No information will be released without the patients’ consent unless we are legally obliged to do so.

Online access to your Medical Care Record

As from 1st April 2016, patients have been able to access additional information in their medical record on line if they wish. In the same way that you can go on line & access basic details such as your repeat medications & allergies, order repeat medication, book an appointment; you will be able to register to access more detailed parts of your medical record.

If you wish to access any online services, please contact reception & they will give you a form to complete, giving the practice authority to set this up. Even if you already book appointments & order repeat medication, you will still need to let reception know that you would also like to be able to view your summary care record. At the moment you must be 16 years or over & will need to complete a consent form giving authorisation for this. This is being reviewed, so if you are under 16 and interested in using online services, please speak to a member of staff.

There is a leaflet available on reception if you would like to read more about this service.

Once you are up & running instead of logging on through our web page, you can log-on directly.

What is the purpose of this page?

As we are committed to the safety of our staff, patients, and visitors we use a closed-circuit television system (“CCTV”) at our surgery. The purpose of this document is to set out how the CCTV system will be managed and used by the practice and to inform individuals, whose personal data may be captured on the CCTV system, about how and why that personal data may be processed by the surgery.

Who collects the information?

The partners at Friary House Surgery are the data controllers of personal information collected about you. This means that we are responsible for deciding how we hold and use personal information about you and that we are required to notify you of the information contained in this Notice. It is important that you read this Notice so that you are aware of how and why we are using your personal information and how we will treat it.

Compliance

The surgery is aware that images of recognisable individuals, such as staff, patients, and visitors, captured by the CCTV system constitute ‘personal data’, use of which is governed by data protection law.

The surgery will ensure that its use of the CCTV system and the personal data that it captures complies with the law.

This document has been drafted in accordance with the Information Commissioner’s Office (ICO) CCTV Code of Practice and the Home Office Surveillance Camera Code of Practice. Copies of these codes can be found at www.ico.org.uk and www.gov.uk/government/publications/surveillance-camera-code-of-practice respectively.

Purpose of the CCTV system

The purpose of the CCTV system is:

• To increase the personal safety of our staff patients and visitors to our surgery.
• To assist in identifying, apprehending, and prosecuting any offenders on surgery premises.
• To protect the surgery building and assets and those of its staff from intrusion, theft, vandalism, damage, or disruption.

The legal basis for the surgeries use of any personal data which is captured by the CCTV system is that the processing is necessary for the carrying out of a Task in the public interest. The surgery may also need to use this personal data to establish, exercise or defend against legal claims.

Operation

CCTV cameras are located at strategic points on our premises, primarily access points, such as the entrances to the surgery and in the reception area, CCTV cameras are not placed in any clinical areas. Signs are displayed prominently around the building to inform staff and visitors that CCTV cameras are in operation and who to contact for further information.

The cameras are in operation 24 hours a day, 7 days a week and record the images taken. The system is not monitored but may be viewed in the case of an incident occurring, requiring such a viewing.

The CCTV system is regularly maintained in accordance with the manufacturer’s instructions.

Security

Physical protective measures: The CCTV system is kept in the locked server room.

Technical protective measures: Access to the system is by way of password protection and only senior management staff has the necessary access to the system. All access to the CCTV system is logged.

We have put in place procedures to deal with any suspected personal data breach and will notify any affected individuals and/or the ICO where appropriate.

Access and disclosure

Access to recorded CCTV footage is restricted to a limited number of senior staff as authorised by the Managing Partner from time to time (“Authorised Persons”) and all requests for disclosure of CCTV footage must be submitted to one of these Authorised Persons.

CCTV footage may only be accessed or disclosed to the extent necessary in order to deal with an incident which falls within the purpose identified above or in order to respond to a request made by an individual under the law (see further below).  CCTV footage will not be accessed or used for any other purpose.

CCTV footage will be viewed in a secure office and any access to and any disclosures of recorded footage will be recorded in the CCTV log.  This process is overseen by the Managing Partner and as appropriate, with reference to the Data Protection Officer.

External disclosure of CCTV footage will usually not be permitted other than to law enforcement agencies or to regulators, or in order to comply with a court order. CCTV footage will not be uploaded to the internet.

Training

All staff who may be involved in the management or operation of the CCTV system will be trained in how to comply with this document and to ensure that the system is used in accordance with the law.

Information retention

The images captured by the CCTV System will not be stored for any longer than is required in order to achieve the purposes identified above. CCTV footage will automatically be deleted on a 30-day rolling basis, unless specific images are required in order to deal with an incident or in order to respond to a request by an individual made under the law (see further below).

