Practice Policies & Patient Information

Accessing someone else’s information

As a parent, family member or carer, you may be able to access services for someone else. We call this having proxy access. We can set this up for you if you are both registered with us.

To requests proxy access:

collect a proxy access form from reception from 10am to 6pm

Linked profiles in your NHS account

Once proxy access is set up, you can access the other person’s profile in your NHS account, using the NHS App or website.

The NHS website has information about using linked profiles to access services for someone else.

Chaperone Policy

Childrens Privacy Notice

Complaints and Suggestions

COVID19 Privacy Notice

Data Protection Privacy Notice

General Practices are usually the first point of contact if you have a health problem. They can treat many conditions and give health advice. They also refer patients to hospitals and other medical services for urgent and specialist treatments.

The data we hold may also be used to shape the way we work together to plan service improvements, improve the health and wellbeing of our communities, and take action to prevent illness and disease for individuals as well as wider communities.

The categories of personal information

Dependent on the purpose of processing, different categories of data may be used by the Practice. Data can be categorised using the following terms:

Anonymised data – data where personal identifiable identifiers have been removed. Data protection laws and the Common Law of Confidentiality to do not apply to anonymised data.
Pseudonymised data – data where any information which could be used to identify an individual has been replaced with a fake identifier. Pseudonymised data remains personal data and as such the Common Law Duty of Confidentiality and Data Protection legislation apply and there must be a lawful reason for using such data.
Person identifiable information (or personal data) – any information about an individual from which, either on its own or together with other information, that person may be identified. The Common Law Duty of Confidentiality and Data Protection legislation apply and there must be a lawful reason for using such data.

To find out more about the data processed for each purpose, please click on the links below (The Purpose(s) of Processing).

In addition to the above types of data, some information is considered protected regardless of the purpose of processing; this information does not form part of your shared care record and is not disclosed to any other third parties without your permission unless there are exceptional circumstances, such as if the health and safety of others is at risk or if the law requires us to pass on such information.

The purpose(s) of processing personal data

The Manor Road Surgery – Kent processes data for the following purposes:

Direct Care Privacy notice
Human resource privacy notice
Planning and research privacy notice
Statutory purpose privacy notice
Kent and Medway Care Record Privacy Notices

What is the lawful basis for the sharing?

Each purpose of sharing has its own lawful basis, and these can be found in detail on the associated Privacy Notices above.

Organisations we share your personal information with

Personal Data (including special category data) will only be shared between the general Practice and health and social care organisations that have signed a Joint Controller or Data Processing Agreement. These currently include:

Dartford and Gravesham NHS Trust (D&G)
East Kent Hospitals University NHS Foundation Trust (EKHUFT)
Medway Maritime Hospital – Medway NHS Foundation Trust (MFT)
Maidstone and Tunbridge Wells NHS Trust (MTW)
Kent and Medway Partnership NHS and Social Care Partnership Trust (KMPT)
North East London Foundation Trust (NELFT)
Kent Community Health NHS Foundation Trust (KCHFT)
HCRG Care Group Limited
Medway Community Healthcare (MCH)
South East Coast Ambulance Service (SECAmb)
Integrated Care 24 (IC24)
Out of hours providers (currently IC24, SECAmb, MCH and KCC Children’s Services)
NHS Kent and Medway
Kent County Council (children and adults social care departments) (KCC)
Medway Council (children and adults social care departments) (MWC)
GP federations.
Other Practice’s that form the Tunbridge Wells Primary Care Network
NHS Commissioning Support Units
Independent Contractors such as dentists, opticians, pharmacists
Private Sector Providers
Voluntary Sector Providers
Health care partnerships
Other Primary Care networks that we work in partnership with Tonbridge
Mental Health providers
Community trusts
Kent County Council/Medway council Social Care Services
NHS England
Local Authorities
School Nurse
Police & Judicial Services

How long do we keep your record?

The Practice maintains your records in accordance with the NHS Records Management Code of Practice 2021.

How we keep your personal information safe and secure

To protect personal and special category data, we make sure the information we hold is kept in secure locations and access to information is restricted to authorised personnel only.

