Confidentiality / GDPR

General Data Protection Regulations

From 25th May 2018 the new GDPR Regulations come into place.  This means the way that we collect and record your information is changing.

Currently we have to let you know how we use any information we hold for you and also need your written permission to share and send any of your information to third parties.

Under the GDPR there are additional things that we now have to tell you which include our lawful basis for processing the data and how long we keep it for.  We also have to inform patients of their right to complain to the Information Commissioners Office (ICO) if you think there is a problem with the way we handle your data.

The GDPR includes the following six principles to follow that you should be aware of:

Personal data should be processed lawfully, fairly and in a transparent manner
Personal data should be collected for specific purposes and not used for incompatible purposes
Personal data should be adequate, relevant and limited to what is necessary
Personal data should be accurate, kept up to date and errors erased or rectified
Personal data should be kept in a form that enables the identification of individuals for  no longer than is necessary
Personal data should be kept secure
As holders of your information we are obliged under GDPR to report any data breaches which may have a detrimental effect on individual patents to the ICO.  These include any breaches that result in discrimination, damage of reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage.

Central Clinic intends to protect your information and our reputation by reviewing our policies and procedures to minimise the risk of any data breach.  If a breach does occur we can assure all patients that this will be reported to the ICO and fully investigated

Department of Health Logo NHS UK Logo Freedom of Information Logo