Practice Policies/Files

General Data Protection (GDPR)

What is GDPR?

The General Data Protection Regulation (GDPR) is a new EU regulation that comes into force on 25th May 2018. The GDPR will replace the existing data protection legislation including the UK Data Protection Act 1998.

Who Does the GDPR apply to?

The GDPR applies to all individuals and organisations with day-to-day responsibilities for data protection.

What does this mean for patients?

Your data:

  • must be processed lawfully, fairly and transparently.
  • collected for specific, explicit and legitimate purposes.
  • must be limited to what is necessary for the purposes for which it is processed.
  • must be accurate and kept up to date.
  • must be held securely.
  • It can only be retained for as long as is necessary for the reasons it was collected.

Below are links to the practice’s patient privacy notices and further information, which explain why and how we process your personal data:

Practice Patient Privacy Notice – Download

Patient Information Leaflet - How we use your personal information – Download

Patient Information Leaflet - What is GDPR? – Download

We have also included links for:

NHS privacy notice - NSS Privacy Policy

NHS GDPR Patient Leaflet - NHS GDPR Leaflet

Clinical Practice Research Datalink (CPRD) - CPRD Privacy Notice