The EU General Data Protection Regulation (GDPR) was approved in 2016 and will become directly applicable as law in the UK from 25th May 2018.
GDPR aims to improve and simplify data protection. Patients will benefit from clarity as to their rights concerning how their data is held and processed.
The Privacy Notice is part of our programme to make the data processing activities we are carrying out in order to meet our healthcare obligations transparent. The Privacy Notice tells you about information we collect and hold about you, the legal basis for collecting and holding the information, what we do with it, how we keep it secure (confidential), who we might share it with and what your rights are in relation to your information.
We are required by law to provide you with information on how we use your data. There is a highly detailed privacy notice available above but this simplified notice is provided for clarity.
Subject Access Request (SAR) is created under section 7 of DPA1998 and Article 15 of GDPR 2016 gives rights to a data subject/individual to request personal information the practice holds about them.
Health Information Exchange System Privacy Notice contains information about the sharing of Personal Information by North London Health and Care Partners using a system called the Health Information Exchange (HIE) and contains details of the following:
- information we collect and hold about you;
- the legal basis for collecting and holding the information;
- what we do with it, how we keep it secure (confidential);
- who we might share it with;
- how long we will hold it for;
- what your rights are in relation to your data.