Chaperones

We will always respect your privacy, dignity and your religious and cultural beliefs particularly when intimate examinations are advisable – these will only be carried out with your express agreement and you will be offered a chaperone to attend the examination if you so wish.

You may also request a chaperone when making the appointment or on arrival at the surgery (by letting the receptionist know) or at any time during the consultation.

Confidentiality

The Lodge Surgery recognises the right of every patient to have information about them kept secure and private.

Any information given to any member of staff will remain confidential.

In exceptional circumstances, permission from the patient will always be sought before any information is disclosed.

The practice has a confidentially policy which is adhered to by every member of staff. Patients have a right to the standards of confidentiality maintained by those providing their care and these standards should be made known at their first point of contact.

Staff

Every member of staff has a confidentiality clause in their contract, which they have signed. All members of staff are responsible for ensuring that confidential information is effectively protected when stored, transmitted, received, or disposed of.

Release of information to others

Systems are in place to ensure that requests for reports are not processed unless and until the patient’s consent has been confirmed. Patients can indicate if they wish to see the report before it is forwarded and do have the right of access to it afterwards. The security of all information is recognised, and when information is requested from patients by administrative staff the reason for the request is explained. We can only release results and other confidential information to the patient alone and not to family or relatives unless we have the patient’s explicit consent on record or in writing.

Medical information can be divulged to parents or guardians of children under 16 years, but this must not override the young person’s right to privacy. The patient’s best interests come first.

IF YOU NEED TO SPEAK TO SOMEONE IN PRIVATE THEN PLEASE TELL THE RECEPTION STAFF WHO WILL ARRANGE THIS FOR YOU. YOU DO NOT HAVE TO SAY WHAT IT IS ABOUT, WE RESPECT YOUR PRIVACY AND RIGHT TO CONFIDENTIALITY

Data Privacy Notice

The Lodge Surgery is a well-established GP Practice. Our General Practitioners and allied healthcare professionals provide primary medical care services to our practice population and are supported by our administrative and managerial team in providing care for patients.

This privacy notice explains how we use any personal information we collect about you as a patient of health care services provided by the Lodge surgery

Why do we collect your personal information?

Health care professionals who provide you with care are required by law to maintain records about your health and any treatment or care you have received within any NHS organisation. These records help to provide you with the best possible healthcare and help us to protect your safety.

We collect and hold data for the purpose of providing healthcare services to our patients and running our organisation which includes monitoring the quality of care that we provide. In carrying out this role we will collect information about you which helps us respond to your queries or secure specialist services. We will keep your information in written form and/or in digital form. The records will include both personal and special categories of data about your health and wellbeing.

What types of personal information do we collect about you?

We may collect the following types of personal information:

Your name, address, email address, telephone number and other contact information
Gender, NHS Number and date of birth and sexual orientation
Details of family members and next of kin details
Health (Medical) information, including information relating to your sex life
Details of any contact the surgery has had with you, such as appointments, clinic visits, emergency appointments and telephone calls.
Results of investigations such as laboratory tests or x-rays
Biometric data
Genetic information

How will we use the personal information we collect about you?

We may use your personal information in the following ways:

To help us assess your needs and identify and provide you with the health and social care that you require
To determine the best location to provide the care you require
To comply with our legal and regulatory obligations
To help us monitor and manage our services
To support medical research

Text (SMS) messages

If you have provided your mobile telephone number, we may use this to send automatic appointment reminders, requests to complete surveys or to make you aware of services provided by the surgery that we feel will be to your benefit.

If you do not wish to receive these text messages, please let the reception team know.

Call recording

Recordings of calls made and received by The Lodge Surgery may be used to support the learning and development of our staff and to improve the service we provide to our patients.

They may also be used when reviewing incidents, compliments or complaints.

Call recordings will be managed in the same way as all other personal information processed by us and in line with current data protection legislation.

Data processors

We may use the services of a data processor to assist us with some of our data processing, but this is done under a contract with direct instruction from us that controls how they will handle patient information and ensures they treat any information in line with the General Data Protection Regulation, confidentiality, privacy law, and any other laws that apply.

How will we share your personal information?

We may share your personal information with other health and social care professionals and members of their care teams to support your ongoing health and or social care and achieve the best possible outcome for you. This may include:

· Primary Care Network

The Lodge surgery is a member of the Chippenham, Corsham & Box Primary Care Network (PCN) so you may be contacted by or treated by one of the other practices within the PCN. In order to support and provide healthcare services to you, they will require access to your patient record.

· Patient Referrals

With your agreement, we may refer you to other services and healthcare providers for services not provided by the Lodge surgery

· Other Providers of Healthcare

We will share your information with other providers of healthcare services to enable them to support us in providing you with direct healthcare. This may include NHS organisations or private companies providing healthcare services for the NHS.

· Care Homes or Social Care Services

Sometimes the clinicians caring for you may need to share some of your information with others who are also supporting you outside of the practice.

· Local Authority

The local authority (council) provides health or social care services or assists us in providing direct healthcare services to you. We will share your personal information with them to enable this to take place.

· Safeguarding

We will share your personal information with the safeguarding teams of other health and social care providers where there is a need to assess and evaluate any safeguarding concerns. Your personal information will only be shared for this reason when it is required for the safety of the individuals concerned.

· Summary Care Record (SCR)

Your Summary Care Record is an electronic record of important patient information created from the GP medical records. It contains information about medications, allergies and any bad reactions to medications in the past. It can be seen by staff in other areas of the health and care system involved in your direct care.

· Integrated Care Records (ICR)

An Integrated Care Record allows other health and care providers who are directly involved with your care to access appropriate, timely and relevant information about you to enable them to support your heath and care. Further details about the ICR can be found here:

https://bswccg.nhs.uk/your-health/integrated-care-record

· GP Connect

GP Connect is a system that allows other health and care providers access to your GP medical records to enable them to support your heath and care when you are seen outside your normal GP surgery.

· Population Health Management

This practice is participating in a local Population Health Management (PHM) initiative aimed at improving physical and mental health outcomes and the wellbeing of our patients. This requires us to share pseudonymised personal data (anything that can identify an individual is replaced with code) with other organisations involved in the initiative.

· NHS Digital

In order to comply with its legal obligations this practice may send data to NHS Digital when directed by the Secretary of State for Health under the Health and Social Care Act 2012.

This practice contributes to national clinical audits and will send the data, which are required by NHS Digital when the law allows. This may include demographic data, such as date of birth and information about your health, which is recorded in coded form. For example, the clinical code for diabetes or high blood pressure.

· National Services

There are some national services like the national Cancer Screening Programme that collect and keep information from across the NHS. This is how the NHS knows when to contact you about services like cancer screening.

· Medical Research

With your consent, we will share information from medical records to support medical research when the law allows us to do so. For example, to learn more about why people get ill and what treatment might work best.

This is important because:

The use of information from GP medical records is very useful in developing new treatments and medicines.
Medical researchers use information from medical records to help answer important questions about illnesses and disease so that improvements can be made to the care and treatment patients receive.

National Fraud Initiative

The use of data by the Cabinet Office for data matching is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under Data Protection legislation. Data matching by the Cabinet Office is subject to a Code of Practice. For further information see:

https://www.gov.uk/government/publications/code-of-data-matching-practice-for-national-fraud-initiative

National Registries

National Registries (such as the Learning Disabilities Register) have statutory permission under Section 251 of the NHS Act 2006, to collect and hold service user identifiable information without the need to seek informed consent from each individual service user.

Supporting Medicines Management

CCGs operate pharmacist and prescribing advice services to support local GP practices with prescribing queries, which may require identifiable information to be shared. These pharmacists work with your usual GP to provide advice on medicines and prescribing queries, and review prescribing of medicines to ensure that it is appropriate for your needs, safe and cost-effective. Where specialist prescribing support is required, the CCG medicines optimisation team may order medications on behalf of your GP Practice to support your care.

Supporting Locally Commissioned Services

BSW CCG support GP practices by auditing anonymised data to monitor locally commissioned services, measure prevalence and support data quality. The data does not include identifiable information and is used to support patient care and ensure providers are correctly paid for the services they provide.

Medical student placements

Our practice is involved in the training of medical students. As part of this programme medical students will work in the practice and may be involved in your care. If staff would like a student to be present they will always ask for your permission before the start of the consultation. The treatment or care you receive will not be affected if you refuse to have a student present during your appointment.

