All Polices

Freedom of Information

The Freedom of Information Act creates a right of access to recorded information and obliges a public authority to:

  • Have a publication scheme in place
  • Allow public access to information held by public authorities.

The Act covers any recorded organisational information such as reports, policies or strategies, that is held by a public authority in England, Wales and Northern Ireland, and by UK-wide public authorities based in Scotland, however it does not cover personal information such as patient records which are covered by the Data Protection Act.

Public authorities include government departments, local authorities, the NHS, state schools and police forces.

The Act is enforced by the Information Commissioner who regulates both the Freedom of Information Act and the Data Protection Act.

The Surgery publication scheme

A publication scheme requires an authority to make information available to the public as part of its normal business activities. The scheme lists information under seven broad classes, which are:

  • who we are and what we do
  • what we spend and how we spend it
  • what our priorities are and how we are doing it
  • how we make decisions
  • our policies and procedures
  • lists and registers
  • the services we offer

You can request our publication scheme leaflet at the surgery.

Who can Request Information?

Under the Act, any individual, anywhere in the world, is able to make a request to a practice for information. An applicant is entitled to be informed in writing, by the practice, whether the practice holds information of the description specified in the request and if that is the case, have the information communicated to him.

An individual can request information, regardless of whether he/she is the subject of the information or affected by its use.

How Should Requests be Made?

Requests must:

  • be made in writing (this can be electronically e.g. email/fax)
  • state the name of the applicant and an address for correspondence
  • describe the information requested.

What Cannot be Requested?

Personal data about staff and patients covered under Data Protection Act.

For more information see these websites:

Confidentiality

What do we Record?

Information about you, your medical treatment, and family background may be recorded, either on paper or in computer files, as part of providing you with health services. This information is vital to the proper operation of the NHS, and is needed to give you and others the best possible healthcare.

What you can do?

Please read the rest of this notice in order to better understand how we use medical information about you. For further details please see information leaflet entitled “Your Information” displayed in the Practice or ask receptionist for details.

Other Agencies

The NHS is not the only government service to provide you with care, and it will be necessary for us to provide other agencies with appropriate information, but only with your consent (or that of your relatives if you are too ill).

How do we Protect Your Information?

The sensitivity of patient information is well understood within the NHS. All staff and contractors are trained to respect their duty of confidentiality to you. We keep paper and electronic records securely to prevent unauthorised access or misuse. Wherever practicable, we also remove references to personal details such as your name and address, and often restrict it further to reduce the chances of anyone identifying a record as relating to you.

Other Questions?

You can have a say in how the NHS uses information about you. If you want to find out more or have any concerns you can phone NHS Direct on 0845 4647 and request a booklet giving more details; go online at www.nhs.uk\confidentiality; or you can contact the Patient Liaison Team at the following address: Bromley PCT, Bassetts House, Broadwater Gardens, Orpington, Kent BR6 7UA. Tel. No. 01689 853339

Freedom of Information

The ICO has published a new Model Publication Scheme that all public authorities are required to adopt by 1st January 2009.

How information about you helps us to provide better care.

Confidential information from your medical records can be used by the NHS to improve the services offered so we can provide the best possible care for everyone. This information along with your postcode and NHS number  but not your name, are sent to a secure system where it can be linked with other health information.

This allows those planning NHS services or carrying out medical research to use information from different parts of the NHS in a way which does not identify you. You have a choice. If you are happy for your information to be used in this way you do not have to do anything.

If you have any concerns or wish to prevent this from happening, please see the leaflet “How information about you helps us to provide better care” in the waiting Room.

Useful Websites

Chaperones

The Surgery prides itself in maintaining professional standards. For certain examinations during consultations an impartial observer (a “Chaperone”) will be required.

This impartial observer will be a practice Nurse, Health Care Assistant or a member of our reception team who is familiar with the procedure and be available to reassure and raise any concerns on your behalf. If a nurse in unavailable at the time of your consultation then your examination may be rescheduled for another time.

You are free to decline any examination or chose an alternative examiner or chaperone. You may also request a chaperone for any examination or consultation if one is not offered to you. The GP may not undertake an examination if a chaperone is declined.

The role of a Chaperone:

  •  Maintains professional boundaries during intimate examinations.
  • Acknowledges a patient’s vulnerability.
  • Provides emotional comfort and reassurance.
  • Assists in the examination.
  • Assists with undressing patients, if required.