Our appropriate technical and security measures include:

all employees and contractors who are involved in the processing of personal data are suitably trained, on an annual basis, in maintaining the confidentiality and security of the personal data and are under contractual or statutory obligations of confidentiality concerning the personal data.
robust policies and procedures for example password protection
technical security measures to prevent unauthorised access
use of ‘user access authentication’ mechanisms to make sure all instances of access to any personal data held on clinical systems are auditable against an individual, such as role-based access and Smartcard use to make sure appropriate and authorised access reminding staff of their responsibilities in complying with data protection legislation
encrypting information transmitted between partners
implementing and maintaining business continuity, disaster recovery and other relevant policies and procedures · completion of the Data Security and Protection Toolkit (DSPT) an annual self-assessment requirement that ensure organisation are compliant with the latest data protection and cyber requirements.
regular audit of policies and procedures to ensure adherence against these criteria

The NHS Digital Code of Practice on Confidential Information applies to all staff who access clinical systems. They are required to protect your information, inform you of how your information will be used, and allow you to decide if and how your information can be shared.

What are your rights?

Under data protection legislation, you have the right:

to be informed of the uses of your data: this enables you to be informed how your data is processed
of access: this enables you to have sight of or receive a copy of the personal information held about you and to check the lawful processing of it
to rectification: this enables you to have any incomplete or inaccurate information held about you corrected
to erasure: this enables you to request we erase personal data about you we hold. This is not an absolute right, and depending on the legal basis that applies, we may have overriding lawful grounds to continue to process your data
to restrict processing: this enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it
to data portability: this enables you to transfer your electronic personal information to another party, where appropriate.
to object: this enables you to object to processing of personal data about you on grounds relating to your situation. The right is not absolute, and we may continue to use the data if we can demonstrate compelling legitimate grounds.
in relation to automated decision making and profiling: this enables you to be told if your data is being processed using automated software in relation to automated decision making and profiling note: No automated decision making or profiling is undertaken by the Practice.

Please note not all these rights are absolute, please see our ROPA for more details

If you wish to exercise your rights in any of the ways described above, you should in the first instance contact Kingswood surgery, [email protected].

Right to complain

You can get further advice or report a concern directly to [email protected]

Our Data Protection Officer function is provided by NHS Kent and Medway who can be contacted via email [email protected].

You also have the right to contact the UK’s data protection supervisory authority (Information Commissioner’s Office) by:

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Phone: 0303 123 1113 (local rate) or 01625 545745 (national rate)
Email: https://ico.org.uk/concerns/handling/
Information about the way in which the NHS uses personal information and your rights is published by NHS Digital.

The NHS Constitution

The constitution establishes the principles and values of the NHS in England. It sets out the rights patients, the public and staff are entitled to. These rights cover how patients access health services, the quality of care you will receive, the treatments and programmes available to you, confidentiality, information and your right to complain, if things go wrong.

NHS England NHS England collects health information from the records health and social care providers keep about the care and treatment they give, to promote health or support improvements in the delivery of care services in England.

Reviews of and changes to this privacy notice

We will review the information contained within this notice regularly and update it as required. We therefore recommend you check this webpage regularly to remain informed about the way in which we use your information.

GDPR

The General Data Protection Regulation affects any organisation that collects and keeps data about their customers or in our case, patients. We value the confidentiality of our patients and want to be clear about the data we collect, how we use it and your rights to control that information. The GDPR is a set of laws passed in the European Union and which come into effect from 25.5.18. At that date, we have to have an action plan in place to ensure we are working towards meeting all of these standards. We already do a lot of work involving Information Governance due to the nature of the information we keep about our patients so a lot of this is just building on what we have in place already.

If you would like to know anything about how we collect, keep and share your data, we will be happy to provide you with more information. Please keep an eye on our website and in reception where the updated privacy notices will be available to view.

GP Earnings

All GP practices are required to declare the mean earnings (e.g. average pay) for GPs working to deliver NHS services to patients at each practice. However, it should be noted that the prescribed method for calculating earnings is potentially misleading because it takes no account of how much time doctors spend working in the practice and should not be used to for any judgement about GP earnings, nor to make any comparisons with other practices.

The average pay for GPs working at Manor Road Surgery in the last financial year was £76,493 before tax and national insurance. This is for 1 full time GP and 1 part time GP who worked in the practice for over 6 months.

Making a Formal Complaint

Most issues can be sorted out quickly and easily, often at the time they happen and with the person involved. This may be what you try first.