Cinapsis

This is a smart referral clinical communication platform that gives clinicians access to specialist advice and guidance when they need it.

AccuRX SMS & Video consultation

The surgery uses this software to provide an SMS service and clinician\patient video conference calls delivered using the patient and clinician’s smartphone device. This can be used when face-to-face contacts between healthcare staff and their patients are not possible.

LogMeIn remote access

This software is used to provide remote access to GP surgery computers and is used to facilitate doctors and other staff working remotely outside the practice.

Any medical or health related personal information will be treated with confidence in line with the common law duty of confidentiality and the Confidentiality NHS Code of Practice.

We may be required to share information with organisations in order to comply with our legal and regulatory obligations. This may include:

· Care Quality Commission (CQC)

The CQC regulates health and care services to ensure that safe care is provided. The law requires that we must report certain serious events to the CQC, for example, when patient safety has been put at risk. Further information about the CQC can be found here:

http://www.cqc.org.uk/

· Public Health England

The law requires us to share data for public health reasons, for example to prevent the spread of infectious diseases or other diseases which threaten the health of the population. We will report the relevant information to local health protection team or Public Health England. Further information about Public Health England can be found here:

https://www.gov.uk/guidance/notifiable-diseases-and-causative-organisms-how-to-report

· Other NHS Organisations

Sometimes the practice will share information with other NHS organisations that do not directly care for you, such as the Clinical Commissioning Group. However, this information will be anonymous and does not include anything written as notes by the GP and cannot be linked to you.

Individual Funding Request

An ‘Individual Funding Request’ is a request made on your behalf, with your consent, by a clinician, for funding of specialised healthcare which falls outside the range of services and treatments that CCG has agreed to commission for the local population. An Individual Funding Request is taken under consideration when a case can be set out by a patient’s clinician that there are exceptional clinical circumstances which make the patient’s case different from other patients with the same condition who are at the same stage of their disease, or when the request is for a treatment that is regarded as new or experimental and where there are no other similar patients who would benefit from this treatment. A detailed response, including the criteria considered in arriving at the decision, will be provided to the patient’s clinician.

Improving Diabetes Care

Information that does not identify individual patients is used to enable focussed discussions to take place at practice-led local diabetes review meetings between health care professionals. This enables the professionals to improve the management and support of these patients.

We will not share your information with organisations other than health and social care providers without your consent unless the law allows or requires us to.

NHS National Data Opt-out

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care Services, important information about you is collected in a patient record for that service. Collecting this confidential patient information helps to ensure you get the best possible care and treatment.

The confidential patient information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care where allowed by law.

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information, you do not need to do anything. If you choose to opt out your confidential patient information will still be used to support your individual care.

We do not share your confidential patient information for purposes beyond your individual care without your permission. When sharing data for planning and reporting purposes, we use anonymised data so that you cannot be identified in which case your confidential patient information isn’t required.

Information being used or shared for purposes beyond individual care does not include your confidential patient information being shared with insurance companies or used for marketing purposes and information would only be used in this way with your specific agreement.

Health and care organisations that process confidential patient information have to put systems and processes in place so they can be compliant with the national data opt-out. They must respect and apply your opt-out preference if they want to use or share your confidential patient information for purposes beyond your individual care.

The Lodge Surgery are currently compliant with the national data-out policy as we do not share your confidential patient information for purposes beyond your individual care without your permission.

To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters

You can change your choice at any time.

Local Enhanced Data Sharing (EDSM)

Your GP electronic patient record is held securely and confidentially on an electronic system called ‘SystmOne’ managed by the Lodge Surgery. If you require attention from a health professional such as an Emergency Department, Minor Injury Unit or Out Of Hours service, the professionals treating you are better able to give you safe and effective care if relevant information from your GP record is available to them.

We have a practice policy to share in and share out all patients’ medical records within SystmOne with care organisations with whom you are registered and receiving care.

Under the GDPR and DPA 2018, all organisations that process personal data must have in place a legal basis to process this data and an additional legal basis to process special category data (including data concerning health).

We have been advised to use the following by our Data Protection Officer:

Article 6 (1) (e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official duty…’ as an appropriate legal basis for personal data
Article 9 (2) (h) ‘…medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems…’ as an appropriate legal basis for special category data.

We have established a safe no verify list of organisations within Wiltshire with whom we will share your information without requiring a code from the patient. All other healthcare organisations will need to seek permission from the patient to receive an SMS / Email code from the patient before the surgery will allow them access to medical records.

Your permission will be asked before the information is accessed, other than in exceptional circumstances (e.g. emergencies) if the healthcare professional is unable to ask you and this is deemed to be in your best interests (which will then be logged).

How long do we keep your personal information?

We follow the Records Management Code of Practice for Health and Social Care 2016 records retention schedule published by the Information Governance Alliance for the Department of Health which states that electronic patient records should be retained for 10 years from the date of death. At that point, all personal data we hold on you will be securely deleted.

We keep recordings of our calls for 6 years.

Legal basis

We have been commissioned by the Bath and North East Summerset, Swindon and Wiltshire Clinical Commissioning Group to provide a GP surgery service and it is necessary for the performance of this task in the public interest for us to process your personal data.

We will use your special categories of personal data, such as that relating to your race, ethnic origin, and health for the purposes of providing you with health or social care or the management of health or social care systems and services. Such processing will only be carried out by a health or social work professional or by another person who owes a duty of confidentiality under legislation or a rule of law.

In some circumstances, we may process your personal information on the basis that:

it is necessary to protect your vital interests;
we are required to do so in order to comply with legal obligations to which we are subject;
we are required to do so for the establishment, exercise or defence of a legal claim;

or

you have given us your explicit consent to do so.

Doctorlink

We use Doctorlink to assist us in delivering healthcare services to our patients that register to use Doctorlink. When you register to use Doctorlink, you give your explicit consent (permission) for Doctorlink to collect and use your personal information for the services provided by Doctorlink.

Doctorlink may share your personal data with us if you require an appointment or repeat prescription.

Full details about how Doctorlink will process your personal information can be found on their privacy notice here:

https://www.doctorlink.com/privacynotice/

Your rights

You have a right to:

ask for a copy of the information we hold about you;
correct inaccuracies in the information we hold about you
withdraw any consent you have given to the use of your information;
complain to the relevant supervisory authority in any jurisdiction about our use of your information
in some circumstances:
- ask us to erase information we hold about you;
- request a copy of your personal data in an electronic format and require us to provide this information to a third party;
- ask us to restrict the use of information we hold about you; and
- object to the use of information we hold about you.

You can exercise these rights by contacting us as detailed below.

How to contact us

If you have any questions about our privacy notice, the personal information we hold about you, or our use of your personal information then please contact our Data Protection Officer at:

Data Protection Office – jasonroberts@nhs.net

If you have concerns or are unhappy about any of our services, please contact the Practice Manager Mark Little on enquiries.lodgesurgery@nhs.net

How to make a complaint

You also have the right to raise any concerns about how your personal data is being processed by us with the Information Commissioners Office (ICO):

The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF

https://ico.org.uk/concerns

0303 123 1113

Further Information

Further information about the way in which the NHS uses personal information and your rights in that respect can be found here:

The NHS Care Record Guarantee

The NHS Care Record Guarantee for England sets out the rules that govern how patient information is used in the NHS, what control the patient can have over this, the rights individuals have to request copies of their data and how data is protected under Data Protection Legislation.

http://systems.digital.nhs.uk/infogov/links/nhscrg.pdf

The NHS Constitution

The NHS Constitution establishes the principles and values of the NHS in England. It sets out the rights patients, the public and staff are entitled to. These rights cover how patients access health services, the quality of care you’ll receive, the treatments and programmes available to you, confidentiality, information and your right to complain if things go wrong.

https://www.gov.uk/government/publications/the-nhs-constitution-for-england

NHS Digital

NHS Digital collects health information from the records health and social care providers keep about the care and treatment they give, to promote health or support improvements in the delivery of care services in England.

http://content.digital.nhs.uk/article/4963/What-we-collect

Changes to our privacy notice

We keep our privacy notice under regular review and we will place any updates on this webpage.

COVID-19 Privacy Notice Appendix

This appendix has been added to include any additional data processing completed by us during the Coronavirus (COIVD-19) outbreak.

