We use cookies to help provide you with the best possible online experience.
By using this site, you agree that we may store and access cookies on your device. Cookie policy.
Cookie settings.
Functional Cookies
Functional Cookies are enabled by default at all times so that we can save your preferences for cookie settings and ensure site works and delivers best experience.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
General Data Protection Regulations
Ball Tree Surgery is a Data Controller
We hold personal medical information about all our patients. We do so with a 'lawful basis'. Full information can be found elsewhere in our Policies section. We are required to have this detailed information available for our patients to see, however a summary of the key points is in plain English text for those that don't want to read the 'small print'.
We have a responsibility to protect your data under the General Data Protection Regulations. Your information is treated confidentially. All staff and contractors working at the surgery are subject to a confidentiality policy. We are obliged to process your data fairly and responsibly. Keeping your medical records confidential is important as you need to know that you can trust us with our data.
Keeping Your Information Safe!
Why we collect information about you:
We aim to provide you with the highest quality of care. To do this we need access to your medical records. We keep care plans to monitor and improve your daily care.
How we keep your personal information safe:
We have a duty to:
- Maintain full and accurate records of the care we provide;
- Keep records about you confidential, secure and accurate;
- Provide information in a format that is accessible to you (e.g. in large type if you are partially sighted).
We will not share information that identifies you for any reason, unless:
- You ask us to do so;
- We ask and you give us specific permission;
- We have to do this by law;
- We have special permission for health or research purposes.
Your records may be stored on paper or on the computer. We have robust policies in place to protect them. This is outlined in our Data Security Policy.
Please speak to us if you have any concerns.
These records may include:
- Basic details e.g. your address, date of birth, next of kin etc.;
- Notes and reports about your health;
- Details and records about your treatment and care;
- Information from people who care for you and know you well, such as care professionals and relatives.
We use these records to:
- Provide a good basis for all health and care decisions;
- Make sure your care is safe and effective; and
- Work with others providing you with care.
Sharing your information:
To share your information we must have a lawful reason to do so. Generally this is because we have a legal obligation.
We may securely share your information with:
- Social Services
- Health and Care professionals
- The Local Authority
- Your GP
- Your family or representative (with your permission).
They may need to use your records to:
- Provide care;
- Check the quality of your care;
- Protect the health of the general public;
- Manage social care services;
- Help investigate any concerns or
complaints you or your family have about your care.
Anyone who receives information from us also has a legal duty to keep it confidential.
How you can help us:
Keep your information up to date.
- Always tell us if you change your address, telephone, mobile or email address
- Use a personal mobile telephone number
- Use a personal email address e.g. john.smith@gmail.com rather than johnandjane@gmail.com
Your rights:
We promise you that we will:
- Discuss and agree what we record about you;
- Give you access to your records;
- Keep you informed about, and ensure that you have input into, your care plan.
You have specific rights under the Data Protection Act 2018, the Human Rights Act 1998 and the common-law duty of confidentiality. The Disability Discrimination and the Race Relations Acts may also apply.
You have the right to ask for a copy of all records about you. If you think anything is inaccurate, please let us know.
We are committed to being transparent and accountable for how we use your information. If you have any concerns or questions please contact us.
We also have a responsible to let you know how you can expect your data will be used and shared
We have limitations within our clinical systems, however for the majority of our uses and sharing of data we will aim to record your consent either verbally or in writing before we share any of your data where it is outside of the usual processing required for providing you with GP or Primary Care services. The usual processes will include our standard practice to share (such as a hospital referral) or where it would be in your best interests for us to share (where there has been an emergency). It is our responsibility to share only what is necessary.
To provide you with General Practice services we will collect, use and share your data in the following ways:
- Personal data - So that we can know a bit about you and are able contact you by phone, email, text, Apps, and letters (address / data of birth / NHS Number / next of kin / family situation / communication needs)
- Sensitive personal data - As part of your registration with Ball Tree we imply that for your consent to collect and pass on relevant clinical information to other professional staff involved in your direct care. This means that you are consenting for us to send information about you and your medical history to external agencies to support clinical and social referrals and to help you access and benefit from external services. (medical records / medical history / appointments and visits / details of treatments and medications / clinical results from tests and scans) We can do this under the GDPR legislation to support your healthcare.
