Updated Policy Statement (GDPR)
This General Practice is in partnership with Centric Health and wants to ensure the highest standard of medical care for our patients. We understand that a General Practice is a trusted community governed by an ethic of privacy and confidentiality. Our practices conform to the Medical Council guidelines and the privacy principles of the Data Protection Legislation. This Privacy Statement is about making your consent meaningful by advising you of our policies and practices on dealing with your medical information.
The purpose of this Website Privacy Statement is to outline how we deal with any information you provide to us while visiting our website - www.centricgp.ie.
Any external links to other websites are clearly identifiable as such, and we are not responsible for the content or the privacy policies of these other websites.
Managing your information
- To provide for your care we need to collect and keep information about you and your health on our records.
- Upon receipt of a signed Registration Form we use this data to communicate with you in the interests of your own healthcare but will not forward it to anyone else without your express consent. With your consent we can send you appointment reminders and test results.
- We may also contact you regarding relevant information or services to assist you in your healthcare needs such as ECG, 24hr Blood Pressure Monitoring, flu vaccines or medical assessments.
- We retain your information securely using digital technology however we do not Process or transfer any Data outside the European Economic Area (“EEA”).
- We will only ask for and keep information that is necessary. We will attempt to keep it as accurate and up to-date as possible. We will explain the need for any information we ask for if you are not sure why it is needed.
- Please advise us if it has been longer than 5 years since you attended this Practice so we can retrieve your medical record. Unless you have asked us to delete your record we mark your record as ‘In-Active’ which means your record is electronically archived but not visible.
- Please inform us about any relevant changes that we should know about, such as change of address, phone numbers and family circumstances, any new treatments or investigations being carried out that we are not aware of. For all contact information see: https://www.centricgp.ie/contact-us/.
- All persons in the practice (not already covered by a professional confidentiality code) sign a confidentiality agreement that explicitly makes clear their duties in relation to personal health information and the consequences of breaching that duty.
- Access to patient records is regulated to ensure that they are used only to the extent necessary to enable the Clinicians and or Admin team to perform their tasks for the proper functioning of the practice. In this regard, patients should understand that practice staff may have access to their records for:
- Identifying and printing repeat prescriptions for patients. These are then reviewed and signed by the GP.
- Generating a social welfare certificate for the patient.
- Typing referral letters to hospital consultants or allied health professionals such as physiotherapists, occupational therapists, psychologists and dieticians.
- Opening letters from hospitals and consultants. The letters could be appended to a patient’s paper file or scanned into their electronic patient record.
- Scanning clinical letters, radiology reports and any other documents not available in electronic format.
- Dealing with patient complaints.
- Downloading laboratory results and Out of Hours Coop reports and performing integration of these results into the electronic patient record.
- Photocopying or printing documents for referral to consultants, attending an antenatal clinic or when a patient is changing GP.
- Checking for a patient if a hospital or consultant letter is back or if a laboratory or radiology result is back, in order to schedule a conversation with the GP.
- When a patient makes contact with a practice, checking if they are due for any preventative services, such as vaccination, ante natal visit, contraceptive pill check, cervical smear test, etc.
- Handling, printing, photocopying and postage of medico legal and life assurance reports, and of associated documents.
Consent for Minors
Where we are required to gather the personal information of a minor (defined as a person aged under 18 years of age*), we will require the attendance and consent of a parent or guardian, and will only acquire and store such data with their permission, as well as the awareness of the minor themselves.
* In the medical area, the Non-Fatal Offences Against the Person Act, 1997 (Section 23) provides that a minor who has reached the age of 16 can give consent to medical treatment and/or processing of their medical data.
Where the parents of the minor are not in a position to provide such consent, the support of a recognized body will act ‘in loco parentis’ – for example the family GP, school principal, social worker or Gardai will be consulted in order to ensure that any such processing of personal data is being done in the vital interests of the minor. As much as possible, the minor will be made aware of the processing activity and its purposes.
Disclosure of information to other health and social professionals
- We may need to pass some of this information to other health and social care professionals to provide you with the treatment and services you need. Only the relevant part of your record will be released. These other professionals are also legally bound to treat your information with the same duty of care and confidence that we do.
Disclosures Required or Permitted Under Law
The law provides that in certain instances personal information (including health information) can be disclosed in the following circumstances:
- Infectious diseases Under Health Act 1947 and 1953 plus amendments and Infectious Diseases Regs 1981 plus amendment Regs 2016, there is a list of diseases we are obliged to report e.g. Measles, Anthrax, Lyme, Zika. For a full list please see www.hspc.ie/notifiablediseases
- Work related Medical Certificates from your GP will only provide a confirmation that you are unfit for work with an indication of when you will be fit to resume work. Where it is considered necessary to provide additional information we will discuss that with you. However, Social Welfare Certificates of Incapacity for work must include the medical reason you are unfit to work.
Disclosures to insurance companies or requests made by solicitors for your records - we will only release the information with your signed consent.
Data Retention Periods
For clarity, our data retention policies adhere to the Data Protection Legislation including Article 5 guidelines on (GDPR) General Privacy Data Regulations effective from 25th May 2018.
For existing Patients whose records are dormant, their records will be retained and marked ‘in-active’ as an electronic archive after  years. For a comprehensive description of our retention Principles please reference: https://www.hiqa.ie/system/files/Guidance-on-information-governance.pdf
Use of Anonymised information for training, teaching and quality assurance
- To provide the highest level of care to the patient, Clinical staff may access clinical information for training, audit or consultation. This may be regarding Patient Case Histories or Patients with specific conditions and in such cases this practice would only communicate the information necessary.
- Our practice is involved in the clinical training of Undergraduate and Postgraduate health professionals GPs and is affiliated with University Clinical Schools and the Irish College of General Practitioners.
Use of Anonymised information for research, audit and quality assurance
- We maintain and improve the quality of the patient service provided by training, teaching, audit and research.
- It is usual for patient information to be used for these purposes to improve services and standards of practice.
- GPs on the specialist GP register of the Medical Council are now required to perform audits. Information used for such purposes is done in an anonymous manner with all personal identifying information removed.
Right to Rectification
- You have the right to have your information corrected, erased, restricted to specified individuals or object to it being processed. For clarity, this process is outlined on the Centric Health Website in the section on Privacy and Subject Access Requests.
Your right of access to your health information
- You have the right of access to all the personal information held about you by this practice. If you wish to see your records in most cases it is the quickest to discuss this with your doctor who will outline the information in the record with you. You can make a formal written access request to the practice and the matter can be dealt with formally within 30 days.
Transferring to another practice
- If you decide at any time and for whatever reason to transfer to another practice we will facilitate that decision by making available to your new doctor a copy of your records on receipt of your signed consent from your new doctor. For medico-legal reasons we will also retain a copy of your records in this practice for an appropriate period of time which may exceed eight years. However, we mark your medical record ‘in-active’ and therefore it is ‘archived’ and not visible to the GP Practice team.
We hope this statement has explained any issues that might arise. If you have any queries about this Privacy Statement, please email DPO@Centrichealth.ie.