Summary Care Record with Additional Information

In light of the current emergency, the Department of Health and Social Care has removed the requirement for your explicit consent prior to sharing additional information as part of the summary care record.

You can read more about the changes to your Summary Care Record here:

Supplementary Privacy Notice for Summary Care Records

GP Connect in support of the National COVID-19 Response

To help the NHS during the COVID-19 outbreak, NHS Digital are improving the access that doctors, nurses and healthcare professionals have to medical records and information, so that they can more safely treat and advise patients who are not in their usual GP practice, who call 111 or are seen in hospitals and other healthcare settings.

You can read more about GP Connect here:

GP Connect information for patients

GPES Data for Pandemic Planning and Research (COVID-19)

This practice is supporting vital coronavirus (COVID-19) planning and research by sharing your data with NHS Digital.

The health and social care system is facing significant pressures due to the coronavirus (COVID-19) outbreak. Health and care information is essential to deliver care to individuals, to support health, social care and other public services and to protect public health. Information will also be vital in researching, monitoring, tracking and managing the coronavirus outbreak. In the current emergency it has become even more important to share health and care information across relevant organisations. This practice is supporting vital coronavirus planning and research by sharing your data with NHS Digital, the national safe haven for health and social care data in England.

Our legal basis for sharing data with NHS Digital

NHS Digital has been legally directed to collect and analyse patient data from all GP practices in England to support the coronavirus response for the duration of the outbreak. NHS Digital will become the controller under the General Data Protection Regulation 2016 (GDPR) of the personal data collected and analysed jointly with the Secretary of State for Health and Social Care, who has directed NHS Digital to collect and analyse this data under the COVID-19 Public Health Directions 2020 (COVID-19 Direction).

All GP practices in England are legally required to share data with NHS Digital for this purpose under the Health and Social Care Act 2012 (2012 Act). More information about this requirement is contained in the data provision notice issued by NHS Digital to GP practices.

Under GDPR our legal basis for sharing this personal data with NHS Digital is Article 6(1)(c) – legal obligation. Our legal basis for sharing personal data relating to health, is Article 9(2)(g) – substantial public interest, for the purposes of NHS Digital exercising its statutory functions under the COVID-19 Direction.

The type of personal data we are sharing with NHS Digital

The data being shared with NHS Digital will include information about patients who are currently registered with a GP practice or who have a date of death on or after 1 November 2019 whose record contains coded information relevant to coronavirus planning and research. The data contains NHS Number, postcode, address, surname, forename, sex, ethnicity, date of birth and date of death for those patients. It will also include coded health data which is held in your GP record such as details of:

diagnoses and findings
medications and other prescribed items
investigations, tests and results
treatments and outcomes
vaccinations and immunisations

How NHS Digital will use and share your data

NHS Digital will analyse the data they collect and securely and lawfully share data with other appropriate organisations, including health and care organisations, bodies engaged in disease surveillance and research organisations for coronavirus response purposes only. These purposes include protecting public health, planning and providing health, social care and public services, identifying coronavirus trends and risks to public health, monitoring and managing the outbreak and carrying out of vital coronavirus research and clinical trials. The British Medical Association, the Royal College of General Practitioners and the National Data Guardian are all supportive of this initiative.

NHS Digital has various legal powers to share data for purposes relating to the coronavirus response. It is also required to share data in certain circumstances set out in the COVID-19 Direction and to share confidential patient information to support the response under a legal notice issued to it by the Secretary of State under the Health Service (Control of Patient Information) Regulations 2002 (COPI Regulations).

Legal notices under the COPI Regulations have also been issued to other health and social care organisations requiring those organisations to process and share confidential patient information to respond to the coronavirus outbreak. Any information used or shared during the outbreak under these legal notices or the COPI Regulations will be limited to the period of the outbreak unless there is another legal basis for organisations to continue to use the information.

Data which is shared by NHS Digital will be subject to robust rules relating to privacy, security and confidentiality and only the minimum amount of data necessary to achieve the coronavirus purpose will be shared. Organisations using your data will also need to have a clear legal basis to do so and will enter into a data sharing agreement with NHS Digital. Information about the data that NHS Digital shares, including who with and for what purpose will be published in the NHS Digital data release register.

For more information about how NHS Digital will use your data please see the NHS Digital Transparency Notice for GP Data for Pandemic Planning and Research (COVID-19).

National Data Opt-Out

The application of the National Data Opt-Out to information shared by NHS Digital will be considered on a case by case basis and may or may not apply depending on the specific purposes for which the data is to be used. This is because during this period of emergency, the National Data Opt-Out will not generally apply where data is used to support the coronavirus outbreak, due to the public interest and legal requirements to share information.

Your rights over your personal data

To read more about the health and care information NHS Digital collects, its legal basis for collecting this information and what choices and rights you have in relation to the processing by NHS Digital of your personal data, see:

Data Privacy Notice

Patient Information Leaflet

The Lodge surgery is a well-established GP Practice. Our General Practitioners and allied healthcare professionals provide primary medical care services to our practice population and are supported by our administrative and managerial team in providing care for patients.

This privacy notice explains how we use any personal information we collect about you as a patient of health care services provided by the Lodge surgery

Why do we collect your personal information?

Health care professionals who provide you with care are required by law to maintain records about your health and any treatment or care you have received within any NHS organisation. These records help to provide you with the best possible healthcare and help us to protect your safety.

We collect and hold data for the purpose of providing healthcare services to our patients and running our organisation which includes monitoring the quality of care that we provide. In carrying out this role we will collect information about you which helps us respond to your queries or secure specialist services. We will keep your information in written form and/or in digital form. The records will include both personal and special categories of data about your health and wellbeing.

What types of personal information do we collect about you?

We may collect the following types of personal information:

Your name, address, email address, telephone number and other contact information
Gender, NHS Number and date of birth and sexual orientation
Details of family members and next of kin details
Health (Medical) information, including information relating to your sex life
Details of any contact the surgery has had with you, such as appointments, clinic visits, emergency appointments and telephone calls.
Results of investigations such as laboratory tests or x-rays
Biometric data
Genetic information

How will we use the personal information we collect about you?

We may use your personal information in the following ways:

To help us assess your needs and identify and provide you with the health and social care that you require
To determine the best location to provide the care you require
To comply with our legal and regulatory obligations
To help us monitor and manage our services
To support medical research

Text (SMS) messages

If you have provided your mobile telephone number, we may use this to send automatic appointment reminders, requests to complete surveys or to make you aware of services provided by the surgery that we feel will be to your benefit.

If you do not wish to receive these text messages, please let the reception team know.

Call recording

Recordings of calls made and received by The Lodge surgery may be used to support the learning and development of our staff and to improve the service we provide to our patients.

They may also be used when reviewing incidents, compliments or complaints.

Call recordings will be managed in the same way as all other personal information processed by us and in line with current data protection legislation.

Data processors

We may use the services of a data processor to assist us with some of our data processing, but this is done under a contract with direct instruction from us that controls how they will handle patient information and ensures they treat any information in line with the General Data Protection Regulation, confidentiality, privacy law, and any other laws that apply.

How will we share your personal information?

We may share your personal information with other health and social care professionals and members of their care teams to support your ongoing health and or social care and achieve the best possible outcome for you. This may include:

Primary Care Network

The Lodge surgery is a member of the Chippenham, Corsham & Box Primary Care Network (PCN) so you may be contacted by or treated by one of the other practices within the PCN. In order to support and provide healthcare services to you, they will require access to your patient record.

Patient Referrals

With your agreement, we may refer you to other services and healthcare providers for services not provided by the Lodge surgery

Other Providers of Healthcare

We will share your information with other providers of healthcare services to enable them to support us in providing you with direct healthcare. This may include NHS organisations or private companies providing healthcare services for the NHS.

Care Homes or Social Care Services

Sometimes the clinicians caring for you may need to share some of your information with others who are also supporting you outside of the practice.

Local Authority

The local authority (council) provides health or social care services or assists us in providing direct healthcare services to you. We will share your personal information with them to enable this to take place.

Safeguarding

We will share your personal information with the safeguarding teams of other health and social care providers where there is a need to assess and evaluate any safeguarding concerns. Your personal information will only be shared for this reason when it is required for the safety of the individuals concerned.

Child Health Information services

South, Central and West child health Information Services (SCW CHIS) is commissioned by NHS England to support the monitoring of care delivered to children. Personal data is collected from the child’s GP record to enable health screening, physical examination and vaccination services to be monitored to ensure that every child has access to all relevant health interventions.

