What is GDPR?
The GDPR replaces the Data Protection Directive 95/46/EC and is designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way in which organisations across the region approach data privacy. The GPDR comes into effect on 25 May 2018
How do we use your information?
Your data is collected for the purpose of providing direct patient care; however, we can disclose this information if it is required by law, if you give consent or if it is justified in the public interest. The practice may be requested to support research; however, we will always gain your consent before sharing your information with medical research databases when the law allows. NHS Wales also uses relevant information about your health to help improve NHS Wales’ services and public health. Information will only be used or passed on to others involved in your care if they need it. Whenever your information is used for your care, it will be handled in the strictest confidence. NHS Wales will not normally disclose your personal information without your consent, unless it is in your best interests or required by law. Processing your information in this way and obtaining your consent ensures that we comply with Articles 6(1)(c), 6(1)(e) and 9(2)(h) of the GDPR.
To read our privacy statement please follow this link an updated to our privacy statement due to Covid 19 can also be found here
Patients taking Warfarin
In addition if you one of our registered patients who is currently taking Warfarin. You have regular tests in the practice and we enter your data on our computer system to dose and record your results using INR* Software. As Data Controllers for data held for you in our INR* Anticoagulation Management system, we need to inform you that this data is being transferred to a more secure network on Friday 30th July 2021. This change will not affect the management of your INR monitoring, please keep all future planned appointments. INRstar is planning to move data from one location to another, remaining within the UK. This move aligns with the NHS Architectural principle of Public Cloud First, to improve security, reliability, and increase system performance at peak times. Enabling the provision of a robust service for clinicians and patients whilst providing confidence that the data held is safe and secure. During this move, the data will remain in the UK in a UK Government approved data centre.
 NHS Direct Wales