Practice Policies & Patient Information
Access to your Health Records
Under the Data Protection Law, you have a legal right to access your health records. If you want to see your health records you can write to the Practice Manager to request a time to come in and read them. You don’t have to give a reason for wanting to see your records.
It’s a good idea to state the dates of the records that you want to see, for example, from 2009 to 2012 – and to send the letter by recorded delivery. You should also keep a copy of your letter for your records. You will usually receive a response to your request within 21 days, although the law states that your hospital, or the Practice, has up to 40 days to respond.
Hospital Records
As well as having a copy of your health records the Practice will also have a summary of any hospital tests, or treatment, that you have had. Any hospitals where you have had treatment, or tests, will also hold records.
To see your hospital health records, you will have to contact your local Hospital. Your request to see your records will be forwarded to the health records manager. The manager will decide whether your request will be approved. Your request will usually only be refused if your records manager, GP, or other health professional believes that information in the records is likely to cause you, or another person, serious harm.
Power of Attorney
Your health records are confidential, and members of your family are not allowed to see them, unless you give them written permission, or they have power of attorney. A lasting power of attorney is a legal document that allows you to appoint someone to make decisions for you, should you become incapable of making decisions yourself.
The person you appoint is known as your attorney. An attorney can make decisions about your finances, property, and welfare. It is very important that you trust the person you appoint so that they do not abuse their responsibility. A legal power of attorney must be registered with the Office of the Public Guardian before it can be used.
If you wish to see the health records of someone who has died, you will have to apply under the Access to Medical Records Act 1990. You can only apply if you: are that person’s next of kin, are their legal executor (the person named in a will who is in charge of dealing with the property and finances of the deceased person), have the permission of the next of kin, or have obtained written permission from the deceased person before they died. To access the records of a deceased person, you must go through the same process as a living patient.
This means either contacting the Practice or the hospital where the records are stored.
Chaperones
The practice is committed to providing a safe and comfortable environment where patients and staff are confident that best practice is being followed.
Patients are entitled to ask for a chaperone for any consultation, examination or procedure where they feel they prefer to have a chaperone.
The practice will endeavour to provide a formally trained chaperone upon request, but patients would help us by requesting a chaperone when booking an appointment where a chaperone is required. This may mean rescheduling appointments in order to meet this need.
A doctor, nurse or other health care professional may also require a chaperone to be present for certain consultations.
Complaints Procedure
Our aim is to give you the highest possible standard of service and to deal quickly with any problems that arise.
In support of this we operate a complaints procedure. Our system meets the nationally agreed criteria for dealing with NHS complaints. A leaflet giving details of our procedure is available. You can obtain a copy of the NHS complaints procedure by visiting nhsinform.scot and searching for ‘NHS Complaints Procedure‘.
If you are unhappy about any aspect of our services please contact the Practice Manager.
Freedom of Information (Scotland) Act 2002
FREEDOM OF INFORMATION ACT (Scotland) 2002. The practice has adopted the model publication scheme prepared by the Scottish GPC (General Practitioners Committee). Copies can be obtained by contacting the Practice Manager.
GP Contract
We hold a General Medical Services (GMS) contract with Greater Glasgow and Clyde NHS Board (GG and CNHSB). NHS Greater Glasgow and Clyde, Gartnavel Royal Hospital, Modular Unit, Great Western Road Glasgow.
Details of this contract are available from our Practice Manager.
Medical Records and Confidentially
Why do we need information about you?
As providers of healthcare services, our staff will collect information about you so that you can receive proper care and treatment, with decisions based on the most current, complete and accurate information available.
We will keep this information, together with details about your care, only as long as is necessary.
Other uses of information
In addition to providing your treatment, we may need to use some of this information for other reasons, for example:
- Protecting and improving Public Health
- Investigation of complaints and legal claims
- Clinical research, audit and training
- Administration of services
This may require that the information is processed by non clinical health service staff, for example, administrative and clerical staff.
Scottish Primary Care Information Resource
NHS Scotland is improving the way it uses information from your GP patient record.
The improved service is called Scottish Primary Care Information Resource (SPIRE) and has been developed to help GPs, the NHS in Scotland and researchers plan for Scotland’s health and care needs. This will be introduced in phases across Scotland from January 2017.
Sharing Information with Others
Patient care often involves health and social services, so you may be receiving care from others as well as NHS staff. So that we can all work together for your benefit, we may need to share some information about you. We only use or pass on information about you if people have a genuine need to know and it is in your interest or in the public interest.
In certain circumstances, the law requires us to pass on information, for example: statutory notification of births and deaths; registration of a notifiable, communicable disease.
Anyone who receives information from us also has a duty to keep it confidential. Where required, and if you agree, information about you me shared with relatives, friends or others helping to provide care. Whenever possible, we use information from which an individual patient cannot be identified.
Subject Access Requests
Introduction
Under the terms of the data protection act, we as the “data controller” have a responsibility to ensure the confidentiality and integrity of the information we hold about you. Furthermore, as your doctor we have a responsibility to ensure the confidentiality of matters of a sensitive medical, psychological, and emotional nature.
A subject access request requires us as data controller to give you as the “subject” access to all data we hold about you. This includes every recorded encounter you have had with any GP or nurse in the surgery as well as copies of all hospital letters, test results and prescriptions issued.
Insurance Companies
Insurance companies require medical information from yourself and ourselves to assess your risk of illness, death and disability. There is a system in place for GPs to give a pertinent summary of all relevant medical information (excluding information of a sensitive or irrelevant nature) by way of an industry approved General Practitioner’s Report (GPR). The format of this report was agreed by the Association of British Insurers and the British Medical Association. This system has been in place since then and a fee is paid by the insurance company to ourselves to ensure a prompt efficient service.
Lately some companies have been using the SAR system to obtain patients’ full medical records. We have reason to believe that this may be done to reduce costs to the insurance company. More worryingly, we are concerned that our patients may not have received adequate explanation that their full record will be given to the insurance company, or that there is a simpler system in place whereby we can provide a GP report (or GPR) which releases only the relevant information.
Once we release a medical record to a third party we are no longer the data controller for that information, and we have no control over how that information is stored, used, or shared. As a result, we no longer respond to subject access requests by insurance companies. We have written to your insurance company to suggest that they submit a request to us for a GP report.
Should you wish to submit a subject access request to have copies of your full medical record under the terms of the data protection act, you may do so. Your medical records are held on a combination of paper (for older records) and computer (for new records). We will be able to liaise with you directly to provide this information within forty days. If however, you wish us to provide a standard report, we recommend that you contact your insurance company directly to express your preference for a General Practitioner’s Report (GPR).
Update
The Information Commissioner’s Office (ICO) has recently ruled on the use of SARs by insurance companies to obtain full copies of patient medical records. In brief the ICO determined that the use of SARs in this way was inappropriate and has written to the Association of British Insurers (ABI) to advise them of this. In light of the ICO ruling, the British Medical Association (BMA) have produced a Focus On Subject Access Requests for Insurance Purposes guidance document.
As a result we will no longer supply insurance companies with full copies of your medical records.
Zero Tolerance
The practice operates a zero tolerance policy in relation to abusive or violent behaviour toward staff. Such behaviour will result in removal from the practice list and where appropriate will be reported to the police.