Summary Care Record (SCR)

Your Summary Care Record is an electronic record of important patient information created from the GP medical records. It contains information about medications, allergies and any bad reactions to medications in the past. It can be seen by staff in other areas of the health and care system involved in your direct care.

During the height of the pandemic changes were made to the Summary Care Record (SCR) to make additional patient information available to all appropriate clinicians when and where they needed it, to support direct patients care, leading to improvements in both care and outcomes.

These changes to the SCR will remain in place unless you decide otherwise.

Regardless of your past decisions about your Summary Care Record preferences, you will still have the same options that you currently have in place to opt out of having a Summary Care Record, including the opportunity to opt-back in to having a Summary Care Record or opt back in to allow sharing of Additional Information. Further details about the SCR and your choices can be found here:

https://digital.nhs.uk/services/summary-care-records-scr/summary-care-record-supplementary-transparency-notice

Integrated Care Records (ICR)

Bath and North East Somerset, Swindon and Wiltshire Integrated Care Record (BSW ICR) is a digital care record system for sharing information in Bath and North East Somerset, Swindon and Wiltshire. It allows instant, secure access to your health and social care records for the professionals involved in your care.

Relevant information from your digital records is shared with people who look after you. This gives them up-to-date information making your care safer and more efficient.

The Lodge surgery uses the system in the following way:

We can access your data stored within the system

Further details about the BSW ICR and how your information can be found here:

Your care record – Bath and North East Somerset, Swindon and Wiltshire ICB

https://bswicb.nhs.uk/your-health/integrated-care-record

GP Connect

We use a facility called GP Connect to support your direct care. GP Connect makes patient information available to all appropriate clinicians when and where they need it, to support direct patients care, leading to improvements in both care and outcomes.

GP Connect is not used for any purpose other than direct care.

Authorised Clinicians such as GPs, NHS 111 Clinicians, Care Home Nurses (if you are in a Care Home), Secondary Care Trusts, Social Care Clinicians are able to access the GP records of the patients they are treating via a secure NHS Digital service called GP connect.

The NHS 111 service (and other services) will be able to book appointments for patients at GP practices and other local services. Further details about GP Connect are available here:

GP Connect privacy notice – NHS Digital

Population Health Management

This practice is participating in a local Population Health Management (PHM) initiative aimed at improving physical and mental health outcomes and the wellbeing of our patients. This requires us to share pseudonymised personal data (anything that can identify an individual is replaced with code) with other organisations involved in the initiative.

Brave AI

BRAVE AI employs sophisticated computer algorithms to evaluate the complexity of each patient’s health needs within our practice. By assigning a score, it helps identify individuals at risk of deteriorating health, potentially necessitating hospitalisation. This innovative tool enhances your doctors’ ability to recognise patients who may otherwise be overlooked, including those with borderline health indicators or infrequent medical interactions. The primary objective of BRAVE AI is to promote preventive healthcare practices over reactive treatments.

All data processed by BRAVE AI is stored securely and confidential patient information is exclusively disclosed to clinical teams directly involved in patient care.

Should you have any questions or concerns regarding the processing of your data alongside BRAVE AI, we encourage you to contact us at mg.gp-dpo@nhs.net

NHS Digital

In order to comply with its legal obligations this practice may send data to NHS Digital when directed by the Secretary of State for Health under the Health and Social Care Act 2012.

This practice contributes to national clinical audits and will send the data, which are required by NHS Digital when the law allows. This may include demographic data, such as date of birth and information about your health, which is recorded in coded form. For example, the clinical code for diabetes or high blood pressure.

National Services

There are some national services like the national Cancer Screening Programme that collect and keep information from across the NHS. This is how the NHS knows when to contact you about services like cancer screening.

Medical Research

With your consent, we will share information from medical records to support medical research when the law allows us to do so. For example, to learn more about why people get ill and what treatment might work best.

This is important because:

The use of information from GP medical records is very useful in developing new treatments and medicines.
Medical researchers use information from medical records to help answer important questions about illnesses and disease so that improvements can be made to the care and treatment patients receive.

National Fraud Initiative

The use of data by the Cabinet Office for data matching is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under Data Protection legislation. Data matching by the Cabinet Office is subject to a Code of Practice. For further information see:

https://www.gov.uk/government/publications/code-of-data-matching-practice-for-national-fraud-initiative

National Registries

National Registries (such as the Learning Disabilities Register) have statutory permission under Section 251 of the NHS Act 2006, to collect and hold service user identifiable information without the need to seek informed consent from each individual service user.

Supporting Medicines Management

ICB’s operate pharmacist and prescribing advice services to support local GP practices with prescribing queries, which may require identifiable information to be shared. These pharmacists work with your usual GP to provide advice on medicines and prescribing queries, and review prescribing of medicines to ensure that it is appropriate for your needs, safe and cost-effective. Where specialist prescribing support is required, the ICB medicines optimisation team may order medications on behalf of your GP Practice to support your care.

Supporting Locally Commissioned Services

BSW ICB support GP practices by auditing anonymised data to monitor locally commissioned services, measure prevalence and support data quality. The data does not include identifiable information and is used to support patient care and ensure providers are correctly paid for the services they provide.

Medical student placements

Our practice is involved in the training of medical students. As part of this programme medical students will work in the practice and may be involved in your care. If staff would like a student to be present, they will always ask for your permission before the start of the consultation. The treatment or care you receive will not be affected if you refuse to have a student present during your appointment.

Cinapsis

This is a smart referral clinical communication platform that gives clinicians access to specialist advice and guidance when they need it.

AccuRX SMS & Video consultation

The surgery uses this software to provide an SMS service and clinician\patient video conference calls delivered using the patient and clinician’s smartphone device. This can be used when face-to-face contacts between healthcare staff and their patients are not possible.

Arden’s manager

Ardens Manager is a cloud-based data analytics platform that allows GP Practices, Primary Care Networks (PCNs) and Integrated Care Boards (ICBs) to monitor, aggregate and benchmark Primary Care activity.

SystmConnect

SystmConnect is an Online Consultation product that was fully developed in house by TPP. This involved development of a bespoke patient facing website that supports organisation level configuration and the submission of Online Consultation requests to existing SystmOnline web servers, it is built as part of the existing SystmOne platform.

Heidi

Heidi is an innovative AI tool which listens to consultations and uses AI to generate clinical documentation in the style of a clinician. It can also write outputs based on the user request, for example, in the style of a clinic letter or referral letter. Some clinicians will use this tool for consultations during day-to-day clinical practice, but only after gaining patient consent. Patient identifiable information undergoes pseudonymisation and de-identification to provide additional safeguards with patient data during transit and processing while ensuring compliance with data protection regulations. Pseudonymising data ensures that any identifiers are removed or masked, which adds an additional layer of protection for patient information and reduces the risk limiting where possible sharing of personally identifiable information with 3rd parties. Data is deleted 7 days after use

Care Quality Commission (CQC)

The CQC regulates health and care services to ensure that safe care is provided. The law requires that we must report certain serious events to the CQC, for example, when patient safety has been put at risk. Further information about the CQC can be found here:

http://www.cqc.org.uk/

Public Health England

The law requires us to share data for public health reasons, for example to prevent the spread of infectious diseases or other diseases which threaten the health of the population. We will report the relevant information to local health protection team or Public Health England. Further information about Public Health England can be found here:

https://www.gov.uk/guidance/notifiable-diseases-and-causative-organisms-how-to-report

Other NHS Organisations

Sometimes the practice will share information with other NHS organisations that do not directly care for you, such as the ICB. However, this information will be anonymous and does not include anything written as notes by the GP and cannot be linked to you.

Individual Funding Request

An ‘Individual Funding Request’ is a request made on your behalf, with your consent, by a clinician, for funding of specialised healthcare which falls outside the range of services and treatments that ICB has agreed to commission for the local population. An Individual Funding Request is taken under consideration when a case can be set out by a patient’s clinician that there are exceptional clinical circumstances which make the patient’s case different from other patients with the same condition who are at the same stage of their disease, or when the request is for a treatment that is regarded as new or experimental and where there are no other similar patients who would benefit from this treatment. A detailed response, including the criteria considered in arriving at the decision, will be provided to the patient’s clinician.

