Practice Policies

General Data Protection Regulations (GDPR)

GDPR is Europe’s new framework for data protection laws – it replaces the 1995 data protection directive. Previous UK law was based upon this directive.

The new legislation, which came in to force on 25th May 2018, is designed to harmonise data privacy laws across Europe. The new set of rules are designed to give EU citizens more control over their personal data as well as give greater protection and rights.

Privacy Policy

The surgery has a ‘Privacy Policy’ and this has been updated to bring us in line with GDPR. This can be accessed from our website or you can request a paper copy from reception.

Patient data is not only vital for managing your care, it also plays an important role in other ways: planning health services, improving diagnosis and treatment and evaluating the effectiveness of policy. In the ‘Privacy Policy’ we explain;

• What we do with your data

• Who we share it with

• How you can opt-out of sharing Subject Access

New national data sharing type 2 opt-out

A type 2 opt-out is where a patient has requested that their personal confidential information is not shared by the NHS for purposes other than their own direct health care.

Since 25th May 2018 patients with existing type 2 opt outs have been contacted by NHS Digital explaining about a new national opt out. The letter informs patients that their previous opt out has been converted to a new national opt out. More details about this can be found at

After 1st October 2018 GP practices should not record any further type 2 opt outs. If you need any additional information and support relating to Type 2 opt-outs please contact NHS Digital contact centre at [email protected] or call them on 0300 303 5678.