The Phoenix Practice Privacy Policy

The Phoenix Practice has a legal duty to explain how we use any personal information we collect about you, as a registered patient, at the practice. Staff at this practice maintains records about your health and the treatment you receive in electronic and paper format.   

What information do we collect about you?

We will collect information such as personal details, including name, address, next of kin, records of appointments, visits, telephone calls, your health records, treatment and medications, test results, X-rays, etc. and any other relevant information to enable us to deliver effective medical care.

How we will use your information

Your data is collected for the purpose of providing direct patient care; however, we can disclose this information if it is required by law, if you give consent or if it is justified in the public interest. The practice may be requested to support research; however, we will always gain your consent before sharing your information with medical research databases such as the Clinical Practice Research Datalink and QResearch or others when the law allows. 

In order to comply with its legal obligations, this practice may send data to NHS Digital when directed by the Secretary of State for Health under the Health and Social Care Act 2012. Additionally, this practice contributes to national clinical audits and will send the data that is required by NHS Digital when the law allows. This may include demographic data, such as date of birth, and information about your health which is recorded in coded form; for example, the clinical code for diabetes or high blood pressure.

Processing your information in this way and obtaining your consent ensures that we comply with Articles 6(1)(c), 6(1)(e) and 9(2)(h) of the GDPR. 

Please read our full Privacy Policy here.

HIE Privacy Policy

Introduction

The Data Protection Act 2018 became law on the 25 May 2018. It explicitly brought the EU General Data Protection Regulation (GDPR) 2016/EU679 into UK law as the “Applied GDPR”; we refer to these and other acts as “the data protection legislation”.

A requirement of the data protection legislation is that we inform individuals about whom we hold data (data subjects) about our processing. A Privacy Notice is information given to ensure data subjects are aware of how their data is being used or shared.

What is this Privacy Notice about?

This privacy notice contains information about the sharing of Personal Information by North London Health and Care Partners using a system called the Health Information Exchange (HIE) and contains details of the following:

  • information we collect and hold about you;
  • the legal basis for collecting and holding the information;
  • what we do with it, how we keep it secure (confidential);
  • who we might share it with;
  • how long we will hold it for;
  • what your rights are in relation to your data.

Please read the full HIE Privacy Policy here.