Skip to main content

Patient's Prevacy Notice

Last Updated: Wednesday, 04 June 2025

Patient Privacy Notice

 

Stoneycroft Medical Centre is committed to protecting the privacy and security of your personal information and to meeting its data protection obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This is a short-form version of the Practice’s Patient Privacy Notice, our detailed Patient Privacy Notice is available on request from Reception or via our Practice website - Stoneycroft Medical Centre -

Why does the Practice need your Information?

Stoneycroft Medical Centre keeps records about your health and treatment to ensure the care you receive is effective, of good quality and meets your needs. Whilst the Practice receives information from you when you come into contact with us, we also receive information about you from other individuals or organisations, such as hospitals or community services, when you receive treatment from them. The Practice needs enough information to be able to provide you with appropriate healthcare services.

What personal information do we collect about you?

The Practice keeps data on you relating to who you are, where you live, what you do, your family, your emergency contacts, possibly your friends, your employers, your habits, organisations involved in your care, your symptoms, problems and diagnoses, the reasons you seek help, your appointments, where, when and by whom you are seen, referrals to other health and social care providers, tests carried out both by the Practice and in other places, investigations and scans, treatments and outcomes of treatments, your medical treatment history, the observations and opinions of other healthcare workers, within and outside the NHS, as well as comments and reminders reasonably made by health and social care professionals in the Practice who are appropriately involved in your health care.

Please note that all incoming and outgoing telephone calls to and from the Practice may be recorded for training, monitoring, and quality assurance purposes.

Our lawful basis for processing your information

Under the National Health Service Act 2006 and the Health and Social Care Act 2012, Stoneycroft Medical Centre is required by law to process your personal data in order to provide you with direct care. Under UK General Data Protection Regulation (UK GDPR) the processing of your personal data and sensitive information is necessary under:

·         UK GDPR Article 6(1)(e) “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.”

 

  • UK GDPR Article 9(2)(h) “processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services….”

 

Stoneycroft Medical Centre will process your information for other purposes under different lawful bases, these are listed in full on our detailed Patient Privacy Notice.

Our Data Protection Officer

The Practice’s Data Protection Officer (DPO) is Head of Information Governance, NHS Informatics Merseyside, Information Governance Team, Hollins Park, Winwick, Warrington, WA2 8WA - DPO.IM@imerseyside.nhs.uk