GP Earnings

NHS England require that the net earnings of doctors engaged in the practice is published and the required disclosure is shown below. However, it should be noted that the prescribed method for calculating earnings is potentially misleading because it takes no account of how much time doctors spend working in the practice and should not be used to form any judgement about GP earnings, nor to make any comparisons with any other practice.

All GP practices are required to declare the mean earnings (e.g. average pay) for GPs working to deliver NHS services to patients at each practice.

The average pay for GPs working for six months or more in Oakfield Surgery in the last financial year was £99,728 before tax and National Insurance. This is for 2 full time GPs.

General Data Protection Regulation

GP surgeries in Bromley work hard to provide the public and patients with clear and accurate information relating to how their personal information is used. Privacy Notices are put in place on the Bromley Clinical Commissioning Group website to inform service users of these uses of data by your GP surgery.

GDPR Privacy Notice

Oakfield Surgery keeps data on you relating to who you are, where you live, what you do, your family, possibly your friends, your employers, your habits, your problems and diagnoses, the reasons you seek help, your appointments, where you are seen and when you are seen, who by, referrals to specialists and other healthcare providers, tests carried out here and in other places, investigations and scans, treatments and outcomes of treatments, your treatment history, the observations and opinions of other healthcare workers, within and without the NHS as well as comments and aide memoires reasonably made by healthcare professionals in this practice who are appropriately involved in your health care.When registering for NHS care, all patients who receive NHS care are registered on a national database, the database is held by NHS Digital, a national organisation which has legal responsibilities to collect NHS data.

GPs have always delegated tasks and responsibilities to others that work with them in their surgeries, on average an NHS GP has between 1,500 to 2,500 patients for whom he or she is accountable.

It is not possible for the GP to provide hands on personal care for each and every one of those patients in those circumstances, for this reason GPs share your care with others, predominantly within the surgery but occasionally with outside organisations.

If your health needs require care from others elsewhere outside this practice we will exchange with them whatever information about you that is necessary for them to provide that care. When you make contact with healthcare providers outside the practice but within the NHS it is usual for them to send us information relating to that encounter. We will retain part or all of those reports. Normally we will receive equivalent reports of contacts you have with non NHS services but this is not always the case.

Your consent to this sharing of data, within the practice and with those others outside the practice is assumed and is allowed by the Law.

People who have access to your information will only normally have access to that which they need to fulfil their roles, for instance admin staff will normally only see your name, address, contact details, appointment history and registration details in order to book appointments, the practice nurses will normally have access to your immunisation, treatment, significant active and important past histories, your allergies and relevant recent contacts whilst the GP you see or speak to will normally have access to everything in your record.

You have the right to object to our sharing your data in these circumstances but we have an overriding responsibility to do what is in your best interests. Please see below.

We are required by Articles in the General Data Protection Regulations to provide you with the information in the following 9 subsections.
1) Data Controller contact details 

 

 

 Oakfield Surgery, Oaks Park Medical Centre17 Oakfield Road, London, SE20 8QA

Tel: 0208 776 6514

Email: BROCCG.OakfieldSurgery@nhs.net
2) Data Protection Officer contact details David Bennett
3) Purpose of the processing Direct Care is care delivered to the individual alone, most of which is provided in the surgery. After a patient agrees to a referral for direct care elsewhere, such as a referral to a specialist in a hospital, necessary and relevant information about the patient, their circumstances and their problem will need to be shared with the other healthcare workers, such as specialist, therapists, technicians etc.

The information that is shared is to enable the other healthcare workers to provide the most appropriate advice, investigations, treatments, therapies and or care.
4) Lawful basis for   processing The processing of personal data in the delivery of direct care and for providers’ administrative purposes in this surgery and in support of direct care elsewhere is supported under the following Article 6 and 9 conditions of the GDPR: 

Article 6(1)(e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’.

Article 9(2)(h) ‘necessary for the purposes of preventative or occupational medicine for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services…”

We will also recognise your rights established under UK case law collectively known as the “Common Law Duty of Confidentiality”*
5) Recipient or categories of recipients of the processed data The data will be shared with Health and care professionals and support staff in this surgery and at hospitals, diagnostic and treatment centres who contribute to your personal care.

