We provide a confidential service to all our patients, including under 16s. This means that you can tell others about a visit to the surgery, but we won't.

You can be sure that anything you discuss with any member of this practice– family doctor, nurse or receptionist – will stay confidential.

Even if you are under 16 nothing will be said to anyone – including parents, other family members, care workers or tutors – without your permission. The only reason why we might have to consider passing on confidential information without your permission, would be to protect you or someone else from serious harm. We would always try to discuss this with you first.

If you are being treated elsewhere – for example at a hospital or clinic – it is best if you allow the doctor or nurse to inform the practice of any treatment you are receiving.

Confidential patient data will be shared within the health care team at the practice, including nursing staff, admin staff, secretaries and receptionists, and with other health care professionals to whom a patient is referred. Those individuals have a professional and contractual duty of confidentiality.

Confidential and identifiable information relating to patients will not be disclosed to other individuals (including NHS or PCT management staff) without their explicit consent, unless it is a matter of life and death or there is a serious risk to the health and safety of patients or it is overwhelmingly in the public interest to do so.

In these circumstances the minimum identifiable information that is essential to serve a legal purpose may be revealed to another individual who has a legal requirement to access the data for the given purpose.

That individual will also have a professional and contractual duty of confidentiality. Data will otherwise be anonymised if possible before disclosure if this would serve the purpose for which the data is required.

We are sometimes asked to provide information for the purposes of education, audit or research or for the purposes of health care administration. In all cases the person to whom such information is released is bound by a duty of confidentiality. The information disclosed is kept to the minimum necessary for the purpose and is always anonymised if at all possible.

Who can access your surgery-held medical records, if needed and if appropriate?

• All our GPs
• All our Practice Nurses
• All our District Nurses
• All our Health Visitors
• All our Midwives
• All our Receptionists
• All our Phlebotomists


• Our visiting Psychologists
• Our visiting Counsellors
• Our visiting Dieticians


• The Practice Manager
• The Deputy Practice Manager
• The Secretaries


• And, on a temporary basis, our medical students

Who cannot access your surgery-held medical records without your explicit consent?

Anyone else, in particular:

• The Department of Health
• The Strategic Health Authority
• The Primary Care Trust


• Medical Researchers
• Pharmaceutical Companies
• Journalists

The Oaklands Practice is registered as a Data Controller under the Data Protection Act 1998

You have the right to object to ways in which your data is used (or processed). We will always try to respect your wishes if you do not wish for your data to be used in a particular way, unless to do would mean that we could not provide you with safe and effective medical care.

EMIS is the name of our medical software supplier. They manage our system and our server, which holds the medical records of our patients, and ensure that we are able to provide effective and safe medical services to our patients at all times. EMIS can access our server remotely for the purpose of maintaining and troubleshooting the medical software. They never access individual records without our permission and then only to investigate why problems or errors are occurring in that patient's records. We also send backups of our system to EMIS for binary data validation and transfer to DVD. They do not access individual patient records during this. We have absolute trust and confidence in EMIS and they have an absolute and contractual duty of confidentiality when they are required, on occasions, to access patient records.

All our medical records are held on our surgery server. We do not hold any medical records on, or backup to, an off site server of any kind, otherwise known as a hosted server.

We do not hold any medical records on laptops, USB sticks or other portable devices.

All our backup tapes are fully encrypted.

The Oaklands Practice has signed up to the Information Commissioner's Personal Information Promise.

The Oaklands Practice will NOT upload our patients' medical details to the NHS Database without their active and explicit consent.

The Oaklands Practice will NOT upload our patients' medical details to the Hampshire Health Record database without their active and explicit consent.

The Oaklands Practice does NOT send any information to a Referral Management Centre or Referral Information Service.

If you have any worries about confidentiality, please feel free to ask a member of staff, or alternatively contact the Caldicott Guardian for the Oaklands Practice, Dr Neil Bhatia.

Useful and informative links about GPs and confidentiality:

• The Data Protection Act 1998
• The Human Rights Act 1998
• Confidentiality: Protecting and Providing Information (GMC Guidance)
• Use and Disclosure of Health Data (ICO Guidance)
• The Data Protection Act 1998 - Legal Guidance (ICO)
• Article 8 Human Rights Act and Confidential Information: Liberty Guide
• Confidentiality and Disclosure of Health Information (BMA Guidance)
• MDU Guide to Confidentiality (introduction)
• Royal College of General Practitioners: Confidentiality
• Good practice guidelines for general practice electronic patient records
• Confidentiality : NHS Code of Practice
• Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
• Article 29 Data Protection Working Party Working Document on the processing of personal data relating to health in electronic health records (EHR).
• BMA Guidance on disclosure of information to PCTs
• BMA Guidance on secondary uses of patient information
• Confidentiality and disclosure of health information - BMA tool kit.
• BMA Guidance on Access to Health Records
• Department of Health, Guidance for Access to Health Records (February 2010)
• Department of Health, Supplementary Guidance on Public Interest Disclosures

Page last updated: 09.01.11