Please click on the link below for more information on the GPDPR. This link also provides a short video detailing how the NHS uses your data.
The document below details the legal basis for this new data sharing arrangement; GP practices are mandated under the authority of the Secretary of State for Health to provide this information.
The Data Provision Notice in relation to GPGDR can be read by clicking the link below:
There is information in the DPN how you might choose to Opt Out of having your data used beyond its use towards your direct health and social care (medical treatment). There is a form on the above link.
Alternatively, you can call 0300 3035678 and ask for a form to be posted to you. If you wish to register a Type 1 Opt-out with your GP practice before data sharing starts with NHS Digital, this should be done by returning this form to the surgery by 23 June 2021 to allow time for processing it.
This practice is supporting vital coronavirus (COVID-19) planning and research by sharing your data with NHS Digital.
The health and social care system is facing significant pressures due to the coronavirus (COVID-19) outbreak. Health and care information is essential to deliver care to individuals, to support health, social care and other public services and to protect public health. Information will also be vital in researching, monitoring, tracking and managing the coronavirus outbreak. In the current emergency it has become even more important to share health and care information across relevant organisations. This practice is supporting vital coronavirus planning and research by sharing your data with NHS Digital, the national safe haven for health and social care data in England.
NHS Digital has been legally directed to collect and analyse patient data from all GP practices in England to support the coronavirus response for the duration of the outbreak. NHS Digital will become the controller under the General Data Protection Regulation 2016 (GDPR) of the personal data collected and analysed jointly with the Secretary of State for Health and Social Care, who has directed NHS Digital to collect and analyse this data under the COVID-19 Public Health Directions 2020(COVID-19 Direction).
All GP practices in England are legally required to share data with NHS Digital for this purpose under the Health and Social Care Act 2012 (2012 Act). More information about this requirement is contained in the data provision notice issued by NHS Digital to GP practices.
Under GDPR our legal basis for sharing this personal data with NHS Digital is Article 6(1)(c) - legal obligation. Our legal basis for sharing personal data relating to health, is Article 9(2)(g) – substantial public interest, for the purposes of NHS Digital exercising its statutory functions under the COVID-19 Direction.
The data being shared with NHS Digital will include information about patients who are currently registered with a GP practice or who have a date of death on or after 1 November 2019 whose record contains coded information relevant to coronavirus planning and research. The data contains NHS Number, postcode, address, surname, forename, sex, ethnicity, date of birth and date of death for those patients. It will also include coded health data which is held in your GP record such as details of:
diagnoses and findings
medications and other prescribed items
investigations, tests and results
treatments and outcomes
vaccinations and immunisations
NHS Digital will analyse the data they collect and securely and lawfully share data with other appropriate organisations, including health and care organisations, bodies engaged in disease surveillance and research organisations for coronavirus response purposes only. These purposes include protecting public health, planning and providing health, social care and public services, identifying coronavirus trends and risks to public health, monitoring and managing the outbreak and carrying out of vital coronavirus research and clinical trials. The British Medical Association, the Royal College of General Practitioners and the National Data Guardian are all supportive of this initiative.
NHS Digital has various legal powers to share data for purposes relating to the coronavirus response. It is also required to share data in certain circumstances set out in the COVID-19 Direction and to share confidential patient information to support the response under a legal notice issued to it by the Secretary of State under the Health Service (Control of Patient Information) Regulations 2002 (COPI Regulations).
Legal notices under the COPI Regulations have also been issued to other health and social care organisations requiring those organisations to process and share confidential patient information to respond to the coronavirus outbreak. Any information used or shared during the outbreak under these legal notices or the COPI Regulations will be limited to the period of the outbreak unless there is another legal basis for organisations to continue to use the information.
Data which is shared by NHS Digital will be subject to robust rules relating to privacy, security and confidentiality and only the minimum amount of data necessary to achieve the coronavirus purpose will be shared. Organisations using your data will also need to have a clear legal basis to do so and will enter into a data sharing agreement with NHS Digital. Information about the data that NHS Digital shares, including who with and for what purpose will be published in the NHS Digital data release register.
For more information about how NHS Digital will use your data please see the NHS Digital Transparency Notice for GP Data for Pandemic Planning and Research (COVID-19).
