GP, IT Lead, IG Lead, FOI Lead at The Oaklands Practice
sorry, that prevents PATIENTS *registering* at another local practice!
They can't possibly do that.
The CCG could facilitate a "ban" in all but name by permitting all local practices to close their lists. That effectively prevents practices *registering* at another local practice.
Funding a DPO won't help with costs (time/money). The DPO role is advisory only, it remains the obligation of the data controller - the practice - to do the donkey work for SARs, DPIAs, privacy notices, assessing new data sharing etc etc.
Fund the work that the IG lead for the practice has to do is another matter, but throwing money at the practice won't help the fact that GPs are spending an increasing amount of time away from direct patient care dealing with SARs etc - no amount of money will help if they can't get locums to cover.
We do the same. Patient *always* collects the SAR.
We can't (usually) charge - all we can do is limit the cost to us, and put up private fees elsewhere to compensate.
I do hope that anyone who receives such an email will complain to the ICO
What's the difference between askMyGP and other e-consultation platforms (such as E-Consult)?
No, the GP practice remains the data controller I believe - data is viewed in real-time (streamed), not extracted and uploaded to a central data repository, so does not leave the GP records database as such. Practices can turn this on and off at will via EMIS web
Promoting the NHS App via text is direct marketing...
Good luck recruiting 120 GPs to the area...
We all have data privacy rights.
Patients AND doctors.
No - this would be a request under a different Act
See Paul Cundy's other article
To correct some factual inaccuracies:
"Patients will also have the power to request their information is moved or deleted"
The right to data portability (I think that is what you are referring to) does not apply to GP records - it only applies "where the processing is based on the individual’s consent or for the performance of a contract". For GP records, we do not rely upon consent, and we do nto have a contract with the patient.
The right to erasure does not apply if processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority - Article 6(1)(e); which is the legal basis that we are relying upon for our GP records. Patients have the right to rectification, but not to their records being "deleted".
Thank you for everything Nigel, best of luck for the future.
No, the practice is the data controller.
The server is in Leeds (for example) and the system supplier hosts the surgery database - in doing so, is a data processor.
The system supplier cannot do anything with the patient records without the data controller's permission/instruction.
Does that link to the paper work?
The GP practice is the data controller in law, undisputedly.
Clinical system suppliers, eg EMIS, act as data processors, holding our patient's data, on their servers, on our behalf. We control it, so we are the data controllers.
The SoS might "own" the records but, until patients die, the Lloyd George notes are under our control and the *electronic* GP record is too (even after the patient dies).
All the more reason to encourage patients to have secure online access to their full GP record
Technically the GP practice is not breaking any rules.
Patients will be deregistered from their usual GP practice but registered with the “GP at Hand” practice (which is I believe an existing GMS practice) as an “out-of-area” patient.
( https://www.bma.org.uk/advice/employment/gp-practices/service-provision/out-of-area-registered-patients )
Such patients are not entitled to home visits should they be too unwell to come to the surgery. Not sure who would see them during core hours, but the GP visiting would not have access to their full GP record...
If they need to be seen they will have to attend one of these satellite clinics - I assume (but I'm not sure) that the consulting GP does have access to the full GP record.
If this practice does have fully registered GMS patients as well, I wonder if they offer this service to those patients - or is this "benefit" only for the OOA patients that they poach from other practices?
GP at Hand also retains the right to remove them from their list as soon as they become “too complex” (e.g. pregnant). They will be deregistered and will have to sign up to another practice (or back with their previous one I imagine).
The IG lead for any practice is really going to have his/her hands full come next April - this, DPBill, GDPR....
Phone calls are just another way of communicating with patients, particularly those who find it difficult coming to the surgery, or carers etc. They are a preferable alternative to a face to face consultation where one is not needed, especially for admin-related stuff, but they do not reduce total workload.
I offer plenty of telephone appts, but my surgeries always get filled up anyway.