This privacy notice tells you what to expect when you, and sometimes others, provide your personal information to us. It sets out what information we collect about you and why we collect it, how the information may be used, who it may be shared with and how we will protect it and keep it confidential.
The notice explains what rights you have to control how we use your information, our legal basis for processing it and how you can access it. We also explain who to contact if you have any questions and how to contact them.
The Practice Of Health is the Data Controller for the personal information we process, unless otherwise stated. There are many ways you can contact the Practice, including by phone, email, and post.
The practice Data Protection Officer is DHCW DPO Service. DPO Support Service; Digital Health and Care Wales (DHCW).
The surgery recognises that your personal data is very valuable, and so we take its security very seriously. We employ robust technical measures to secure your personal data and access to it is restricted to people who have a need to process it in line with their work.
All practice staff are bound by contracts which include clear responsibilities in relation to confidentiality. All of our non-medical staff have the same duty of confidentiality as healthcare professionals such as Doctors and Nurses.
All of our staff must attend training in what we call Information Governance. Amongst other things, this training makes them understand the importance of confidentiality and security of your personal data and makes clear that they are personally responsible for the security of any information which they are processing. They must attend this training at least once every two years and must pass a test to demonstrate that they have understood it. The expectations we have on our staff are set out in the Information Governance Policy. Failing to comply with this policy is a disciplinary offence.