Privacy notice
As data controllers, GPs have fair processing responsibilities under the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). This means ensuring that your personal confidential data (PCD) is handled in ways that are safe, transparent and what you would reasonably expect. Please find documents and links below.
GDPR Data Protection Impact Assessment
GDPR Practice Responsibilities
How We Use Your Information Leaflet
If you require any of the above documents in an alternative format, please contact reception.
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is: used fairly, lawfully and transparently.
As a practice we have policies and procedures in place ensuring all patient data is held securely and all information is strictly confidential.
Data Protection Privacy Notice for Patients
This privacy notice lets you know what happens to any personal data that you give to us, or any information that we may collect from you or about you from other organisations.
This privacy notice applies to personal information processed by or on behalf of the practice.
This Notice explains
- Who we are and how we use your information
- Information about our Data Protection Officer
- What kinds of personal information about you we hold and use (process)
- The legal grounds for our processing of your personal information (including when we share it with others)
- What should you do if your personal information changes?
- For how long your personal information is retained / stored by us?
- What are your rights under Data Protection laws
The UK General Data Protection Regulation (UKGDPR) and the Data Protection Act 2018 (DPA 2018) became law on 25th May 2018, and 1st January 2021 when the UK exited the EU.
For the purpose of applicable data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (UK) 2016/679) (the “UKGDPR”), and the Data Protection Act 2018 the practice responsible for your personal data is Brewood Medical Practice.
This Notice describes how we collect, use and process your personal data, and how in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.
Data Protection Officer
The Practice Data Protection Officer is Paul Couldrey of PCIG Consulting Limited. Any queries regarding Data Protection issues should be addressed to him at: –
Email: Couldrey@me.com
Postal: PCIG Consulting Limited, 7 Westacre Drive, Quarry Bank, Dudley, West Midlands, DY5 2EE
Changes
It is important to point out that we may amend this Privacy Notice from time to time. If you are
dissatisfied with any aspect of our Privacy Notice, please contact the Practice Data Protection Officer.
Download our full Patient Privacy Notice or if you require the document in an alternative format, please contact reception.