Improving Diabetes Care

Information that does not identify individual patients is used to enable focussed discussions to take place at practice-led local diabetes review meetings between health care professionals. This enables the professionals to improve the management and support of these patients.

We will not share your information with organisations other than health and social care providers without your consent unless the law allows or requires us to.

NHS National Data Opt-out

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care Services, important information about you is collected in a patient record for that service. Collecting this confidential patient information helps to ensure you get the best possible care and treatment.

The confidential patient information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care where allowed by law.

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information, you do not need to do anything. If you choose to opt out your confidential patient information will still be used to support your individual care.

We do not share your confidential patient information for purposes beyond your individual care without your permission. When sharing data for planning and reporting purposes, we use anonymised data so that you cannot be identified in which case your confidential patient information isn’t required.

Information being used or shared for purposes beyond individual care does not include your confidential patient information being shared with insurance companies or used for marketing purposes and information would only be used in this way with your specific agreement.

Health and care organisations that process confidential patient information have to put systems and processes in place so they can be compliant with the national data opt-out. They must respect and apply your opt-out preference if they want to use or share your confidential patient information for purposes beyond your individual care.

The Lodge surgery are compliant with the national data-out policy as we do not share your confidential patient information for purposes beyond your individual care without your permission.

To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters You can change your choice at any time.

Local Enhanced Data Sharing (EDSM)

Your GP electronic patient record is held securely and confidentially on an electronic system called ‘SystmOne’ managed by the Lodge Surgery. If you require attention from a health professional such as an Emergency Department, Minor Injury Unit or Out Of Hours service, the professionals treating you are better able to give you safe and effective care if relevant information from your GP record is available to them.

We have a practice policy to share in and share out all patients’ medical records within SystmOne with care organisations with whom you are registered and receiving care.

Under the GDPR and DPA 2018, all organisations that process personal data must have in place a legal basis to process this data and an additional legal basis to process special category data (including data concerning health).

We have been advised to use the following by our Data Protection Officer:

Article 6 (1) (e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official duty…’ as an appropriate legal basis for personal data
Article 9 (2) (h) ‘…medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems…’ as an appropriate legal basis for special category data.

We have established a safe no verify list of organisations within Wiltshire with whom we will share your information without requiring a code from the patient. All other healthcare organisations will need to seek permission from the patient to receive an SMS / Email code from the patient before the surgery will allow them access to medical records.

Your permission will be asked before the information is accessed, other than in exceptional circumstances (e.g. emergencies) if the healthcare professional is unable to ask you and this is deemed to be in your best interests (which will then be logged).

Access to patient records through the NHS App

Your health record will also be accessible via the NHS App. Please visit the NHS Digital Access to Patient Records information page for more information: Access to patient records through the NHS App – NHS Transformation Directorate (england.nhs.uk)

You have the right to stop your health record entries being displayed in the NHS App. Please contact your GP should you wish to do so.

How long do we keep your personal information?

We follow the Records Management Code of Practice for Health and Social Care 2016 records retention schedule published by the Information Governance Alliance for the Department of Health which states that electronic patient records should be retained for 10 years from the date of death. At that point, all personal data we hold on you will be securely deleted.

Legal basis

We have been commissioned by the Bath and North East Summerset, Swindon and Wiltshire ICB to provide a GP surgery service and it is necessary for the performance of this task in the public interest for us to process your personal data.

We will use your special categories of personal data, such as that relating to your race, ethnic origin, and health for the purposes of providing you with health or social care or the management of health or social care systems and services. Such processing will only be carried out by a health or social work professional or by another person who owes a duty of confidentiality under legislation or a rule of law.

In some circumstances, we may process your personal information on the basis that:

it is necessary to protect your vital interests;
we are required to do so in order to comply with legal obligations to which we are subject;
we are required to do so for the establishment, exercise or defence of a legal claim;

or

you have given us your explicit consent to do so.

Your rights

You have a right to:

ask for a copy of the information we hold about you;
correct inaccuracies in the information we hold about you
withdraw any consent you have given to the use of your information;
complain to the relevant supervisory authority in any jurisdiction about our use of your information
in some circumstances:
ask us to erase information we hold about you;
request a copy of your personal data in an electronic format and require us to provide this information to a third party;
ask us to restrict the use of information we hold about you; and
object to the use of information we hold about you.

You can exercise these rights by contacting us as detailed below.

Data Protection Officer

Our Data Protection Officer (DPO) is provided by Laura North.

How to contact us

All data protection queries will be initially dealt with by the practice data protection team and escalated to the Data Protection Officer service if required.

If you have any questions about our privacy notice, the personal information we hold about you, or our use of your personal information then please contact our Data Protection Officer at: mg.gp-dpo@nhs.net

If you have concerns or are unhappy about any of our services, please contact the Practice Manager, Marshall Cooper on enquiries.lodgesurgery@nhs.net

How to make a complaint

You also have the right to raise any concerns about how your personal data is being processed by us with the Information Commissioners Office (ICO):

The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF

https://ico.org.uk/concerns 0303 123 1113

Further Information

Further information about the way in which the NHS uses personal information and your rights in that respect can be found here:

The NHS Care Record Guarantee

The NHS Care Record Guarantee for England sets out the rules that govern how patient information is used in the NHS, what control the patient can have over this, the rights individuals have to request copies of their data and how data is protected under Data Protection Legislation.

http://systems.digital.nhs.uk/infogov/links/nhscrg.pdf

The NHS Constitution

The NHS Constitution establishes the principles and values of the NHS in England. It sets out the rights patients, the public and staff are entitled to. These rights cover how patients access health services, the quality of care you’ll receive, the treatments and programmes available to you, confidentiality, information and your right to complain if things go wrong.

https://www.gov.uk/government/publications/the-nhs-constitution-for-england

NHS Digital

NHS Digital collects health information from the records health and social care providers keep about the care and treatment they give, to promote health or support improvements in the delivery of care services in England.

http://content.digital.nhs.uk/article/4963/What-we-collect

Our legal basis for sharing data with NHS Digital

NHS Digital has been legally directed to collect and analyse patient data from all GP practices in England to support the coronavirus response for the duration of the outbreak. NHS Digital will become the controller under the General Data Protection Regulation 2016 (GDPR) of the personal data collected and analysed jointly with the Secretary of State for Health and Social Care, who has directed NHS Digital to collect and analyse this data under the COVID-19 Public Health Directions 2020 (COVID-19 Direction).

All GP practices in England are legally required to share data with NHS Digital for this purpose under the Health and Social Care Act 2012 (2012 Act). More information about this requirement is contained in the data provision notice issued by NHS Digital to GP practices.

Under GDPR our legal basis for sharing this personal data with NHS Digital is Article 6(1)(c) – legal obligation. Our legal basis for sharing personal data relating to health, is Article 9(2)(g) – substantial public interest, for the purposes of NHS Digital exercising its statutory functions under the COVID-19 Direction.

The type of personal data we are sharing with NHS Digital

The data being shared with NHS Digital will include information about patients who are currently registered with a GP practice or who have a date of death on or after 1 November 2019 whose record contains coded information relevant to coronavirus planning and research. The data contains NHS Number, postcode, address, surname, forename, sex, ethnicity, date of birth and date of death for those patients. It will also include coded health data which is held in your GP record such as details of:

diagnoses and findings
medications and other prescribed items
investigations, tests and results
treatments and outcomes
vaccinations and immunisations

How NHS Digital will use and share your data

NHS Digital will analyse the data they collect and securely and lawfully share data with other appropriate organisations, including health and care organisations, bodies engaged in disease surveillance and research organisations for coronavirus response purposes only. These purposes include protecting public health, planning and providing health, social care and public services, identifying coronavirus trends and risks to public health, monitoring and managing the outbreak and carrying out of vital coronavirus research and clinical trials. The British Medical Association, the Royal College of General Practitioners and the National Data Guardian are all supportive of this initiative.

NHS Digital has various legal powers to share data for purposes relating to the coronavirus response. It is also required to share data in certain circumstances set out in the COVID-19 Direction and to share confidential patient information to support the response under a legal notice issued to it by the Secretary of State under the Health Service (Control of Patient Information) Regulations 2002 (COPI Regulations).

Legal notices under the COPI Regulations have also been issued to other health and social care organisations requiring those organisations to process and share confidential patient information to respond to the coronavirus outbreak. Any information used or shared during the outbreak under these legal notices or the COPI Regulations will be limited to the period of the outbreak unless there is another legal basis for organisations to continue to use the information.

