Privacy Policy

Fair Processing Notice – How we use your information

ICO Registration No: ZA075651

Data Protection Officer:
Liane Cotterill

Caldicott Guardian:
Dr Bronwyn Tasker

Senior Information Risk Owner:
Teresa Graham

This privacy notice explains why Second Street Surgery collects information about you, and how that information may be used.

The health care professionals who provide you with care maintain records about your health and any treatment or care you have received previously (e.g. NHS Trust, GP Surgery, Walk-in clinic, etc.). These records help to provide you with the best possible healthcare.

NHS health records may be electronic, on paper or a mixture of both, and we use a combination of working practices and technology to ensure that your information is kept confidential and secure. Records which we may hold about you may include the following information;

  • Details about you, such as address and next of kin
    • Any contact the surgery has had with you (appointments, clinic visits, emergency appointments, etc.)
    • Notes and reports about your health
    • Details about your treatment and care
    • Results of investigations (laboratory tests, x-rays, etc.)
    • Relevant information from other health professionals, relatives or those who care for you

To ensure you receive the best possible care, your records are used to facilitate the care you receive. Information held about you may be used to help protect the health of the public and to help manage the NHS. Information may be used for clinical audit to monitor the quality of the service provided.

Some of this information will be used for statistical purposes. Where we do this, we take strict measures to ensure that individual patients cannot be identified.

Sometimes your information may be requested to be used for research purposes – Second Street Surgery will always gain your consent before releasing the information.

How do we maintain the confidentiality of your records?

We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Data Protection Act 1998 (which is overseen by the Information Commissioner’s Office), Human Rights Act, the Common Law Duty of Confidentiality, and the NHS Codes of Confidentiality and Security.

Every member of staff who works for an NHS organisation and/or is commissioned to provide an NHS function has a legal obligation to keep information about you confidential. Anyone who receives information from an NHS organisation has a legal duty to keep it confidential.

We maintain our duty of confidentiality to you at all times. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. life or death situations), or where the law requires information to be passed on.

Sharing of Information

We work with a number of NHS and partner agencies to provide healthcare services to you.

We may also share non-identifiable statistical information with them for the purpose of improving local services, for example understanding how conditions affect our local area compared against other areas.

We may also have to share your information, subject to strict agreements on how it will be used, with the following organisations:

  • NHS Trusts
    • Specialist Trusts
    • Independent Contractors such as dentists, opticians, pharmacists
    • Private Sector Providers
    • Voluntary Sector Providers
    • Ambulance Trusts
    • Clinical Commissioning Groups
    • Social Care Services
    • Local Authorities
    • Education Services
    • Fire and Rescue Services
    • Police
    • Other ‘data processors’
    • Access to personal information

You have a right under the Data Protection Act 1998 to access/view what information we hold about you, and to have it amended or removed should it be inaccurate. This is known as ‘the right of subject access’. If we do hold information about you we will:

  • give you a description of it;
    • tell you why we are holding it;
    • tell you who it could be disclosed to; and
    • let you have a copy of the information in an intelligible form.

If you would like to make a ‘subject access request’, please contact us in writing.

If you would like further information about how we use your information, or if you do not want us to use your information in this way, please contact us.

Keeping Information Secure and Confidential

All staff have contractual obligations of confidentiality, enforceable through disciplinary procedures.

All staff will receive appropriate training on confidentiality of information and staff (who because of their role) have regular access to personal information will have received additional specialist training.

We take relevant organisational and technical measures to make sure the information we hold is secure such as holding information in secure locations, restricting access to information to authorised personnel, protecting personal and confidential information held on equipment such as laptops with encryption.

Each organisation has a senior person responsible for protecting the confidentiality of patient information and enabling appropriate information sharing. This person is called the Caldicott Guardian.

Your Right to Withdraw Consent

At any time you have the right to refuse/withdraw consent to information sharing. The possible consequences will be fully explained to you and could include delays in receiving care.


If you have any questions or concerns regarding the information we hold on you or the use of your information, please contact:

From April 2020

As partner in the Great North Care Record (GNCR), we need to request and share your information from and with other relevant parties who are part of your care and ongoing support network.

Full details of the member organisations of the GNCR, what data may be viewed across the GNCR network, and what are the benefits to being part of the GNCR are available from the GNCR website-

If you objection to being part of the GNCR you can contact the GNCR helpline on 0344 811 9587 and speak to a member of the team. In order to log and process your objection, some basic demographic information will be collected about you. The GNCR always seek to comply with your request, but in some circumstances they may have to use your information to comply with other legal duties.

For independent advice about data protection, privacy and data sharing issues, you can contact:

The Information Commissioner
Wycliffe House, Water Lane
Phone: 0303 123 1113 or 01625 54 57 45

Changes to this Privacy Policy

The GP Practice may amend this policy from time to time. If substantial changes are made to the way in which the Council obtains and uses your personal information the website will show prominently any announcement to this effect.

Comments are closed.