data Protection Regulation to access your medical record. Individuals have the legal right to access information that is held about them by an organisation.
- You have the right to object and to opt out to your information being used for medical research and to plan health services.
- You have the right to have any mistakes corrected and to complain to the Information Commissioner’s Office (ICO). Please speak to a member of staff for more information about your rights.
- For more information please see the full policy.