Commissioning, Planning, Risk Stratification and Research Privacy Notice
The Phoenix Medical Practice uses data insightfully for Research, auditing and healthcare planning (population health management).
We are required by law to provide you with the following information about how we handle your information. Our full list of Privacy Notices can be found here
Data Controller contact details | The Phoenix Medical Practice 33 Bell Lane Burham, Rochester Kent ME1 3SX |
---|---|
Purpose of the processing |
If data from many patients are linked up or pooled, Researchers and Doctors can look for patterns in the data, helping them to develop new ways of predicting illness, and identify ways to improve clinical care. This information can be used to help:
|
Information we collect and use |
In certain circumstances, where we have a lawful basis it may be necessary to use:
|
Lawful basis for processing |
These purposes are supported under the following sections of the UK General Data Protection Regulations: Article 6(1)(c) … ‘necessary for compliance with a legal obligation to which the controller is subject Article 6(1)(e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’; and Article 9(2)(h) ‘necessary for the purposes of preventative or occupational medicine for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services...” Article 9(2)(g) processing is necessary for reasons of substantial public interest, on the basis of domestic law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject;’ Article 9(2)(i) ‘processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of domestic law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy’ Article (9)(2)(j) ‘processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) (as supplemented by section 19 of the 2018 Act) based on domestic law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.
The Practice recognise your rights established under UK case law collectively known as the “Common Law Duty of Confidentiality” to keep information about you confidential. Even though consent is not the legal basis for processing personal data for secondary purposes such as service evaluations and audit, the common law duty of confidentiality is not changing, therefore consent is still needed for people outside the care team to access and use confidential patient information for clinical audit, unless you have support under the Health Service (Control of Patient Information Regulations) 2002 (‘section 251 support’) applying via the Confidentiality Advisory Group in England and Wales or similar arrangements elsewhere in the UK. |
Strategic Health and Care Board (SHcAB) | Your information will be passed, with all identifiers removed, to a collaborative programme called the Kent & Medway Shared Health and Care Analytics Board. It will be used for population health management purposes beyond your individual care, including, for example, planning services, managing finances, early treatment of illnesses (known as risk stratification), coordinating and improving patient and service user’s movement through the health and care system, research, and public health enhancement. |
Kent and Medway Care Record (KMCR) |
The Phoenix Medical Practice are one of the partner organisations to the Kent and Medway Care Record (KMCR). The KMCR is an electronic care record which links your health and social care information held in different provider systems, to one platform. This allows health and social care professionals who have signed up to the KMCR to access the most up to date information to ensure you receive the best possible care and support by those supporting you. In order to enable this sharing of information, organisations who use the KMCR have agreements in place that allow the sharing of personal and special category data. |
General Practice Extract Service (GPES) | NHS Digital, collects data from Practices to support vital health and care planning and research. This information is used insightfully to better understand what causes ill health and, importantly, what we can do to prevent or treat it and provide better care. |
Health Service (Control of Patient Information) Regulations 2002 (COPI) |
The Secretary of State for Health and Social Care has issued Notices under Regulation 3(4) of the Health Service (Control of Patient Information) Regulations 2002 (COPI) which required organisations to share confidential patient information with organisations entitled to process this under COPI for COVID-19 purposes (COPI Notices). Further guidance on processing personal data, when the COPI Notice expires can be found here |
Population Health Management | Your information is passed, with all identifiers removed to NHS Kent and Medway for public health management. This enables the Practice to identify the appropriate level of care and services for distinct groups of patients. It is the process of assigning a risk status to patients, then using this information to direct care and improve overall health outcomes. |
National Data Opt-out |
The National Data opt-out is a service that enables patients to opt-out of their confidential information being used for research and planning. The National Data opt-out can be applied here. It is worth noting that in a small number of exceptional circumstances, where senior health care professionals can decide to share information based on public interest, and in these cases the National Data Ot-out does not apply. The Confidentiality Advisory Group (CAG) considers applications for the use of patient data without consent under the following regulations of Control of Patient Information Regulations 2002 , Section 251 of the NHS Act 2006: Regulation 2 – for diagnosis and treatment of cancer Regulation 5 – for general medical and research purpose Specific exemptions to the national data opt-out policy have been made for disclosure of data for:
There are also specific policy considerations for NHS Digital, as the national safe haven of health and care data with specific powers under the Health and Social Care Act 2012. National data opt-outs do not apply where NHS Digital indicate data should be provided to them under s259 of the Health and Social Care Act 2012. |
Rights to object |
The National Data opt-out is a service that enables patients to opt-out of their confidential information being used for research and planning. The National Data opt-out can be applied here For further details on your rights and how to complain please see the main privacy notice |
We use cookies to help provide you with the best possible online experience.
By using this site, you agree that we may store and access cookies on your device. Cookie policy.
Cookie settings.
Functional Cookies
Functional Cookies are enabled by default at all times so that we can save your preferences for cookie settings and ensure site works and delivers best experience.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.