Data which is shared by NHS Digital will be subject to robust rules relating to privacy, security and confidentiality and only the minimum amount of data necessary to achieve the coronavirus purpose will be shared. Organisations using your data will also need to have a clear legal basis to do so and will enter into a data sharing agreement with NHS Digital. Information about the data that NHS Digital shares, including who with and for what purpose will be published in the NHS Digital data release register.

For more information about how NHS Digital will use your data please see the NHS Digital Transparency Notice for GP Data for Pandemic Planning and Research (COVID-19).

National Data Opt-Out

The application of the National Data Opt-Out to information shared by NHS Digital will be considered on a case by case basis and may or may not apply depending on the specific purposes for which the data is to be used. This is because during this period of emergency, the National Data Opt-Out will not generally apply where data is used to support the coronavirus outbreak, due to the public interest and legal requirements to share information.

Your rights over your personal data

To read more about the health and care information NHS Digital collects, its legal basis for collecting this information and what choices and rights you have in relation to the processing by NHS Digital of your personal data, see:

the NHS Digital GPES Data for Pandemic Planning and Research (COVID-19) Transparency Notice
the NHS Digital Coronavirus (COVID-19) Response Transparency Notice
the NHS Digital General Transparency Notice
how NHS Digital looks after your health and care information

Changes to our privacy notice

We keep our privacy notice under regular review and we will place any updates on this webpage.

Data Protection

We need to hold personal information about you on our computer systems and in paper records to help us to look after your health needs, and your doctor is responsible for their accuracy and safe-keeping. Please help to keep your record up to date by informing us of any changes to your circumstances.

Doctors and staff in the practice have access to your medical records to enable them to do their jobs. From time to time information may be shared with others involved in your care if it is necessary. Anyone with access to your record is properly trained in confidentiality issues and is governed by both legal and contractual duty to keep your details private.

All information about you is held securely and appropriate safeguards are in place to prevent accidental loss.

In some circumstances we may be required by law to release your details to statutory or other official bodies, for example if a court order is presented, or in the case of public health issues. In other circumstances you may be required to give written consent before information is released – such as for medical reports for insurance or solicitors.

To ensure your privacy, we will not disclose information over the telephone unless we are sure that we are talking to you. Information will not be disclosed to family, friends or spouses unless we have prior written consent, and we do not leave messages with others.

You have a right to see your records if you wish. The easiest way to do this is through your online services account. If you have not registered yet please ask at reception. Your online account gives you access to your records and enables you to book and cancel appointments as well as request repeat prescriptions.

Disabled Access

Outside, there is a disabled parking space in front of the surgery’s main entrance, a ramp and wheelchair access through the main door.

Inside, there is a disabled toilet through the blue waiting room and a stairlift available on the staircase past the blue waiting room.

If you have hearing difficulties please do let us know in order for us to set up an alert on your medical records. We have a portable induction loop for patient use. If you would like to use this, please ask at reception for assistance or send us an email.

Please see our Reasonable Adjustments page for further information.

Equality and Diversity

Contents

1 Introduction 2

1.1 Policy statement 2

1.2 Status 2

1.3 Training and support 2

2 Scope 3

2.1 Who it applies to 3

2.2 Why and how it applies to them 3

3 Definition of terms (where appropriate) 3

3.1 Protected characteristics 3

3.2 Direct discrimination 4

3.3 Indirect discrimination 4

3.4 Harassment 4

3.5 Victimisation 4

4 Guidance 4

4.1 The law 4

4.2 Dealing with discrimination 5

4.3 Equality in recruitment and selection 5

4.4 Monitoring 6

4.5 Educating and promoting equality and diversity 7

1.1 Policy statement

The organisation values the rich diversity, skills and abilities that people from differing backgrounds and experiences bring to the workplace. Implementing and abiding by a policy that provides for diversity and equal opportunities and deters unlawful discrimination is therefore important to this organisation.

Every person working for, or on behalf of, this organisation plays a vital role in implementing its aim to create an inclusive working environment where diversity is welcomed and everyone can work without fear of discrimination.

The purpose of this policy is to set out the aims of the organisation in creating an inclusive working environment, where access to work is based on fair and objective criteria, where there is zero tolerance of unlawful discrimination and clear processes exist in terms of how the organisation supports and works towards its aims.

The organisation also aims to be clear about how it will deal with actions that adversely impact on its stated aims.

A key aspect of creating a diverse workplace, with equal opportunity afforded to all, is the non-toleration of any form of discrimination, direct or indirect, within working arrangements and practices.

1.2 Status

The organisation aims to design and implement policies and procedures that meet the diverse needs of our service and workforce, ensuring that none are placed at a disadvantage over others, in accordance with the Equality Act 2010. Consideration has been given to the impact this policy might have in respect to the individual protected characteristics of those to whom it applies.

This document and any procedures contained within it are non-contractual and may be modified or withdrawn at any time. For the avoidance of doubt, it does not form part of a contract of employment.

1.3 Training and support

The organisation will provide guidance and support to help those to whom it applies understand their rights and responsibilities under this policy. Additional support will be provided to managers and supervisors to enable them to deal more effectively with matters arising from this policy.

2 Scope

2.1 Who it applies to

This document applies to all employees of the organisation, partners and other individuals performing functions in relation to the organisation, such as agency workers, visitors, service users, locums and contractors.

This policy recognises that the diversity that exists across the organisation’s patient groups should be reflected in the way the organisation operates in terms of diversity within its employees. Also, the fair and objective treatment of others should be part of the way the organisation does things.

The organisation will ensure that its working practices – including how such aspects as recruitment and selection, learning and development opportunities, promotion opportunities, pay, benefits and terms of employment, redundancy and dismissal, and disciplinary and grievance matters are addressed– demonstrate its commitment to fairness and equity, equality of opportunity and that it is free from any bias that is founded in unlawful discrimination.

2.2 Why and how it applies to them

Everyone is required to assist the organisation in meeting its commitment to provide equal opportunities and avoid unlawful discrimination in employment and in the provision of its services.

Individuals can be held personally liable as well as, or instead of, the organisation, for any act of unlawful discrimination and those who commit serious acts of harassment may be guilty of a criminal offence.

Acts of discrimination, harassment, bullying or victimisation against employees, patients or others with whom the organisation has contact are disciplinary offences and will be dealt with under the organisation’s disciplinary procedure. Conduct of this type will often be gross misconduct which can lead to dismissal without notice.

3 Definition of terms (where appropriate)

3.1 Protected characteristics

These are the 9 characteristics protected under the Equality Act 2010:

Age
Disability
Gender reassignment
Marriage and civil partnership
Pregnancy and maternity
Race
Religion or belief
Sex
Sexual orientation

3.2 Direct discrimination

Where a person is treated less favourably because of a protected characteristic (as listed above).

3.3 Indirect discrimination

Where the employer applies a practice, requirement or condition which applies equally to all individuals, but which puts someone with a protected characteristic at an unfair disadvantage, unless this can be justified.

3.4 Harassment

Unwanted behaviour linked to a protected characteristic that violates someone’s dignity or creates an offensive environment for them.

3.5 Victimisation

Treating someone unfairly because they have made a complaint about discrimination or harassment.

4 Guidance

4.1 The law

The key legislation that the organisation’s policy relates to is the Equality Act 2010.

It is unlawful to discriminate directly or indirectly in recruitment or employment because of age, disability, sex, gender reassignment, pregnancy and maternity, race (which includes colour, nationality and ethnic or national origins), sexual orientation, religion or belief (which includes ethical veganism as a philosophical belief) or because someone is married or in a civil partnership. These are known as “protected characteristics”.

It can also be unlawful to discriminate unfairly on the grounds of being a fixed term or part time worker, trade union membership and activity or non-membership, political belief and in relation to criminal convictions.

Discrimination after employment can also be unlawful, e.g. refusing to give a reference for a reason related to one of the protected characteristics.

It is generally unlawful to discriminate directly or indirectly, harass or victimise an employee or member of the public based on any of the protected characteristics in relation to their employment or the provision of services or goods. It is unlawful to fail to make reasonable adjustments to overcome barriers to work or in using services caused by disability.

