Accurx’s privacy notice can be found on their website here: Accurx - Privacy Policy

OpenSAFELY Secure COVID-19 Research Platform
As part of ongoing efforts to improve healthcare through research, this practice is participating in the expansion of the NHS OpenSAFELY Data Analytics Service. This secure platform enables approved researchers to analyse pseudonymised patient data to better understand health conditions, treatments, and service demands—building on its success during the COVID-19 pandemic. Importantly, your identifiable information (such as name, NHS number, and address) is removed or replaced with generalised markers before any analysis. No data leaves your GP’s IT system; instead, research code is securely run within the system itself, and only anonymous, aggregated results are shared. This ensures your privacy is protected while supporting vital public health research.  These Directions are for a time limited pilot until 31 March 2027.   For further information please refer to:- NHS OpenSAFELY Data Analytics Service Pilot Directions 2025 - NHS England Digital and IG frequently asked questions (FAQs) - Information governance - NHS Transformation Directorate

 Opt-outs

You have a right to object to your information being shared. Should you wish to opt out of data collection, please contact a member of staff who will be able to explain how you can opt out and prevent the sharing of your information; this is done by registering a Type 1 opt-out, preventing your information from being shared outside this practice.

 Accessing your records

You have a right to access the information we hold about you, and if you would like to access this information, you will need to request a Subject Access Request verbally or complete a Subject Access Request (SAR) form. Furthermore, should you identify any inaccuracies; you have a right to have the inaccurate data corrected.

The Law gives you certain rights about your personal and healthcare information that we hold, these are:

◦    The right to be informed

◦    The right of access

◦    The right to rectification

◦    The right to erasure

◦    The right to restrict processing

◦    The right to data portability

◦    The right to object

◦    Rights in relation to automated decision making and profiling.

Our Website

Privacy notice only applies to the practice. For links to any other website, please read their Privacy Notice. WE TAKE NO RESPONSIBILITY for content of other websites.

 Cookies

The Practice’s website uses cookies. For more information on which cookies our website uses and how they are used please go to: https://www.chelmermedpartnership.co.uk/cookie-policy/

 Retention of data

In line with the most current NHS Digital Records Management Code of Practice for Health and Social Care, we will retain/store your health record for as long as necessary to provide the services set out in this Privacy Notice. If you move away and register with another practice, we will send your paper records to the Primary Care Support England who will forward on to the new practice in accordance with NHS guidelines. Your electronic records will be transferred via GP2GP, a secure electronic system. For further information, please contact the practice. For information about this please see our retention schedule NHS Codes of Practice for Records Management: https://digital.nhs.uk/data-and-information/looking-after-information/data-security-and-information-governance/codes-of-practice-for-handling-information-in-health-and-care/records-management-code-of-practice-for-health-and-social-care-2016

 WiFi

Chelmer Medical Partnership provides free NHS publicly accessible Wi-Fi. The service has been kindly provided by Mid Essex ICS. Use of the Wi-Fi service is conditional, and by making use of the Wi-Fi provided, you are indicating your agreement to the terms.

 What to do if you have any questions

It is important to us that you are informed about how we use the information we hold about you. Should you have any questions about our privacy policy or the information we hold about you, you can:

◦    Ask to speak to a Site Lead

◦   If you have a complaint, please contact a Site Lead who will advise you of what steps to take next.

Childrens Privacy Notice

What is a privacy notice?

A privacy notice helps us to tell you how we use the information we have about you, like your name, address, and all of the notes in your healthcare record.

 Why do we need one?

We need a privacy notice to make sure we meet the legal requirements which are written in a new document called the General Data Protection Regulation (GDPR).

 What is GDPR?

GDPR is a document that helps us keep the information about you secure.  It was introduced on the 25th May 2018, making sure that your doctor, nurse, and any other staff at the practice follow the rules and keeps your information safe.

 What information do we collect about you?

We only collect the information we need to help us keep you healthy – such as your name, address, information about your parents or guardians, records of appointments, visits, telephone calls, your health record, treatment and medicines, test results, X-rays, and any other information to enable us to care for you.

 How do we use your information?

Your information is taken to help us provide your care.  But we might need to share this information with other medical teams, such as hospitals, if you need to be seen by a special doctor or sent for an X-ray.  We may be asked to help with exciting medical research; but don’t worry, we will ask you, or your parents or adults with parental responsibility, if it’s okay to share your information.

 How do we keep your information private?

We know that it is very important to protect the information we have about you.  We make sure we follow rules that are written in the GDPR and other important rule books.

 Third Party Data Processor

We use a processor, iGPR Technologies Limited (“iGPR”), to assist us with responding to report requests relating to your patient data, such as subject access requests that you submit to us (or that someone acting on your behalf submits to us) and report requests that insurers submit to us under the Access to Medical Records Act 1988 in relation to a life insurance policy that you hold or that you are applying for. iGPR manages the reporting process for us by reviewing and responding to requests in accordance with our instructions and all applicable laws, including UK data protection laws. The instructions we issue to iGPR include general instructions on responding to requests and specific instructions on issues that will require further consultation with the GP responsible for your care.

Accurx is approved by NHS England to be used by GP practices and the other systems involved in patient care. NHS England has a lengthy assurance process to make sure they meet the highest standards of safety and security. Your data is safe and is shared only with your GP Practice for the purposes of your direct care. Your data is stored and sent securely using industry best practices, and Accurx only collect the data that is necessary to allow your GP Practice to provide you with care.

The Practice uses the following Accurx features:

• SMS, Friends and Family test, online consultations, video consultations, AccuMail and Record Views

Accurx’s privacy notice can be found on their website here: Accurx - Privacy Policy

OpenSAFELY Secure COVID-19 Research Platform
As part of ongoing efforts to improve healthcare through research, this practice is participating in the expansion of the NHS OpenSAFELY Data Analytics Service. This secure platform enables approved researchers to analyse pseudonymised patient data to better understand health conditions, treatments, and service demands—building on its success during the COVID-19 pandemic. Importantly, your identifiable information (such as name, NHS number, and address) is removed or replaced with generalised markers before any analysis. No data leaves your GP’s IT system; instead, research code is securely run within the system itself, and only anonymous, aggregated results are shared. This ensures your privacy is protected while supporting vital public health research.  These Directions are for a time limited pilot until 31 March 2027.   For further information please refer to:- NHS OpenSAFELY Data Analytics Service Pilot Directions 2025 - NHS England Digital and IG frequently asked questions (FAQs) - Information governance - NHS Transformation Directorate

 Don’t want to share?

All of our patients, no matter what their age, can say that they don’t want to share their information.  If you are under 13 this is something which your parents or adults with parental responsibility will have to decide.  They can get more information from a member of staff at the surgery, who can also explain what this means to you.

 How do I access my records?

If you want to see what is written about you, you have a right to access the information we hold about you, but you will need you will need to request a Subject Access Request verbally or complete a Subject Access Request (SAR) form.  Your parents or adults with parental responsibility will do this on your behalf if you are under 13.  But if are over 13, you may be classed as being competent and you may be able to do this yourself.  Please write into the Practice to request this and you will be given further information on how this process works, (or ask your parents or adults with parental responsibility to do so).

What do I do if I have a question?

If you have any questions, ask a member of the surgery team or your parents or adults with parental responsibility. 

What to do if you are not happy about how we manage your information

We really want to make sure you are happy, but we understand that sometimes things can go wrong.  If you or your parents or adults with parental responsibility are unhappy with any part of our data processing methods, you can speak to a Site Lead.