1. Who are we?
1.1 YourGP is registered with Healthcare Improvement Scotland as an independent healthcare provider in Scotland. We provide independent healthcare services in the form of the following regulated activities:
YourGP provides a wide range of independent healthcare services which include private General Practitioner (GP) consultations; child health services; physical examinations; health assessments; vaccinations; prescribing of medicines; complementary therapies; sexual health treatments; cosmetic healthcare including injectable skin filler treatments to improve physical appearance, and referrals to other healthcare specialists as necessary. We also carry out minor surgical procedures using local anaesthetic for the excision of warts, moles, cysts, and skin tags.
1.2 The clinic staff and healthcare professionals who provide you with care and treatment maintain records about your health. These records help YourGP to provide you with the best possible healthcare.
2. Protecting your data and GDPR
2.1 Protecting data has always been a priority for YourGP. However, with the General Data Protection Regulation (GDPR) coming into force on the 25 May 2018 we see this as an opportunity to reinforce our commitment to ongoing data protection management. We are improving our policies, processes and systems in line with the requirements. We continue to make data protection a priority.
3. GDPR: When is it coming in?
3.1 The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. The GDPR will be enforced in the UK on 25 May 2018.
3.2 GDPR is only a part of the overall data protection framework. The Government has already introduced a Data Protection Bill into Parliament. Once the UK leaves the EU, the Bill will help ensure that the standards of the GDPR are enshrined in UK law, and it also extends data protection laws to areas which are not covered by the GDPR (such as law enforcement).
4. What we are doing to get ready for GDPR?
4.1 YourGP handles personal data and we are committed to meeting the requirements of GDPR. Steps that we have taken and are taking include:
- Analysing and improving our internal systems and processes.
- Improving our privacy information in line with the new requirements.
- Training our staff on the new requirements and new internal procedures.
- Reviewing and updating all of our contracts where required.
5. How do we collect information from you?
5.1 We collect information when you register as a new patient at YourGP, we ask you complete a registration form and answer some questions about your personal health. During your appointment, the clinician will create a medical record about your personal health and lifestyle.
6. What type of information do we collect from you?
6.1 The personal information we collect includes your name, date of birth, home address, email address, contact telephone number, emergency contact details, and credit or debit card payment information. If you have attended YourGP for an appointment in the past, we will have a record of that previous contact. We do not hold any credit or debit card details after your appointment security deposit has been taken.
6.2 The medical information our clinicians collect is specifically about your personal health. This includes information about your past medical history, any current medicines you are taking, and a description of the health issue that you are experiencing. If you have any blood tests, X-rays or scans carried out, we will keep the results in your healthcare record. If you have been referred to a healthcare specialist outside of YourGP, we will keep any referral to and correspondence from the specialist in your healthcare record.
7. How do we use your information?
7.1 YourGP collects and holds personal information for the sole purpose of providing a healthcare service to patients. Your personal information is used to identify you as a patient who has used the YourGP independent healthcare service.
7.2 Your credit or debit card information is used to allow YourGP to receive payment for your appointment.
7.3 Your medical information is used by our doctors to recommend the best treatment for you.
7.4 We use patients’ healthcare records to audit and monitor the quality of the YourGP service. For example, we may audit the records of patients who have had a particular treatment to see how well it has worked. When we carry out any audits, we never use any information that could identify a patient such as a name, address, or date of birth.
8. Who has access to your information?
8.1 The processing of your personal information and medical information is accessed only by YourGP staff. Every member of staff who works for YourGP has a legal obligation to keep information about you confidential. Our staff include medical practitioners, paramedic practitioner, healthcare assistants, cosmetic technician, managers, administration and reception staff.
8.2 Your medical information may be shared with another healthcare specialist outside of YourGP if your doctor feels that you would benefit from seeing a health specialist. Such healthcare specialists may be based within the National Health Service (NHS) or at another independent healthcare provider. However, this will only be done after the doctor has explained this to you and obtained your consent to do so.
8.3 We ensure that all information we hold is kept confidential. However, we are obliged to disclose personal information if it is required by law, or it is justified in the public interest.
8.4 Our external healthcare regulator, Healthcare Improvement Scotland, looks at healthcare records as part of their inspection processes of the YourGP healthcare service.
8.5 We do not sell or rent your personal information to any third parties outside of YourGP. We do not share your information with any third parties for marketing purposes.
9. Consent and agreement
9.1 By agreeing to this privacy notice, you are giving YourGP permission to process your personal data specifically for the purposes identified. You are able to withdraw your consent at any time. Please contact us if you wish to discuss this.
10. Access to your information and correction
10.1 You have the right to make a request to YourGP for a copy of the information that we hold about you. If you would like a copy of some or all of your personal information please ask us by writing to:
Jacqui Mitchell, Business Manager YourGP
19 Hawthornbank Lane
Edinburgh EH4 3BH
10.2 We want to make sure that your personal information is accurate and up to date and are happy to remove or amend any information that you think is inaccurate.
10.3 If you would like a copy of the medical information we hold about you, we may need to ask you some additional questions about your reasons for requesting the information. Medical information is known as sensitive data under GDPR regulations.
11.1 When you give us your personal information, we take steps to ensure that it is treated securely. Any information we hold about you in paper format is held securely in locked filing cabinets. Any information we hold about you in electronic format is held securely on our computer patient management system.
12. Use of ‘cookies’
12.2 You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. However, this may prevent you from taking full advantage of the YourGP website.
12.3 Overall, cookies help YourGP to provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
13.1 YourGP may occasionally update and change this privacy notice. You should check this page from time to time to ensure that you are happy with any changes. This privacy notice is effective from 1st May 2018.
Feedback. Enjoyed our service at YourGP? Please let us know. We'd love to hear about how your visit went.