General Dat Protection Regulations (GDPR) May 2018
GDPR came into force on 25th May 2018 and in accordance with these new regulations patients have a right to know how we process, manage and share your personal and sensitive data.
In general terms we need to inform you of:
- The purposes for which we process your information
- Provide you with a description of the data subjects / type of personal data we hold
- Provide you with details on who the various recipients of your data are
- Advise you of how long we need to retain your data
- Advise you of how we will keep your data secure.
All this information and full details can be found in Jubilee Medical Group's Privacy Statement, please see below:
Access to Your Medical Records
Access to Health Records under the General Data Protection Regulations May 2018
The GDPR 2018 gives every living person, or an authorised representative, the right to apply for access to their health records.
Requests can be made:
- In writing (there are application forms available for this should you wish to use one)
- By email
When making your request for access, it would be helpful if you could provide details of the time-periods and aspects of your health record you require (this is optional, but it may help save Practice time and resources in completing your request).
No fee will be normally be charged for supplying your records unless - the request is:
- manifestly unfounded
- repetitive in nature.
Information required to process your request:
The data controller may not be able to easily comply with your access request if they do not have sufficient information to identify you and to locate the information held about you. You may therefore be asked to provide us with identification and asked for specific details about what information you require.
Timescale for completing your request:
Subject access requests will normally be responded to within one month of the date they are received.
However there may be occasions when this timeframe is extended if the request is complex or you have submitted a number of requests.
The maximum extension time is two months. Should we need to extend the time it takes us to respond to your request we will keep you informed and notify you of the reasons for the extension.
If you are using an authorised representative, you need to be aware that in doing so they may gain access to all health records concerning you, which may not all be relevant. If this is a concern, you should inform your representative of what information you wish them to specifically request when they are applying for access.
Your representative will need to provide us with evidence of their entitlement to request information on your behalf.
If you have any complaints about any aspect of your application to obtain access to your health records, you should first discuss this with the practice. If the issues cannot be resolved then you have the right to make a complaint to the Health Service Ombudsman at:
Helpline: 0845 015 4033
Alternatively you can contact the Information Commissioners Office (responsible for governing Data Protection compliance).
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Tel 0303 123 1113 or 01625 545 745 or