4.2 Dealing with discrimination

Acts of discrimination (direct or indirect), whether intentional or unintentional, undermine the organisation’s aim of creating an inclusive working environment. Therefore, the organisation will take steps to promote diversity and educate everyone to ensure that its work activities and environment do not foster any unfair bias or discrimination. The organisation will also ensure that its processes and procedures are free from unfair bias and that it will act promptly to deal positively with acts that are discriminatory.

The organisation will not tolerate any form of bullying, harassment, victimisation or other behaviour that is founded in discrimination, in line with its bullying, harassment and victimisation policy.

The organisation will fully investigate any complaint of discrimination, harassment, victimisation or bullying or any situation that comes to its attention where there is a concern that discrimination lies within it. The organisation will ensure that the matter is properly dealt through its formal procedures. Any such proven behaviour that amounts to an act of discrimination, directly or indirectly, on the part of an employee will lead to disciplinary action being taken and may result in dismissal for gross misconduct. Any person working as a contractor within the organisation who commits such an act will have their contract for services terminated.

If an employee believes they have been subjected to any form of discrimination or harassment, victimisation or bullying that is founded in discrimination, they should advise their line manager or another senior manager and discuss the matter with them. Their role is to help the employee and to determine an appropriate means of dealing with the issue, which may include making a complaint through the organisation’s grievance procedure.

Where the organisation becomes aware of any indication of the existence of discrimination (or its potential existence), it will act promptly and robustly to establish the true nature of the situation and take appropriate action in line with its commitment to this policy.

4.3 Equality in recruitment and selection

The recruitment and selection process is crucially important to the organisation’s equality and diversity policy. The organisation will endeavour through appropriate training to ensure that employees making selection and recruitment decisions do not discriminate, whether consciously or unconsciously, in making these decisions.

Promotion and advancement will be made on merit and all decisions relating to this will be made within the overall framework and principles of this policy

Job descriptions, where used, will be revised to ensure that they are in line with the organisation’s equal opportunities policy. Job requirements will be reflected accurately in any person specifications

The organisation will adopt a consistent, non-discriminatory approach to the advertising of vacancies

The organisation will not confine its recruitment to areas or media sources which provide only, or mainly, applicants of a particular group

All applicants who apply for jobs with the organisation will receive fair treatment and will be considered solely on their ability to do the job

All employees involved in the recruitment process will periodically review their selection criteria to ensure that they are related to the job requirements and do not unlawfully discriminate

Short listing and interviewing will be carried out by more than one person where possible

Interview questions will be related to the requirements of the job and will not be of a discriminatory nature

Applicants will not be asked about protected characteristics or whether they are married, single or in a civil partnership, or if they have, or plan to have, children

Applicants will not ordinarily be asked about health or disability unless there are necessary requirements of the job that cannot be met with reasonable adjustments, or the organisation is finding out if an applicant needs help to take part in a selection test, or interview

The organisation will not disqualify any applicant because he/she is unable to complete an application form unassisted unless personal completion of the form is a valid test of the standard of English required for the safe and effective performance of the job

Selection decisions will not be influenced by any perceived prejudices of other staff

4.4 Monitoring

The handling of personal data is controlled by the General Data Protection Regulation (GDPR) and associated legislation. GDPR requires the organisation to comply with a number of principles regarding privacy and disclosure when handling equality data (i.e. ‘special categories of data’), including ensuring such data are processed, stored and used for limited purposes, and always in accordance with Article 9 of the GDPR. The GDPR includes measures to ensure that information is processed fairly and seeks to protect individuals’ rights to confidentiality.

Documents including such data will be processed in accordance with the GDPR and data protection legislation and individuals have, on written request, the right of access to personal data held about them.

The organisation will maintain and review the employment records of all employees in order to monitor the progress of this policy.

Monitoring may involve:

The collection and classification of information regarding certain “protected characteristics”, e.g. race, ethnic/national origin, sex, etc. of all applicants and current employees

The examination of this information with regard to the distribution of employees and the success rate of the applicants; and

Recording recruitment, training and promotional records of all employees, the decisions reached and the reason for those decisions

The results of any monitoring procedure will be reviewed at regular intervals to assess the effectiveness of the implementation of this policy. Consideration will be given, if necessary, to adjusting this policy to afford greater equality of opportunities to all applicants and staff.

4.5 Educating and promoting equality and diversity

The organisation will ensure that staff understand how to positively promote diversity and equality in their execution of work activities and by their own attitudes and behaviour.

Everyone must be aware that their actions influence others and therefore being positive about diversity and equality will have a positive influence in the workplace and the wider community that the organisation serves.

Promotion of diversity and equality will be a key consideration as policies, procedures, protocols and processes are developed, implemented, monitored and reviewed. This will ensure that they are free from any unfair discriminatory bias, particularly in the approach to employment (including such areas as recruitment and selection, promotion, pay, benefits and terms of employment, performance review and training and development, redundancy and dismissal, and disciplinary and grievance matters).

It is essential that decisions about all aspects of employment are based on objective criteria and that reasonable adjustments are made to the way the organisation works that encourage, accommodate and facilitate diversity within the organisation.

Staff are required to undergo retraining on this elearning module every 3 years.

GP Net Earnings

NHS England publication of GP Net Earnings 2023/24

All GP practices are required to declare the mean earnings (e.g. average pay) for GPs working to deliver NHS services to patients at each practice.

The average pay for GPs who worked for six months or more in The Lodge Surgery in the last financial year was £73,732 before Tax and National Insurance. This is for 6 part-time GPs.

However, it should be noted that the prescribed method for calculating earning is potentially misleading because it takes no account of how much time doctors spend working in the practice, and should not be used to form any judgment about GP earnings, nor to make any comparison with any other practice.

IT Policy

This practice is committed to preserving, as far as is practical, the security of data used by our information systems. This means that we will take all reasonable actions to:

Maintain the confidentiality of all data within the practice by:

Ensuring that only authorised persons can gain access to our systems
Not disclosing information to anyone who has no right to see it

Maintain the integrity of all data within the practice by:

Taking care over input
Ensuring that all changes are reported and monitored
Checking that the correct record is on the screen before updating
Reporting all apparent errors and ensuring that they are resolved

Maintain the availability of all data by:

Ensuring that all equipment is protected from intruders
Ensuring that backups are taken at regular, predetermined intervals
Ensuring that contingency is provided for possible failure or equipment theft and that any such contingency plans are tested and kept up to date

Additionally we will take all reasonable measures to comply with our legal responsibilities under:

Personal Data

The following IT systems are in use at the practice:

Referral Management (using NHS numbers in referrals)
Electronic Appointment Booking (the facility to book routine appointments online and, similarly, to cancel appointments)
Online requesting of repeat prescriptions
Summary Care Record (uploading details of your current medication and allergies to the national “spine” so that these are available for doctors involved in your care elsewhere)
GP to GP transfers (the electronic transfer of records from practice to practice when you re-register)
Patient Access to records (the facility to view your medical records online)

If you are not already registered for online access and would like to be please complete our online form.

If you would like access to your medical records enabled or would like to opt out of the local or national summary care record, please contact reception.

Social Media Zero Tolerance Policy

The Lodge Surgery has a Zero Tolerance policy in place with regards to our patients’ social media activity.

Comments on social media which bring the surgery or staff into question may be viewed as a potential breakdown in the doctor – patient relationship and may result in the individual being removed from our list. We welcome all feedback, positive or negative in nature, as it gives us the opportunity to review the services that we provide and, where necessary, make changes or improvements.

We ask that rather than posting derogatory or hurtful comments about the practice or any of our staff, please speak to the Practice Manager about your concerns and give us the opportunity to address the problem. Posting derogatory, hurtful or offensive comments online not only causes unwarranted distress to our staff but it may cause other patients to delay or dissuade them from presenting to the surgery to receive medical treatment.

PLEASE CONSIDER THE IMPACT OF YOUR ONLINE ACTIVITY BEFORE YOU POST A COMMENT.

Summary Care Record

Your patient record is held securely and confidentially on the electronic system at your GP practice. If you require treatment in another NHS healthcare setting such as an Emergency Department or Minor Injury Unit, those treating you would be better able to give you appropriate care if some of the information from the GP practice were available to them.

This information can now be shared electronically via the Summary Care Record (SCR) used nationally across England.

The information will be used only by authorised health care professionals directly involved in your care. Your permission will be asked before the information is accessed, unless the clinician is unable to ask you and there is a clinical reason for access.

