Islington Medical Centre
Home / Privacy Policy

Privacy Policy

Personal information is information that includes the identity of the person to whom the information relates. The scope of this policy applies to personal patient information that is held by the practice. This information may be obtained from direct communications between patients and the practice, or by transfer of information from other accredited health professionals to the practice, or by indirect communications between patients and the practice via this practice website (http://www.islingtonhousemc-liverpool.nhs.uk/). The policy does not apply to information that may be obtained from patients by other external websites - including any that this practice website contains links to - since the practice has no control or jurisdiction over external websites.

 

Governance of personal information

The confidentiality and use of all personal patient information that is held by the practice is regulated first and foremost in law by the Data Protection Act, and secondly by the Department of Health Code of Practice on Confidentiality, and by guidance issued to GPs by the British Medical Association. This regulatory protection is irrespective of the form in which the information is held - electronic or paper. The protection is also irrespective of how the information is collected by the practice - for example via a website form, or volunteered to practice members in person or on the telephone.

 

Use of personal information

Personal patient information is only used to allow practice members, and other dedicated health professionals, to provide patients with effective and efficient health-care.

 

We do not collect or store personal information for any other purpose.

 

Mechanisms on this website that are used to collect information (e.g. cookies and log-files) do not collect any personal information.

 

Disclosure of personal information

All staff employed by the NHS have a duty of confidence to ensure that personal patient information is not disclosed inappropriately, and they work to the governance framework that is identified above.

 

 Some aggregated and anonymized patient information may be used by the NHS for research or resource management purposes, but this does not include any data that could identify a specific patient.

 

Any personal information that a patient may wish to disclose to another party (for the purposes of an insurance claim, for example) will only be released to that party after the patient has given us explicit permission to do so.

 

Each patient has a right to access their own personal information.

   

Security against unauthorised access to personal information

Whatever form personal patient information is stored in, we undertake to ensure that all necessary security measures are deployed to safeguard the confidentiality of the data. For paper information this entails providing security locks to prevent physical access to the information. For electronic information this entails using only appropriate secure protocols and mechanisms for the capture, storage, and transmission of personal information.