Children and Young Adults
Privacy Information and Notice
How we use your personal information
This notice explains why the practice collects information about you and how that information may be used.
The health care professionals, who provide you with care will keep records about your health and any treatment or care you have received (e.g. Hospital and GP Surgery and so on). These records help to give you the best possible healthcare.
From the age of 13 years, the Information Commissioner’s Office, the national Governing Body in charge of UK Information rules, regards you as having the competence to consent to your own health care and the processing of the information that we hold about you at this practice which form what is known as your ‘Health Record’.
This is in line with what is called the ‘Gillick Competence’ which is a medical law that decides whether a child under 16 years is able to consent to his/her own medical treatment without the need for consent from a parent/carer/legal guardian.
These records may be electronic (information kept on our computers), on paper (letters that we may have or that we receive) or a mixture of both, and we take every care to make sure that your information is kept confidential and secure. Records which this GP Practice holds about you may include the following:
- Details about you, such as your address, legal representative, emergency contact details
- Any contact the surgery has had with you, such as appointments, clinic visits, emergency appointments, etc.
- Notes and reports about your health
- Details about any treatment you have had or are having.
- Results of any tests that you may have such as blood tests, x-rays etc.
- Important information from other health professionals, relatives or those who care for you
- Important information from your school that may be to do with your health or wellbeing (eg. behaviour reports, concerns from teachers, vaccinations you have had)
- Information from Child Health about any Health assessments or vaccinations you have had, you have missed or you may need.
Your records will be stored in line with the NHS Code of Practice for Records Management.
It is our job to give you the best care possible and so your records are used to make sure that this happens. We may sometimes need to share your information with other people in the NHS to help us to make things in the NHS better. Most of the time, this information will not have your personal details (name. date of birth) so you cannot be identified. In cases where we do need to give your personal details, we will always ask if this is okay with you. Information may be used within the GP practice for clinical audits to help us monitor the quality of the care that you receive.
Sometimes your information may be requested to be used for research purposes – the surgery will always ask you before giving any information for this purpose.
How we keep your records confidential
We have to keep your personal information and records private so we will only use or share your information in line with the following guidelines and laws:
- Data Protection Act 2018
- Human Rights Act 1998
- Common Law Duty of Confidentiality
- Health and Social Care Act 2012
- NHS Codes of Confidentiality and Information Security
- Information: To Share or Not to Share Review
Every member of staff who works for the Practice or another NHS organisation has a legal obligation to keep information about you confidential. Staff at this practice have signed a ‘Confidentiality Agreement’.
We will only ever use or pass on information about you if others involved in your care if this is important for your treatment. We will not give your information to anyone else without your permission unless there are exceptional circumstances (i.e. life or death situations), where the law requires information to be passed on, for example Child Protection and Serious Criminal Activity.
Organisations that we may share your information with
We may also have to share or receive your information, under strict agreements on how it will be used, with the following organisations:-
- NHS Organisations
- Doctor, Dentist, Optician or Pharmacist
- Ambulance Service
- Social Care & Safeguarding Services
- Child Health
- County Council
- Fire and Rescue Services
- Police & Court Services (if we are asked by law)
We will always tell you who we are sharing your information with and may even have to ask for your consent to do this (ask if it is okay with you) and you may be asked to sign a form for this.
Access to your information
Under data protection rules you have the right to ask to see your medical records whenever you like and this is free. Also, if you think that any of the information you see is not correct, you can ask for this information to be taken out. This can only be done if we are 100% sure that the information is NOT correct. To be able to see your records, this is what you will need to do:
- Write a letter to the doctor here to ask to look at your records. You will need to include your full name, date of birth, NHS number (if you know it) and your address. This is so that we can make sure that we are giving this information to the right person.
- The doctor will use the Gillick Competence rules (that we talked about above) to make sure that you are able to have that consent
- We will not charge for this (unless you ask a lot of times then we may put on a charge)
- If the doctor agrees that it is okay for you to have access, we will give you the information within 30 days
This is the person/people or organisation that is responsible for using and recording your information.
Data Controller The Data Controller is the person/organisation responsible for keeping your information secure and confidential. Keston Medical Practice is your Data Controller. Data Protection Officer (DPO) The Data Protection Officer has overall responsibility for Data Protection within this area. Our designated DPO is Umar Sabat. He can be contact via email
Objections / Complaints
If you need to know anything else about how we use or keep your information, you can ask to speak to our Practice Manager and she will be happy to explain. If you have access to the internet, you can also read more about this on the ICO website
Important-Change of Details
It is important that you tell us or any other person treating you if any of your details such as your name, address or contact details have changed.
You should also know that at 13 years old you are able to use your own mobile telephone number instead of your parents’ or guardians’ numbers for when we need to contact you.
Any time after your 13th birthday please let us know which number you would like to be contacted on. You may still like this to be a parent or guardian’s number.
3 months before your 16th birthday we will write to you to ask what telephone numbers you would like us to have. If we don’t hear from you we will remove telephone numbers from your record, though we will keep previous numbers as alternatives in case we need to contact you urgently. If we use the alternative number, we will not reveal any medical information to anyone other than yourself.
If you are still happy for us to put in one of your parents’ or Guardians’ mobile numbers then you can tell us to do this.
On line access
Similarly, your parent or guardian may have access to your patient on line system, which gives internet access to your record, including details of appointments and test results.
From 13 years of age you can decide who can see this. Please let us know if you would like to change who has access.
3 months before your 16th birthday we will write to you to ask who should have access to your on line account. If we don’t hear from you, from your 16th birthday, we will restrict access to yourself, and send you new access details.
If you are still happy for us to allow access to your parents’ or Guardians’ then you can tell us to do this.
Under the General Data Protection Regulations we have to register this surgery with the Information Commissioner to describe the purposes for which we process personal and sensitive information.
This practice is registered with the Information Commissioners Office (ICO)
- Access to Medical Records
- Children and Young Adults
- Chaperone Policy
- Complaints Procedure
- Confidentiality Policy
- Consent Protocol
- Covid-19 and Your Information
- Direct Care - Emergencies
- Disabled Access
- Mission Statement
- National Screenings Programs
- NET GP Earnings
- Privacy Notices
- Teaching and Training
- Zero Tolerance