About your data – How do we use your medical records?

What is GDPR?

The General Data Protection Regulation (GDPR) is the latest update to the Data Protection Act 1998 regulation and will apply from 25th May 2018. The legislation strengthens existing requirements, introduces new concepts and imposes greater emphasis on demonstrating compliance and significantly greater penalties for wrongdoings.

What are your rights?

Your fundamental rights have not changed, but they have been enhanced. As an individual you have the right to:

  • Know what data is collected about you, what it is used for, how long it will be kept and who it is shared with
  • Access your personal data
  • Request that inaccurate data about you is corrected or that incomplete data is completed
  • Ask for personal data held about you to be removed from your records (This is likely to exclude information that is necessary to your care)
  • Restrict processing of your personal data which means you can limit how your data is used by us
  • Data portability (this is new) – allows individuals to obtain and reuse their personal data for their own purposes across different services (ICO, no date)
  • Object to the processing or use of your personal data
  • To not be subject to automated decision-making including profiling

More information about your rights can be found on the Information Commissioner’s Office (ICO) website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Please note that the practice does not assume any responsibility for the information detailed on the ICO website.

Our duty

Our duty as a data controller is to share with you how we intend to use your information. This intention is detailed within a privacy notice that is available in the Surgery as well as here. Please see the resources below.

Data Protection Officer (DPO)

A DPO is a designated individual who takes responsibility for data protection and compliance. Our identified DPO is:

Lucy Hunt

Senior IG Consultant and DPO – NHS CSU

Please contact via the practice

Email: bnssg.severnview.reception@nhs.net

Our Privacy Notices

We outsource our Medical Reports to iGPR. For enquiries please contact – 01527570005 any time between 9am-5pm or complete a contact form via their website-www.igpr.co.uk/contact

Last updated: 09/01/2024


Information Commissioner’s Office (no date.) ‘Right to Data Portability’. Available at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-data-portability/ [Accessed: 13 June 2018]


Following on from recent news and social media speculation about NHS Digital and data sharing as a number of posts are circulating on social media about the national data opt-out, containing incorrect information. We thought it may be helpful to provide some key information to help you with your decision making if you are thinking of opting out of sharing any of your data.

Understanding the national data opt-out – NHS Digital

Although information about your health and care does help the NHS to improve your individual care, speed up diagnosis, plan your local services and research new treatments, you still have the option to decline sharing data that goes beyond the provision of your direct care.

✅ Have a look at our Privacy Notice which explains what we do with your data and who we share it with

✅ There is also a great webpage from NHS Digital with FAQs and mythbusting.

We do not:

  • sell health and care data
  • share data with marketing and insurance companies

Please see the ICO webpage for more information about your rights Your data matters | ICO

GP health record – NHS App help and support – NHS (www.nhs.uk)

Please click the link above for the latest guidance on how to access the NHS APP and its capabilities/access rights.

 Consult with us online!