- Send information about you and your medical history to other NHS organisations and pharmacies for clinical, research and statistical requirements (some of this may well be anonymous). (Prescriptions go to pharmacies / samples are sent by courier to pathology laboratories / medical notes are sent via NHS England between surgeries and via courier to our secure storage facility / reports are sent to coroners offices / information is sent to hospitals to support care / information is shared with out of hours providers and ambulance service where appropriate to support your care)
- Within the practice we process your data in order to provide information to NHS England and the CCG. This is usually anonymised audit data to ensure quality of service and to evidence work for payments. We also process data to 'case find' so that we can target people with various conditions to be invited to come in for regular reviews to support their health and well-being. For example to come for a Diabetes review or to see if additional support is needed via the local pro-active care and frailty programmes.
- We take part in the NHS Adur Research Programme for Public Benefit and therefore, with your consent, your data may be included in research projects. (You will always be asked about taking part in research projects).
- NHS National Research including 'Clinical Practice Research Datalink' and 'QResearch' is also active at Ball Tree. Data for this research is anonymous which means that no one knows which individuals are contributing. We are governed by laws overseeing how data is used in this context for your protection.
- We are also obliged to comply with various laws that require our computers to send data to the national Health and Social Care Information Centre (NHS Digital). This is as directed by the Secretary of State for Health. Only when there is a legal basis for the transfer of data we may pass limited and relevant information to other NHS organisations to improve the efficient management of the NHS or to aid medical research.
Examples of organisations where we may need to send your information include:
- Hospitals - to provide information to support 'Secondary Care'
- County Council - to provide information to support access to their health and wellbeing services
- Sussex Community Foundation NHS Trust - to provide information to support District Nursing and Community Care - including Proactive Care
- Sussex Partnership Trust - to provide information to help with mental health
- Coastal West Sussex CCG and Emergency Services - If there is a large scale emergency incident a list of vulnerable people may need to be identified (People that are housebound / nursing homes / significantly frail). In this instance where harm could come otherwise - limited data will be shared for protection.
- Sussex Ambulance - SECAMB
- Out of Hours Services - IC24
- Share My Care - who provide information to out of hours and emergency services
- IBIS - who provide information to emergency services
- Innovations in Primary Care - MIAMI appointments and clinical services - Extended Hours and specialist clinics
- Other GP Practices - where you may be a temporary resident or receiving a particular service
- Pharmacists - on your paper or electronic prescriptions and also if we have a phone query - this is part of your direct clinical care.
From the 25th May 2018 we will no longer be charging for access to medical records to comply with the new legislation - General Data Protection Regulations. Please be aware however that it costs us far more than you would likely imagine to be able to provide you with your records. You have access to your Summary Care Record via Online Services already - for FREE. If you complete the forms for FULL ACCESS you can also see more information - this is also FREE - however due to the complex and numerous rules that the NHS imposes upon us before we are allowed to give you access it will take us significant time to process your requests and make these available to you. It costs us hundreds of pounds to process every request.
A better solution... quicker for you and for us
If you are concerned about any aspect of your records please do come and have a chat to us and we can answer specific questions to help you. We can quickly search your records for the information you are looking for and print out the relevant parts for you. This is likely to be a better solution for all - and we are very happy to be open with you and share information with you about your records within the NHS Guidance in which we are required to operate. Under GDPR this is called a 'negotiated subject access request'.
To request your records you will need to complete a form - please talk to our reception team about this.
For your information
Your DIGITAL records are held on the internet on a 'cloud-based' IT system called EMIS Web
Your PAPER records are held in storage in Stanstead off-site in secure storage by a company called CAS Digital and Achive Document Storage
Your PAPER records whilst in transit are processed by Primary Care Support England which is actually a private company called CAPITA
SMS text messages are sent via AccuRX
SMS text messages are sent via iPlato
SMS text messages are sent via EMIS Web
SMS text messages are sent via NHS Secure email
EMAIL message are sent via NHS Secure email
Our Data Protection Officer
Is whoever is the current post-holder of GP Information Governance (IG) Manager and Data Protection Officer (DPO) for NHS South Central and West hosted by SCW Commissioning Support Unit