GDPR - General Data Protection

The GDPR and Data Protection Act 2018 replace the Data Protection Act 1998 with an updated and strengthened data protection framework, however, the key principles of the original Act remain unchanged. The most relevant changes for GPs in their role as data controllers are highlighted in the box below.

  • Compliance must be actively demonstrated, for example it will be necessary to:
    • keep and maintain up-to-date records of the data flows from the practice and the legal basis for these flows; and
    • have data protection policies and procedures in place.
  • More information is required in 'privacy notices' for patients.
  • A legal requirement to report certain data breaches.
  • Significantly increased financial penalties for breaches as well as non-compliance.
  • Practices will not be able to charge patients for access to medical records (save in exceptional circumstances).
  • Designation of Data Protection Officers

How we use your information

We have produced a leaflet that explains:

  • Why Stenhouse collects information about you and how it is used
  • Who we may share information with
  • Your right to see your health records and how we keep your records confidential

Click here How We Use Your Information to download this leaflet

Data Protection Officer

The Stenhouse Data Protection Officer is Paul Couldrey of PCIG Consulting Limited. Any queries in regard to Data Protection issues should be addressed to him at:

Email:   Couldrey@me.com

Postal: PCIG Consulting Limited

           7 Westacre Drive

                        Quarry Bank

                        Dudley

                        West Midlands

                        DY5 2EE

A copy of the practice Privacy notice is available to download here:

A specific Covid-19 Privacy Notice is also available here: 

COVID-19 Privacy Notice



 
Call 111 when you need medical help fast but it’s not a 999 emergencyNHS ChoicesThis site is brought to you by My Surgery Website