Data subject’s rights

The GDPR provides the following rights for individuals:

• The right to be informed
  The right to be informed covers some of the key transparency requirements of the GDPR. It is about providing individuals with clear and concise information about what you do with their personal data. These details are contained in the Privacy Notice published online and in hard copy.
• The right of access
  See section below
• The right to rectification
  The right to have erroneous data corrected or removed.
• The right to erasure
• The right to restrict processing
  This is the right to prevent data from being processed in a certain way.
• The right to data portability
  The right to have one’s personal data prepared in a format to allow the data subject to use it for another purpose
• The right to object
  Article 21 of the GDPR gives individuals the right to object to the processing of their personal data. This effectively allows individuals to ask you to stop processing their personal data.
• Rights in relation to automated decision making and profiling.

Changes to this privacy notice

We reserve the right to update this Notice at any time, and we will provide you with a new Notice when we make any material updates. We may also notify you in other ways from time to time about the processing of your personal information.

Contacting us

Any queries or complaints about the CCTV system should be addressed to the Alison Shelton, Managing Partner, Friary House Surgery, 2a Beaumont Road, St Judes, Plymouth. Devon PL4 9BH. Or telephone (01752) 663138.

Updated: March 2022.

During some types of treatment or examination your clinician may have a nurse or healthcare assistant working with them. There may be times when they might not need to have a clinical member of staff with them, but would like to use a chaperone for your comfort. If this is not offered but you feel at any time during your appointment that you would like to have this service, please ask your clinician at any time during your appointment.

The practice complies with data protection & access to medical records legislation. Identifiable information about you will be shared with others in the following circumstances;

To provide further medical treatment for you e.g. from district nurses & hospital services. To help you get other services e.g. from the social work department. This requires your consent.

When we have a duty to others e.g. in child protection cases.

Anonymised patient information will also be used at local & national level to help the Health Board & Government plan services e.g. for diabetic care.

If you do not wish anonymous information about you to be used in such a way, please let us know. Reception & administration staff require access to your medical records in order to do their jobs. The members of staff are bound by the same rules of confidentiality as the clinical staff.

Information about the general practitioners and the practice required for disclosure under the Freedom of Information Act can be made available to the public.

All requests for such information should be made to the practice manager.

The General Data Protection Regulations (GDPR) and the Data Protection Act 2018 now regulate more clearly how we as a practice handle your personal data. In order to be totally transparent we have published on our web page our relevant data protection policies. These policies outline how we deal with your data in our surgery.

• Data Protection Policy
• Information Governance Policy
• GDPR Policy
• Patient Privacy Notice (Temporary Covid Version)
• Practice Privacy Notice
• CCTV Monitoring Policy
• CCTV Privacy Notice

All GP practices are required to declare the mean net earnings (eg. Average pay) for GPs working to deliver NHS services to patients at each practice. This is required in the interests of the greater public accountability recognising GP pay is ultimately funded from tax paid by the public.

The average pay for GPs working in Friary House Surgery in the last financial year was £64,787 before tax and national insurance. This is for 1 full time GP, 6 part time GPs and 1 locum GP who worked in the practice for more than 6 months.

The Royal College of General Practitioners has produced a useful guide for patients about the services on offer at GP Surgeries and how to access them. You can download the guide below.

• A Patient Guide to GP Services

Privacy Notice for GP Practices

There is a new Central NHS Computer System called the Summary Care Record (SCR). It is an electronic record which contains information about the medicines you take, allergies you suffer from and any bad reactions to medicines you have had.

Why do I need a Summary Care Record?

Storing information in one place makes it easier for healthcare staff to treat you in an emergency, or when your GP practice is closed.

This information could make a difference to how a doctor decides to care for you, for example, which medicines they choose to prescribe for you.

You can also have an ‘Including additional information’ or ‘Enriched Summary Care Records’; this is where a a patient consents to including additional information in their SCR, the GP can add it simply by changing the consent status on the clinical system. This means more information will be available to health and care staff viewing the SCR. It will then be automatically updated when the GP record is updated. This is a quick, cost-effective way to:

• Improve the flow of information across the health and care system
• Increase safety and efficiency
• Improve care
• Respond to particular challenges such as winter pressures

It’s particularly useful for people with complex or long term conditions, or patients reaching end of life.

Who can see it?

Only healthcare staff involved in your care can see your Summary Care Record.

How do I know if I have one?

Over half of the population of England now have a Summary Care Record. You can find out by asking your practice.

Do I have to have one?

No, it is not compulsory. If you choose to opt out of the scheme, then you will need to complete and submit our online form.

More Information

For further information visit the HSCIC Website.

The NHS operate a zero tolerance policy with regard to violence & abuse & the practice has the right to remove violent patients from the list with immediate effect in order to safeguard practice staff, patients & other persons. Violence in this context includes actual or threatened physical violence or verbal abuse which leads to a fear for a person’s safety. In this situation we will notify the patient in writing of their removal form the list & record in the patient’s medical records the fact of the removal & the circumstances leading to it.