The application of the National Data Opt-Out to information shared by NHS Digital will be considered on a case by case basis and may or may not apply depending on the specific purposes for which the data is to be used. This is because during this period of emergency, the National Data Opt-Out will not generally apply where data is used to support the coronavirus outbreak, due to the public interest and legal requirements to share information.
To read more about the health and care information NHS Digital collects, its legal basis for collecting this information and what choices and rights you have in relation to the processing by NHS Digital of your personal data, see:
For patients of Wells City Practice
1.1 The law determines how organisations can use the personal information they collect. This is underpinned by the Common Law Duty of Confidentiality together with legislation we must comply with including:
1.2 Wells City Practice holds and uses the personal and confidential information of its patients for a number of purposes. This notice sets out in general terms a summary of the type of information we hold about you, what we use if for and also who we may share your information with.
2.1 Wells City Practice collects personal confidential information about you. This information may include (but is not limited to):
2.2 The practice uses this information for the following reasons:
3.1 Wells City Practice may share information held about you with other organisations to support:
For patient care (identifiable information):
For planning and assurance (information in anonymised format which does not include information from the patient written notes):
3.2 Organisations with which information is routinely shared with for the reasons set out above include but are not limited to:
For patient care:
For planning and assurance:
4.1 We will not share your identifiable information for any other reason other than healthcare and service planning within the NHS, unless we first obtain consent from you.
4.2 We sometimes share non-identifiable information for statistical and research purposes. These records will be entirely anonymised so you cannot be identified.
4.3 All patients have the right to-opt out of allowing their records to be shared for non-care purposes. If you wish to do this, please speak to a member of the practice staff.
4.4 For more detailed information about your rights and our responsibilities in respect of data protection, we have a number of information leaflets that are available in our waiting areas and reception, as well as further resources on our website. Easy read format as well as information in other languages is available upon request.
5.1 Wells City Practice has a range of security measures in place to ensure that your information is held, and where appropriate, shared in a secure way. Your patient record will only be accessed by those members of practice staff who are authorised to do so.
5.2 If you have any concerns about the way we handle your information, please speak to a member of the practice staff.
5.3 The Data Protection Officer for Wells City Practice is Somerset CCG and the email address is firstname.lastname@example.org
Further information is available from Reception.
We are committed to protecting the privacy of all individuals using this website.
This policy explains how we use any personal information we collect from you through this website.
You can access most of the pages on our website without giving us your personal information. However, you may choose to provide us with your personal information on some pages of the website by completing an on-line form.
We shall use any personal information you give to us, in accordance with this policy, and with any additional statements appearing on forms used for submitting your personal information. We shall not disclose your personal information to any third parties without obtaining your prior consent unless we are required by law to do so. In particular:
We shall use your personal information to administer, and may respond to, your request.
We shall securely store the information you supply together with any response we may provide.
If you contact us regarding the website we may use your details to reply to you. If you make a comment or complaint about other aspects of the service we may use your details to investigate your comments.
This website uses https to ensure data is encrypted in transmission. This encryption, known as TLS encryption protocol, allows us to protect your privacy. You can usually verify that the page is encrypted by seeing a small lock symbol in the upper left corner of your browser and the website address is prefixed with https://.
All data obtained by us is held and used in compliance with the Data Protection Act 2018.
This website contains links to other sites. We are not responsible for the privacy practices of third parties that run any other websites. Please refer to their own privacy policies for more information.
You have a right under the Data Protection Act 2018 to ask us to provide you with the information we hold about you and to have any inaccuracies corrected. If you would like to access a copy of your information, please contact the Practice Manager using the following contact details in the heading above.
To access one of our many contact forms please click below.
Use Patient Access to book an appointment, order repeat prescriptions and view your medical record.
111 is the NHS non-emergency number. It's fast, easy and free. Call 111 and speak to a highly trained adviser, supported by healthcare professionals.
How likely are you to recommend this Surgery to friends and family if they needed similar care or treatment? Please spend 2 minutes to take the Friends and Family Test.
The NHS website. Take control of your health and wellbeing. Get medical advice, information about healthcare services and support for a healthy life.
Patient is one of the most trusted medical resources online, supplying evidence based information on a wide range of medical and health topics to patients and health professionals.