Upcoming Practice Closures;
Friday 20th December 2019 - the practice will be closed between 12pm and 2pm only.
Wednesday 25th December 2019 - the practice will be closed for the public holiday, please contact NHS 24 on 111 if you require medical assistance that cannot wait until the surgery re-opens.
Thursday 26th December 2019 - the practice will be closed for the public holiday, please contact NHS 24 on 111 if you require medical assistance that cannot wait until the surgery re-opens
Wednesday 1st January 2020 - the practice will be closed for the public holiday, please contact NHS 24 on 111 if you require medical assistance that cannot wait until the surgery re-opens
Thursday 2nd January 2020 - the practice will be closed for the public holiday, please contact NHS 24 on 111 if you require medical assistance that cannot wait until the surgery re-opens.
Please be prepared and order any required repeat prescriptions no later than; Thursday 19th December prior to Christmas and New Year.
Please be aware that our practice list is currently full.
Further updates will appear on our website should this change.
These fact sheets have been written to explain the role of UK health services, the National Health Service (NHS), to newly-arrived individuals seeking asylum. They cover issues such as the role of GPs, their function as gatekeepers to the health services, how to register and how to access emergency services.
Open the leaflets in one of the following languages
The sensitivity of patient information is well-understood within the NHS. As a patient of this practice, your medical records are confidential, and are accessible only to the members of the Primary Health Care Team involved in your care. All our staff are trained to respect their duty of confidentiality to you, and have this written into their Contracts of Employment. We keep paper and electronic records securely to prevent unauthorised access or misuse. Whenever practicable we remove references to personal details such as your name and address, and often restrict this further to reduce the chances of anyone identifying a record as relating to you.
The staff at this practice record information about you and your health so you can receive the right care and treatment. We record this information, together with the details of the care you receive, so that it is available each time we see you.
The information recorded about you may be used for other reasons other than your personal care, for example ,to help to protect the health of the general public, to plan for the future and to train staff and to carry out medical and other health research.
We are involved in research studies which require access to anonymous information from patient notes. You cannot be identified from these notes as all personal details( name, address, post code, full date of birth) are removed. Individual patient’s records are added into a much larger anonymous database from patients across the UK which is used by researchers outside this practice. This data may be linked to other data, such as hospital data.
If you would like to opt out of this data collection scheme, please let your doctor know and your records will not be collected for use in the anonymous research database. This will not affect your care in any way.
If anything to do with the research would require that you provide additional information about yourself, you will be contacted by your GP to see if you are willing to take part: you will not be identified in any published results.
You have the right of access to your health records. If at anytime you would like to know more or have any concerns about how we use your information, please ask reception for more details.
1 What is Docmail?
2 The Data Protection Act (1998) (DPA)
4 Other Approvals
DPA Seventh Principle
We will sometimes use a mailing company called Docmail to handle mailings to patients. Typically this is for bulk mailings such as the invitations to attend the flu clinics where it is difficult to accommodate the administrative work involved without affecting our ability to serve patients.
The Docmail website uses the highest strength 128 bit encryption, ensuring details will be safe. The CFH production site has the highest levels of both physical and IT security which enables us to process your mailing with complete assurance.
This is permissible under guidance from both the Information Commissioner’s Office (ICO) and the Department of Health (DoH) subject to the provisions of the Data Protection Act
Please find below some more information about Docmail and how we work with them to ensure that we protect our patients’ personal data at all times.
1.1 What is Docmail?
Docmail is provided by CFH Total Document Management Ltd a secure print and mailing company which provides print and mailing services for Local Government, GPs, Dentists, Medical Practices, Schools, Exam Boards and Banks etc. throughout the UK.
The system can be found online at www.docmail.co.uk and requires a secure user name and password for us to log on and upload our letters and address lists to create the printed output for despatch to Royal Mail. The system allows us to upload a letter template and mailing data for the patients we want to write to via a secure web portal.