If you cannot resolve the issue this way, you can make a formal complaint.

Get advice before you start

Before you make your complaint, you can get free, confidential advice from your local Healthwatch team.

Who can make a complaint

If you’re a registered patient you can make a complaint about your own care.

You can complain on behalf of someone else if you have their written consent.

When to make a complaint

It’s best to make a formal complaint within a few days of the incident. This makes it easier to confirm what happened.

If that’s not possible, you should make the complaint within 12 months of the incident, or of you discovering the problem.

How to make a complaint

You can either:

get a complaint form from the practice reception
write your own letter

If you write your own letter, you need to include:

your full name
your date of birth
the GP practice you’re registered with
details of the incident, including dates, times and names of people involved, if you know them

Send your complaint to the surgery. You can send it by email or post.

See our contact details

What happens next

We’ll let you know we’ve received your complaint within 3 working days.

Within 30 working days we may:

reply to you in writing
invite you to meet with the people involved, if you want

If it’s likely to take longer than 30 working days we’ll let you know, and we’ll update you as things change.

What we look at

We look at:

what happened and why
how we can help you talk to the people involved, if you want
what we can learn

If more than one organisation is involved

Other organisations might be involved, for example social services. If so, we’ll talk to them and you’ll receive one coordinated reply. We may need your consent to do this.

If your complaint gets sent to the wrong organisation to begin with, we may ask for your consent to forward it to the right place.

Outcome

We’ll write to tell you the outcome of your complaint.

We’ll also explain how to escalate the issue if you’re not happy with the outcome.

If you’re unhappy with the outcome

If you’re unhappy with the outcome, you can contact the Health Service Ombudsman. They may be able to look further into your complaint.

Get advice if you’re unhappy with the outcome

Contact the Patient Advice and Liaison Service (PALS) to get free, confidential advice. You can find your nearest PALS office on the NHS website.

Complain on behalf of someone else

To complain for someone else, you need their written consent. They need to confirm that they:

are unhappy with their treatment
allow the practice to deal with someone else about the issue

We cannot discuss the issue with you until the patient gives their written consent.

We may also still need to talk directly with the patient.

How to complain on behalf of someone else

Ask at the practice reception for the complaints form. The patient needs to sign this to give their consent.

If the patient cannot give consent

If the patient cannot give consent because of illness or an accident, it might still be possible to deal with the complaint for them. Please write a letter which gives precise details of why they cannot give consent.

Confidentiality

This process is in place because we keep to strict rules of medical and personal confidentiality.

NHS App Privacy Policy

NHS Diabetes Prevention Programme Privacy Notice

Online Access Policy

EMIS Patient Online Access is a service available to patients so that they can book G.P appointments and request repeat medication via the internet at home. Patients can also see some aspects of their medical record as well as booking appointments and ordering prescriptions.

To use the internet appointment booking and prescription requesting facility you need to register on the following website www.patient.co.uk. The information you enter enables the system to check your identity. You also enter a password and security information that no-one else will know.

To register on the above website you can go directly on to it to register for an account by following the instructions on the screens shown when accessing the site. Alternatively, you can come into the surgery and get a form from us to enable you to register on the site once you get home.

Once you have registered for an online account you will need to bring 2 forms of ID (preferably 1 photo ID if you have it, plus something with your current address on it) into the surgery to enable us to verify your identity and accept you on to our system for this service. You can opt for just having prescriptions and medication if you wish a family member to order your medication and book appointments, without them being able to see other aspects of your medical record.

Our Aim

Our practice aims to offer you continuity of care with Dr Ford. Dr. Ford provides a caring service and considers patient care to be our top priority, ensuring patients feel at ease when visiting their G.P.

We have a team of excellent Nurses who have long standing experience and each specialise in different aspects of the job. We have a close knit team and our receptionists are willing to offer help and advice in any way they can.

Personal Data

Confidential information from your medical records can be used by the NHS to improve the services offered so we can provide the best possible care for everyone. Please see the below Poster, Patient Information Leaflet and further information regarding this, as you do have a choice whether your data is used in this way.

Please Click Here to View Our Surgery HSCIC Poster

Please Click Here to View Our Surgery HSCIC Leaflet

Privacy Notices