top of page


Personal data 

Personal data may be used for the following reasons:


Contact details, contracts, DBS applications, pay, tax, social security, minutes of meetings, use of IT, appraisal forms, holiday requests, training applications.


Patient’s records

Contact details, health records, referrals, letters, and Insurance details


Personal data may be processed for the following data subjects:

Staff current /former/locums/potential employees • Patients current/ previous/carers/relatives/guardians/third party representatives



Equipment servicing /repair • Cleaners • Estate 


Sharing and disclosure

Appraisal • References • Incident reports/forms • Insurance and banking • Referrals • Results • Letters to other service providers



Manual records

Staff files • Patient’s notes • Bills • Insurance forms • Consent forms • Insurance payment forms


Electronic records

TM3  • Banking • Nuffield • Vitality health • Bupa • Quick books


IT system

Fixed  • Cloud


Assessing the risk


Information collection

What information is being collected and how? Personal details and health care information

Where is the information being collected from? Data subjects and IT system

How often is the information being collected? During consultations, which are on an as needed basis


Information use

What is the purpose for using information? To enable the provision of effected treatment

When and how will the information be proceeded? Recorded during or soon after consultation onto TM3 clinical system or paper format

Is the use of the information linked to the reason for the information being collected? Yes  


Information attributes

What is the process for ensuring the accuracy of data? 

Asking the data subject to confirm details and ensuring the correct patient record is used when recording the information

What are the consequences if data is inaccurate?

Incorrect patient record updated; delay in treatment and or referral; potentially adverse impact on patient health


Information security

What security processes are in place to protect the data? 

Only authorised users can access the data

What controls are in place to safe guard only authorised access to the data? 

All users have an individual log on and the system is password restricted


Data subject access

What processes are in place for data subject access?

Data subjects can access limited information using online services or by requesting to see their clinical notes.


How can data subjects verify the lawfulness of the processing of data held about them?

By accessing their records and viewing how information has been processed


How do data subjects request that inaccuracies are rectified?

Data subjects can request that information held about them be changed by asking for an appointment with the data controller


Information disclosure

Will information be shared outside the practice; are data subjects made aware of this?

Yes the practice privacy policy details this information


Why will this information be shared; is this explained to data subjects?

Yes, to facilitate the necessary examination and treatment of data subjects


Are there robust procedures in place for third party requests which prevent unauthorised access?

Yes, authority must be provided by the third party who also included either a written statement or consent form, signed by the data subject


Retention of data

What are the retention periods associated with the data?

Mental health records are kept indefinitely. Paediatric records and all other data subject records are kept for 30 years


What is the disposal process and how is this done in a secure manner?

At the end of the retention period the records will be reviewed and if no longer needed they will be destroyed 


Where is data stored? If data is moved off site, what is the process; how can data security be assured?

Patient data is stored electronically on TM3 and some paper records are stored in a lockable cupboard which can only be accessed by authorised personnel

bottom of page