This will include but is not exclusively Princess Royal University Hospital, Orpington Hospital, Beckenham Beacon, Kings College Hospital, Croydon University Hospital, University Hospital Lewisham.
6) Rights to object You have the right to object to some or all the information being processed under Article 21. Please contact the Data Controller or the practice.

You should be aware that this is a right to raise an objection, that is not the same as having an absolute right to have your wishes granted in every circumstance.
7) Right to access and correct You have the right to access the data that is being shared and have any inaccuracies corrected. There is no right to have accurate medical records deleted except when ordered by a court of Law.
8) Retention period The data will be retained in line with the law and national guidance – https://digital.nhs.uk/article/1202/Records-Management-Code-of-Practice-for-Health-and-Social-Care-2016or speak to the practice.
9) Right to Complain. You have the right to complain to the Information Commissioner’s Office, you can use this link https://ico.org.uk/global/contact-us/or calling their helpline Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)

There are National Offices for Scotland, Northern Ireland and Wales, (see ICO website)

* “Common Law Duty of Confidentiality”, common law is not written out in one document like an Act of Parliament. It is a form of law based on previous court cases decided by judges; hence, it is also referred to as ‘judge-made’ or case law. The law is applied by reference to those previous cases, so common law is also said to be based on precedent.

The general position is that if information is given in circumstances where it is expected that a duty of confidence applies, that information cannot normally be disclosed without the information provider’s consent.

In practice, this means that all patient information, whether held on paper, computer, visually or audio recorded, or held in the memory of the professional, must not normally be disclosed without the consent of the patient. It is irrelevant how old the patient is or what the state of their mental health is; the duty still applies.

Three circumstances making disclosure of confidential information lawful are:

  • where the individual to whom the information relates has consented;
  • where disclosure is in the public interest; and
  • where there is a legal duty to do so, for example a court order.

How We Use Your Information

To Provide You with Treatment

Doctors need to make notes about any diagnosis, test results, treatments including drugs prescriptions, and other information that you may provide, that seems relevant to the treatment of your condition. We need to keep this information in order to provide proper care for you (for later treatment, or if you should be seen by another doctor) and to allow others to check the treatment that you have received.

Nurses and other health professionals also need access to these records, and will add their own notes, as part of the overall healthcare provision. Secretaries, receptionists, and other clerical staff need access to some of your records in order to do administrative tasks, such as: booking appointments and communicating with you and other parts of the NHS.

Your doctor may also need to provide information under certain Acts of Parliament (e.g. the Communicable Diseases Act 1978, which is necessary to prevent the outbreak of certain highly contagious diseases) to protect you and others.

The Health Service

In order to manage the NHS, some restricted information concerning treatments, drugs prescribed, numbers of patients seen etc. is needed, and hospitals and general practices must provide this information in returns to various central bodies. This information has personal details such as your name and address removed wherever possible. It is necessary from time to time to check these returns to prevent fraud as part of the NHS’s statutory obligations. This may result in your being contacted by an NHS Fraud Office to see if you will consent to your records being checked. Only if you provide your consent will the auditors be allowed to access your records.

Teaching Clinicians

Some medical files are needed to teach student clinicians. Without such materials, new doctors and nurses would be not be properly prepared to treat you.

Planning

We need to be able to plan ahead about treatments, patient numbers, etc., but this uses summary information, not personal information.

Medical Research

Some medical research will require your direct involvement (especially if taking part in clinical trials) in which case the circumstances will be fully explained to you, and your express consent required. If you do not consent, then you will not be included in the trial.

Other researchers only require access to medical statistics, and can greatly improve our understanding of health, and how to treat patients more effectively. Generally, researchers only need information about groups of people, so that no individual information is apparent. In some cases, they need individual records, but wherever we can we will provide these in an anonymous form (so individuals cannot be identified). Sometimes, researchers need access to individual medical files.

We will contact you first for your consent (and before this the researchers must present their case before an Ethics Committee to check that their research is appropriate and worthwhile). Rarely, it may not be practicable (or even possible) to contact individuals for their consent, in which case the researchers must make their case before a Confidentiality Committee to show that there is enough benefit to the public at large to justify this.

How do we Manage Your Information?

We need to be able to move electronic information from system to system, extracting the data and modifying it for the next system. Occasionally, tests will need to be made on the data to check that it has been transferred correctly. This will only be done under carefully controlled conditions and all employees and contractors will be under strict contractual obligations to protect your confidentiality.