1.2 The Data Protection Act (1998) (DPA)
North Glen Medical Practice and Docmail are both fully compliant with the Data Protection Act.
The Information Commissioners Office issued guidance in February 2012 for organisations that outsource some of its data processing to a third party. The Data Protection Act allows outsourcing to take place but stipulates certain conditions that must be met for it to be compliant.
An organisation that processes personal data is required to handle personal data in accordance with the data protection principles. A data controller may choose to use another organisation to process personal data on its behalf – a data processor.
The data controller remains responsible for ensuring its processing complies with the DPA, whether it processes in-house or engages a data processor.
Where a data processor is used the data controller must ensure that suitable security arrangements are in place in order to comply with the seventh data protection principle.
Further extracts from the guidance are reproduced here and the entire document is available on the ICO website.
North Glen Medical Practice has strictly adhered to this guidance in setting up the partnership with Docmail.
North Glen Medical Practice remains the data controller and as such has the responsibility for ensuring compliance with the provisions of the Act. We are not able to pass on those responsibilities to Docmail whose role is that of a data processor.
There is a written contract between North Glen Medical Practice and CFH – Total Document Management Ltd in addition to the standard terms of business that are published on the Docmail website.
That contract stipulates that Docmail can only act in accordance with instructions from North Glen Medical Practice i.e. they can only print and mail letters in accordance with data provided by us. They are not able to do anything else with that data.
The contract also creates a legal requirement for Docmail to act in accordance with the seventh principle of the Data Protection Act.
The Partners of North Glen Medical Practice and NHS Fife have satisfied themselves that Docmail have provided sufficient guarantees in respect of the technical and organisational security measures governing the processing to be carried out.
The partners have taken, and will continue to take, reasonable steps to ensure that Docmail are compliant with these security measures.
No data will pass outside of the European Union
1.3 Connecting For Health
Docmail has achieved a 100% rating in the Department of Health’s Information Governance Toolkit Assessment for 2012-2013 and we meet with the terms and conditions of the DH Information Governance Assurance Statement. This assessment is publicly available and can be viewed here.
1.4 Other Approvals
Docmail is also approved by the following:
Government Procurement Service for Hybrid Mail – which allows all government organisations to use Docmail
67 Primary Care Trusts have approved the use of Docmail.
Caldicott Guardian across a number areas have approved the use of Docmail when asked
Ethics Committees have approved the use of Docmail by surgeries
1.5 Accreditation’s & Security Policies
In addition to the credentials listed above, I have been supplied with Docmail’s Corporate Policies and certifications as detailed below..
ISO 27001:2005 Information Security Management System Certificate
CFH Site Security Policy
CFH Information Technology Security Policy
Information Security Policy
The data file provided to Docmail will only contain enough data to enable them to fulfil the contract. This means that it will include name and address details and, where appropriate, the date and time of an appointment as well as the name of the clinician you will be seeing or the name of a clinic you will be attending eg Flu Clinic or NHS Health Check. We will of course exercise the same discretion in writing the letters as we would if we were printing and posting them at the surgery.
The letters will be delivered to your address by Royal Mail in the normal way. The letters will carry the Docmail logo and the return address on the reverse side. This address does not identify the letter as having come from a doctor’s surgery.
If you have any questions or require further information about this please ask to speak to the Practice Manager.
Schedule 1 of the Data Protection Act (1998) lists eight principles of data protection. The seventh principle is of particular importance where an organisation uses a third party to process data.
The seventh data protection principle provides that:
Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
The Information Commissioner’s Office provides the following guidance to organisations seeking to use a third party to process data on its behalf.
Where a data controller chooses to use a data processor, paragraphs 11 & 12 of Schedule 2, DPA introduces additional obligations on the data controller as follows:
Copyright 2006 - 2020 My Surgery Website | Privacy & Usage | Edit | Staff Home | Site Map | Accessibility | Site T&C's | Service T&C's