Practice Policies

Practice Policies

Please choose one of the tabs below to view the practice policy…

Privacy Policy

General Data Protection Regulation (GDPR) 2018.

1.0 Introduction

The General Data Protection Regulation (GDPR) comes in to force on 25 May 2018, superseding the Data Protection Act (1998).

Under the terms of the new GDPR, a privacy notice is required to explain to our patients what personal data is held about them, how it is collected, processed and who has access to it.

All businesses who collect data about people need to comply with the GDPR European legislation and will need to continue to adhere to it once the U.K. leaves the E.U.

For a full background on GDPR see the GDPR Website here. (https://www.eugdpr.org/)

2.0 Data Controller & Data Protection Officer

Names of Data ControllerDyfi Valley Health
Contact Details

Dyfi Valley Health

Glantwymyn Health Centre

Cemmaes Road

Machynlleth

Powys

SY20 8LB

Phone: 01650 511 227

 

Dyfi Valley Health

Machynlleth Health Centre

Forge Road

Machynlleth

Powys

SY20 8EQ

Phone: 01654 702 224

 

Email: contact@DyfiValleyHealth.org

Website: http://DyfiValleyhealth.org

Data Protection OfficerMr. James Bradbury-Willis
Contact Details

The Digital Musketeer

The Old Library, Literary Institute

Seaview Terrace, Aberdovey

Gwynedd, LL35 0LL

Phone: 01654 767 737

 

Email: contact@theDigitalMusketeer.com

Website: http://theDigitalMusketeer.com

3.0 Your Data

3.1 How we Collect Your Data

We collect your data when you willingly provide us with the required personal information whilst registering to become a patient at Dyfi Valley Health, via the Registration Questionnaire (14052018_v1) and NHS Wales Registration Form.

3.1.1 Information Collected by Other Resources

By registering with the practice in Section 3.1, you consent to your medical history from your previous practice(s) being sent to the practice. The provision of this information is essential in order that we can deliver personal care and medical treatment.

We often obtain information from hospitals, pharmacies and other medical practitioners to whom you will already have submitted your personal data.

3.2 What Data we Collect

Data Collected

Name(s)

Date of Birth

Address

Phone Number(s)

Email Address

Your Medical History

Chronic Health Concerns

If you are a carer or cared for

Have a disability

Your ability to access the surgery

If you were in the armed forces

Family Medical History

Lifestyle (smoking / drinking)

Ethnic Group

 

3.3 Who Has Access to Your Data

Only specific, trained and required members of the Dyfi Valley Health clinical and non-clinical team has access to your data. Not all members of the team have access to all your data – only the clinical team does so. On occasions we may need to share your data in order to provide you with the best medical treatment – see Section 3.5.

We undertake at all times to protect your personal data in a manner which is consistent with the practice team’s duty of confidentiality and the requirements of the General Data Protection Regulation.  We will also take all reasonable measures to protect your personal data stored in paper files and on our electronic system.

3.4 How we Use Your Data

How Data is UsedNon-Clinical TeamClinical Team
 

Making Appointments

Generate Prescriptions

Electronically File Medical Records

Provide Requested Test Results

Send Treatment Reminders

Send Clinic Reminders

To Provide You with Care & Medical Treatment

3.5 Sharing Your Data

We will keep information about you confidential and will only disclose any information with third parties with your permission, if it is in your interests to do so and when we are sure that the party with whom we are sharing information is a medical practitioner with whom you have already shared personal information. For example:

  • Giving contact information to a physiotherapist or hospital which wishes to contact you regarding an appointment.
  • With your written or verbal consent, we will share information about you with a carer.
  • With express consent, Information shared with solicitors and insurance companies.
  • With production of a court order, Information will be shared with legal agencies and the police

For more examples on how we may share your information, please speak to one of our non-clinical team who can advise accordingly and specifically.

3.6 How Long do we Hold Your Data

We will keep your paper and electronic (hospital/clinic) records as long as you are a patient at the practice.

When you end your time with the Practice, these records will be returned to Shared Services and follow NHS guidelines.

The practice will archive information held on its clinical system relating to consultations, immunisations, medical history and prescribing.

3.7 Location of Your Data

Your data is securely stored and located on our computer systems, which are managed by NHS Wales Information Service. For specific information on how your data is stored electronically contact them by clicking here. (http://www.wales.nhs.uk/nwis/page/52504)

We also store, when necessary, physical paper copies of your medical records. These records are held in a secure location that follows relevant legislative guidelines.

4.0 Patient (Data Subject) Rights

If you would like to invoke any of the following data subject rights, please write to The Practice Manager, Glantwymyn Health Centre, Cemmaes Road, Machynlleth, Powys, SY20 8LB.

4.1 Right to be Informed

This Privacy Policy informs you of your rights. The latest version will be found on the Dyfi Valley Health Website and within the surgery for your access. New versions will be updated online and made available upon request.

4.2 Right to Access Your Data

GDPR 2018 grants you the right to access particular personal data which we hold about you. This is referred to as a subject access request. We will respond promptly and at least within one calendar month from the date of receiving the request and all necessary information in writing from you.

Please fill out the Subject Access Request Form and send it to us at contact@DyfiValleyHealth.org

4.3 Right to Rectify

If considered appropriate, a retrospective entry can be made by a clinician if you have concerns regarding the accuracy of your clinical record.

You will also have the right to have incomplete personal data completed, if necessary by providing a signed and dated supplementary statement.  We will respond to the request for rectification at least within one calendar month.

4.4 Right to Erase

You have the right to request erasure of personal information concerning you if this is no longer relevant. We can not delete data which may compromise your medical care in the current or future.

4.5 Right of Data Portability

We can respond to a request from you for the supply of your personal information in an electronic format, which you then have the right to transmit elsewhere.

4.6 Rights to Automation

Patients have the right not to be subject to a decision based on automated processing.  Patients have the right to (a) obtain human intervention, (b) express their point of view, and (c) obtain an explanation of the decision and challenge it.

5.0 Questions, Queries & Complaints

If you have any questions or queries which this Privacy Policy has not addressed, or if you have any concerns about how we use the personal information we hold, please write to:

Dyfi Valley Health

Machynlleth Health Centre

Forge Road

Machynlleth

Powys

SY20 8EQ

Download the Dyfi Valley Health Pricavy Policy Here

Practice T&Cs

Violence Policy

The NHS operates a zero tolerance policy with regard to violence and abuse and the practice has the right to remove violent patients from the list with immediate effect in order to safeguard practice staff, patients, and other persons. Violence in this context includes actual or threatened physical violence or verbal abuse which leads to fear for a person’s safety. In this situation, we will notify the patient in writing of their removal from the list and record in the patient’s medical records the fact of the removal and the circumstances leading to it.

Freedom of Information

Please email contact@DyfiValleyHealth.org for Freedom of Information requests. See the following link for more information: http://www.wales.nhs.uk/nhswalesaboutus/freedomofinformation

Accessibility

Website

Our website pages are designed so that you can change the style, size and colour of the font used, as well as the background colour. If you wish to do so, please see the guides below.

Customise settings in:

Further help

If you:

  • Have problems seeing the screen
  • Find it difficult to use the mouse or keyboard
  • Need help with language or reading websites

then we recommend you visit the BBC website My Web My Way, which provides advice on how to make your computer easier to use, whether you are a Windows, Mac or Linux user.

Dyfi Valley Health

Dyfi Valley Health is committed to providing its community with the best possible health care.

© 2018 Dyfi Valley Health

RCGP  NHS Wales