Regency Medical Practice Privacy Notice
This privacy notice explains why the GP Practice collects information about you, how that information may be used and which organisations the information will be shared with to ensure you receive the best possible care.
Who we are:
Drs Ahmed and Hanif of the Regency Medical Practice, The Shields Health & Care Centre,80 McCulloch St,Glasgow,G41 1NX
Our responsibility to you:
We take your trust and right to privacy seriously and are committed to ensuring that whenever we process personal information we do this fairly, lawfully and in a transparent manner. We comply fully with all of our obligations under the data protection laws. These laws include the Data Protection Act 1998 (DPA), and any statutory modification or re-enactment thereof, and the EU General Data Protection Regulation (GDPR)
Data Protection Act
The Data Protection Act 1998 (DPA) was enacted to ensure the fair and lawful processing of personal data. The DPA governs how organisations can collect and process information about individuals. It explains the rights of individuals (data subjects) and the responsibilities of the organisations (data controllers) which collect and process personal data. It also details the requirements of any third party organisations (data processors) which process personal data on behalf of data controllers. The DPA is regulated and enforced by the UK Information Commissioner's Office (ICO).
General Data Protection Regulation
A new General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), which strengthens and unifies data protection for individuals within the European Union, will come into force on 25 May 2018. The Regulation has been designed to harmonise data privacy laws across Europe, to protect and empower all citizens' data privacy and to reshape the way organisations across the EU approach data privacy. We are working in collaboration with the Greater Glasgow & Clyde Health Board and other partners to implement the Regulation and to ensure that all of our policies and operations are compliant with it.
Data Protection in the Regency Medical Practice
We regard the fair, lawful, and transparent treatment of personal information as integral to the success of our business operations and to maintaining the confidence of our patients. Our commitment to effective data protection is set out in the Regency Medical Practice Data Protection Policy.
The data controllers in the Regency Medical Practice are the Partners and the Practice Manager who are responsible for ensuring that all collection and processing of personal data within the Regency Medical Practice complies with the data protection laws. Regency Medical Practice Data Protection Officer is the Practice Manager. She is responsible for monitoring and auditing compliance with the data protection laws, ensuring that our doctors, nurses and all staff understand and comply with their obligations, and assessing the risks associated with the processing of personal data.
The registration number of our entry in the ICO Register of data controllers is ZA187360.
Subject Access Requests
The DPA and the GDPR give data subjects a legal right to access the personal information the Regency Medical Practice holds about them. These requests are known as subject access requests and we will process them within one month. We will also provide you with information about any processing of your personal data that is being carried out, the retention periods which apply to your personal data, and any rights to rectification, erasure, or restriction of processing that may exist.
Subject access requests must be submitted in writing and anyone making an oral request will be invited to complete our Subject Access Request Form. More information about making a subject access request is available in the form.
Regency Medical Practice uses privacy notices to tell you what to expect whenever we collect and process personal information. More information can be found in the Privacy section of this website. If at any time you feel that we are not being transparent enough about how we process your personal data or you would like more information then please let us know using the contact information below.
Data Protection Impact Assessments
Regency Medical Practice uses data protection impact assessments (DPIAs), also known as privacy impact assessments (PIAs), to help us identify the most effective way of complying with our data protection obligations and meeting individuals' expectations of privacy.
DPIAs are a tool organisations can use to identify and reduce risks to privacy. They help minimise the risks of harm to individuals through the misuse of their personal information.
It is our policy to carry out DPIAs for all projects which involve the handling of personal data and which may have an impact on privacy.
CCTV is in use within the Shields Health and Care Centre provided by NHS Greater Glasgow and Clyde. The operation of CCTV within the Health Centre complies with the Information Commissioner’s Office CCTV Code of Practice.
Right to complain
Should you feel that the Regency Medical Practice is handling your data unfairly or unlawfully, you can report your concern to the Information Commissioner’s Office (ICO). For more information visit the ICO website:
Practice Contact Information
Regency Medical Practice
Data Protection Officer
The Shields Health & Care Centre
80 McCulloch St
Tel: 0141 800 7310
What Information Do We Collect?
Your healthcare records contain information about your health and any treatment or care you have received previously (e.g. NHS Health Board, GP Surgery, NHS24, etc.). NHS health records may be electronic, on paper or a mixture of both, and we use a combination of working practices and technology to ensure that your information is kept confidential and secure. Your healthcare record may include the following information;
- Details about you, such as address and next of kin
- Any contact the surgery has had with you, such as appointments, clinic visits, and emergency appointments, etc.
- Notes and reports about your health
- Your CHI Number
- Your NHS Number
- Details about your treatment and care
- Results of investigations, such as laboratory tests, x-rays, etc.
- Relevant information from other health professionals, relatives or those who care for you
Why Do We Collect This Information?
To ensure you receive the best possible healthcare, your records are used to facilitate the care you receive. Information held about you may be used to help protect the health of the public and to help us manage the NHS. Information may also be used for clinical audit to monitor the quality of the service provided.
Who Will We Share Your Information With?
For the purposes of providing the best possible healthcare and to fulfil our statutory obligations, we may need to share your information with the following organisations:
- Secondary Care (Hospitals)
- Community Pharmacy
- Primary Care Pharmacy
- Community-based Nurses
- Other Primary Care Health Organisations
- Other NHS Greater Glasgow and Clyde Employed Staff
- Common Services Agency (NHS National Services Scotland)
- Home Office
- UK Regulatory Bodies such as the General Medical Council
- NHS Blood and Transplant
- NHSCR/General Registers Office