If you would like to opt out, please ask reception for our opt out form.

A parent or guardian can request to opt out children under 16 but ultimately it is the GP’s decision whether to create the records or not, because of their duty of care to the child. If you are the parent or guardian of a child under 16 and feel that they are able to understand, then you should make this information available to them.

Who Has Access?

All health care settings including urgent care, community care and outpatient departments in England.

Information Source

GP record

Content

Your current medications
Any allergies you have
Any negative reactions you have had to medicines
Additional information (upon request to your GP)

For more information visit:

www.digital.nhs.uk

Zero Tolerance

GPs and their staff have a right to care for others without fear of being attacked or abused.

To successfully provide these services a mutual respect between all the staff and patients has to be in place. All our staff aim to be polite, helpful, and sensitive to all patients’ individual needs and circumstances.

We understand that ill patients do not always act in a reasonable manner and will take this into consideration when trying to deal with a misunderstanding or complaint.

However, aggressive behaviour, be it violent or abusive, will not be tolerated and may result in you being removed from the practice list and, in extreme cases, the police being contacted. This policy applies to patients, visitors and staff.

The following types of behaviour are unacceptable:

Using bad language or swearing at practice staff
Any physical violence towards any member of staff or other patients, such as pushing or shoving
Verbal abuse towards the staff in any form including verbally insulting the staff
Racial abuse and sexual harassment will not be tolerated within this practice
Persistent or unrealistic demands that cause stress to staff will not be accepted. Requests will be met wherever possible and explanations given when they cannot
Causing damage/stealing from the Practice’s premises, staff or patients
Obtaining drugs and/or medical services fraudulently

Patients can be removed from the practice list for the following reasons:

Violence:

When a patient is physically violent or threatening towards a doctor, practice staff or other patients on the practice premises.
Causes physical damage to practice premises or other patient’s property.
Gives verbal abuse or makes threats towards the doctor, practice staff or other patients.
Gives racist abuse, orally or physically.
Is violent or uses or condones threatening behaviour to doctors (or some other members of the primary health care team) while visiting the patient’s home. Such behaviour may involve the patient, a relative, a household member, or pets (such as unchained dogs).
Any incident involving violence, crime or deception should be reported to the practice manager, who will discuss the circumstances with the partners. This should also be reported to the police and a note made of the incident number.
A request for the immediate removal of patient from practice list can be emailed to PCSE.

Crime & Deception

Where a patient fraudulently obtains drugs for non-medical reasons.
Deliberately lies to the doctor or other member of the primary health care team (e.g. by giving a false name or false medical history) in order to obtain a service or benefit by deception.
Attempts to use the doctor to conceal or aid any criminal activity.
Steals from practice premises.

Distance

Where a patient has moved out of the designated practice outer boundary and has failed to register with another GP.

Embarkation

Where a patient has moved abroad for a period of 3 months of more

Failure to attend pre-booked appointments

Where a patient fails to attend pre-booked appointments on several occasions during a given period

Irretrievable Breakdown of the Doctor-Patient Relationship

Where a patient’s behaviour falls outside of that which is normally considered reasonable and leads to an irretrievable breakdown of the doctor-patient relationship

Distance

On notification that the patient is no longer living within the practice boundary, a letter will be sent to the patient advising of the need to re-register within the next 30 days.

If the patient has not re-registered, or contacted the surgery with a reasonable explanation, within the 30 day period, they will be removed from the practice list.

Embarkation

On notification that the patient has moved abroad the patient will be removed from the practice list within 3 months of that notification.

Failure to attend pre-booked appointments

If a patient fails to attend a pre-booked appointment on more than one occasion in the last year, a DNA letter should be sent to the patient, advising them that a further occurrence could risk removal from the practice.

Guidance on removing patients due to irretrievable breakdown of the doctor- patient relationship

Occasionally patients persistently act inconsiderately and their behaviour falls outside that which is normally considered to be reasonable. In such circumstances there may be a complete breakdown in the doctor-patient relationship.

Steps to be taken within the practice

Inform all appropriate members of the practice about the problem.
The patient and possible reasons for the patient’s behaviour (e.g. disagreeableness, cultural differences, mental illness, personality disorder) will be discussed at a Practice Meeting

Steps to be taken with the patient

Inform the patient, either personally or in writing, that there is a problem
Explain the nature of the problem to the patient
Obtain the patient’s perspective and interpretation of the situation.
Obtain advice of a Medical Defence Society.

Steps to be taken if discussion fails to resolve the problem

Suggest that another GP within the practice might better fit with the patient’s needs and expectations.

Steps to be taken in removing the patient

Inform PCSE of this decision by completing the 8 day removal request form
Inform the patient in writing of the decision and the reason for removal from the list.
Explain to the patient that he or she will not be left without a GP.
Give the patient information on how to begin the process of registering with another GP.

Family Members

When a decision is made to remove a patient from the practice list, the removal may well be extended to other members of the family or household.
The practice manager will write to the family / household offering an explanation for the removal. They will be allowed 4 weeks to re-register rather than being removed from the practice list immediately.

The following behaviours (defined and explained in Appendix A) will not be tolerated and all members of the Lodge surgery are encouraged to speak up if they witness any of the following, the procedure is defined in our whistleblowing policy.

Sexism

Actions based on the belief that the members of one sex are less intelligent, able, skilful, etc. than the members of the other sex, especially that women are less able than men.

Misogyny

The expression of a dislike of, a contempt for, or ingrained prejudice against women. This manifests in numerous ways, including social exclusion, sex discrimination, hostility, androcentrism, patriarchy, male privilege, belittling of women, disenfranchisement of women, violence against women and sexual objectification.

Direct Discrimination

This means treating one person worse than another person because of a protected characteristic. It may be conscious or unconscious, cannot be justified in law, and the motive for the less favourable treatment is irrelevant. (For example, a promotion comes up at work and the employer believes that people’s memories get worse as they get older so doesn’t tell one of his older employees about it, because he thinks the employee wouldn’t be able to do the job).

Indirect Discrimination

This can happen when an organisation puts a rule or a policy or a way of doing things in place which has a worse impact on someone with a protected characteristic than someone without one. (For example, a local authority is planning to redevelop some of its housing. It decides to hold consultation events in the evening. Many of the female residents complain that they cannot attend these meetings because of childcare responsibilities).

Sexual Harassment

Is defined in s26 of the Equality Act, but the essence of sexual harassment is that (i) the conduct is of a sexual nature and (ii) the conduct is unwanted. It has the purpose or effect of violating the dignity of a worker, or creating an intimidating, hostile, degrading, humiliating or offensive environment for them. Something can still be considered sexual harassment even if the alleged harasser did not mean for it to be. It also does not have to be intentionally directed at a specific person.

Victimisation

This occurs when someone is treated unfairly (e.g. dismissed) because they are taking action under the Equality Act or supporting someone else who is doing so.

Protected characteristics

There are nine protected characteristics defined under the Equality Act 2010:

Age
Disability
Gender reassignment
Marriage and civil partnership
Pregnancy and maternity
Race
Religion or belief
Sex
Sexual orientation

Workplace Bullying

This is defined as behaviour attempted to undermine an individual or group of employees.

ACAS defines bullying and harassment together as: ‘offensive, intimidating, malicious or insulting behaviour, an abuse or misuse of power through means intended to undermine, humiliate, denigrate, or injure the recipient. Bullying or harassment may be by an individual (perhaps by someone in a position of authority such as a manager or supervisor) or involve groups of people. It may be obvious or insidious, persistent, or isolated. It can also occur in written communications, by phone or through email, not just face-to-face. Whatever form it takes, it is unwarranted and unwelcome to the individual.’

There are 5 recognised categories of bullying behaviour

Threat to professional status (belittling, public humiliation, accusation of lack of effort)
Threat to personal standing (name calling, insulting, teasing)
Isolation (preventing access to opportunities e.g. training, withholding information)
Overwork (e.g. impossible deadlines)
Destabilisation (failure to give credit, meaningless tasks, shifting the goalposts).

The Partners at the Lodge Surgery re-affirm their commitment to do everything possible to protect staff, patients, and visitors from unacceptable behaviour and their zero tolerance of any incident that causes hurt, alarm damage or distress.

Practice Policies & Patient Information

Help us improve our website content. How helpful did you find this page?

Thank you for your feedback.