GDPR

 

Our Responsibilities at Kingsford Medical 

Fair Obtaining and Purpose specification:

Medical Records, Data Protection

A General Practice is a trusted community governed by an ethic of privacy and confidentiality.

In order to provide for your care, we need to collect and keep information about you and your health in your personal medical record.

Our policies are consistent with the Irish Medical Council guidelines and the privacy principles of the Data Protection Regulations.

This practice has adopted the requirements of 'Processing of Patient Personal Data: A Guideline for General Practitioners'.

For further details please ask at reception for a copy of our Private Privacy Statement or access the Guideline at: https://www.icgp.ie/go/in_the_practice/data_protection

At time of registration, personal details requested:

  • Name: Identification purposes

  • DOB: Identification purposes

  • Address: Contact details and identification purposes

  • Telephone number: Contact details

  • Email: contact details

  • PPS: Cervical Check, HSE claiming on certain procedures and vaccinations via PCRS portal

  • Private Insurance:  Claiming on minor surgery procedures performed at Kingsford Medical

  • Next of Kin: In case of emergency

  • Medical History: Needed for consultation purposes and to provide you with the best level of care

  • Consultations: Medical issues disclosed to doctors/practitioners/nurses and other relevant people

Please note that we may contact you by email or SMS messaging. Please opt out at reception in writing or by email (info@kingsfordmedical.ie)

Data may be disclosed to third parties:

  • Referrals to: Consultants, Radiology, Physiotherapy, and other parties involved in your treatment

  • Claiming for procedures: private health insurance, HSE/PCRS, Cervical Check, Social welfare, Garda Medical, and other parties aware to you

  • Pharmacies: prescriptions may be emailed

  • Solicitors: If requested by patients. Please be aware that a consent request by your solicitor under the FOI or GDPR, will grant you solicitor access to all medical records

  • Laboratories: MedLab, CUH, SIVUH, MUH and others if needed

  • Social Services

At Kingsford Medical, we do not make use of your personal data for secondary reasons and we are fully registered with the Data Protection Commissioner.

All our data protection practices are open and transparent, Please enquire at reception or by email (info@kingsfordmedical.ie) for further information or clarification.

Please update us on your preferences to the data we hold on you and feel free to request personal data be deleted at any time.  Please understand that medical records cannot be deleted for medico-legal reasons and to give you a safe and professional service.

Use and disclosure of information:

Personal data held at Kingsford Medical, will not be used or accessed outside its intended use of caring for you.

Staff are trained and aware of the rules on how to handle your personal data for its intended use. In addition to this all staff at Kingsford Medical have signed a nondisclosure agreement. Non-medical staff will have access to your medical records for administrative purposes.

By registering at Kingsford Medical and visiting availing of the services provided we assume that you would be aware of how your personal data is used and when it might be shared by third parties as mentioned above.

Security:

Security of your personal data is a priority to us.

We mainly use the Socrates consultation management system, but may sometimes use other such systems that are GDPR compliant.

Your personal data is password protected and encrypted on our computers, running on an internal server.

A back up is stored on Keep It Safe, a well recognized and GDPR compliant online provider.

IT provider: Inventise Business Solutions – GDPR compliant and a well recognized Dublin company.

How is data transferred to third parties?

A secure email known as Healthmail which is part of HSE IT systems.

An online referral system for transferring referrals and receiving radiological and laboratory results known as Healthlink. It is associated with health mail and part of the HSE.

National postal system

Please be aware that the Healthmail and Healthlink systems are independently confirmed by the Health Service Executive as being fully secure as far as the IT security of the HSE can be guaranteed.

The security, storage and processing of medical data sent to consultants and third parties would be subject to their own privacy policies.

It is your responsibility to make sure your contact details are up to date at Kingsford Medical.  Please inform Kingsford Medical of any changes to your contact details for them to be amended on your file.

We may make contact with you via SMS or email. Please opt out at reception if you do not agree to being contacted by one or both platforms.

Pitfalls/disturbance to services:

Personal data (letters, prescriptions) can only be given to the named patient. Family members/friends may not collect on their behalf, unless prior written notification/consent given to Kingsford Medical.

Personal emails are considered not secure under GDPR, due to this, we will not be able to email you results or other personal data.

Adequate, relevant and not excessive:

All your information collected at Kingsford Medical is collected for the purpose of caring for you to the highest standard and to allow Kingsford Medical claim for services funded by the HSE and other relevant health bodies.

If you would like any data such as PPS, Private Insurance details removed from your file, then please notify management. We hold on to such data to streamline your care with regards to specific services and avoid delay.

Accurate and up-to-date:

We aim to maintain your data up to date. Please help us keep your data secure by keeping your contact details up to date.

Medical records may be amended on receipt of OPD and discharge letters from secondary care.