Data Protection

Our website and information governance processes were compliant with the regulations under the Data Protection Act (DPA) which was superseded by the General Data Protection Regulations (GDPR) in  March 2018. We have reviewed our processes in the light of the new GDPR and updated those areas which required us to tell our patients in more detail about how we process personal data to undertake our business of providing healthcare services to our patients.

We have published this information in three sections - our Website Information and Privacy notice - including the use of cookies - a separate section on your Medical Records and how to access - and our GDPR Notices

For more information please click on the relevant link below


General Data Protection Regulations

The GDPR requires practices to process data ‘fairly’ and in a ‘transparent manner’ which is ‘easily accessible and easy to understand’. This means that practices must provide information to patients about how the practice processes patient data in the form of ‘practice privacy notices’.

Privacy Notice

How we use your medical records - Important information for patients


  • This practice handles medical records in-line with laws on data protection and confidentiality

  • We share medical records with those who are involved in providing you with care and treatment. 

  • In some circumstances we will also share medical records for medical research, for example to find out more about why people get ill. 

  • We share information when the law requires us to do so, for example, to prevent infectious diseases from spreading or to check the care being provided to you is safe.  

  • You have the right to be given access to your medical record

  • You have the right to object to your medical records being shared with those who provide you with care. 

  • You have the right to object to your information being used for medical research and to plan health services.  

  • You have the right to have any mistakes corrected and to complain to the Information Commissioner’s Office. 


Fuller details and explanations about how your information is used to provide healthcare is explained on the GDPR webpage