We are obliged to comply with the Data Protection Act 2018 and other guidance on privacy and data confidentiality, which we take very seriously. In order to provide care we are obliged to keep records of all medical information, which is kept either in paper form or stored on computer.

In order to manage services and improve the quality of patient care we provide we are sometimes asked to share information on practice activity with the Health & Social Care Partnership (East Renfrewshire), Health Board and the Scottish Executive. Whenever possible this information is anonymised.

Data Sharing

The practice complies with data protection and access to medical records legislation. Identifiable information about you will be shared with others in the following circumstances:

• To provide further medical treatment for you, such as from community nurses and hospital services.
• To help you get other services, such as from the social work department.

Personal Health Information

To provide you with the care you need, we hold the details of your consultations, diagnoses, tests, prescriptions and other treatments that have been recorded by everyone involved in your care, such as GP, health visitor, practice nurse. This information may be stored on paper or electronically on computer files by practice staff.

We sometimes disclose some of your personal health information to other organisations involved in your care. For example, when your GP refers you to a specialist at the hospital we will send relevant details about you in the referral letter and receive information about you from them.

Our practice also participates in regional and national programmes such as the cervical cytology screening service and your name and address, date of birth and health number will be given to them in order to send an invitation to you.

We need to use some of your personal health information for administrative purposes. In order to receive payment for services provided to you, we have to disclose basic details about you to the NHS Board responsible for this area.

Sometimes we may participate in studies that are designed to improve the way services are provided to you or to check that our performance meets required standards. Whenever we take part in activities such as these we will ensure as far as possible any details that may identify you are not disclosed.

Sometimes we are required by law to pass on information, such as the notification to the government of births and deaths and certain diseases or crimes is a legal requirement. Our use of your personal health information is covered by a duty of confidentiality, and is regulated by the Data Protection Act. The Data Protection Act gives you a number of rights in relation to how your personal information is used including a right to access the information we hold about you.

Everyone working for the NHS has a legal duty to keep information about you confidential and adheres to a Code of Practice on protecting patient confidentiality. Anyone who receives information from us is also under a legal duty to keep it confidential.

Primary Care Intelligence Service for Scotland (PCIS)

The Primary Care Intelligence Service for Scotland (PCIS) is a new national GP data extraction and analytical service. This has been developed to help GPs, the NHS in Scotland and researchers learn from information held at GP Practices. Gathering this information will help improve health and care services in Scotland.

Benefits of the improved service are:

• Improving the quality of care for people who have a condition or a health need.
• Improving the quality of care for all patients.
• Responding to major public health issues like flu epidemics.
• Improving the provision of health and care to vulnerable or disadvantaged groups.
• Developing knowledge about the uptake of vital medicines and vaccines.
• Supporting research into new treatments for particular illnesses.

What Information will be used

Only aggregate data will be extracted (i.e. total counts). Aggregate-level data requests provide summary data only and are used to produce population-based health information and evidence based on primary care data. It does not contain individual patient-level data and does not compromise patient confidentiality. All new requests by PCIS require approval by an oversight group.