Privacy Policy

The practice complies with the 5 Principles of GDPR 2018 in its processing of personal data.

The practice is registered with the Information Commissioner

Registration No. Z7044815

The practice has an up to date Freedom on Information Act Statement and this is available to patients

A practice policy notice on handling patient data and this is available to patients

John Davidson is responsible for procedures relating to confidentiality and data management. 

What information we hold and how we hold it

Patient Data
Home Number
Mobile Number
Work Number
Clinical Records including images
Bank Details if applicable

How we protect this information

All practice staff have a confidentiality clause within their contracts.

All personal information contained on practice records, whether paper or electronic, is considered confidential.

Personal data is checked at each practice visit to ensure it is up to date

We will not discuss your personal information with anyone other than you or, if you are under 16 and not Gillick competent, your parent or guardian without your permission.

Care is taken that records are not seen by other people in the practice

All staff are aware of the importance of ensuring and maintaining the confidentiality of patients’ personal data and that such data must be processed and stored in a secure manner.

All electronic data is protected by suitable back-up procedures and any on-line backup uses a service, which encrypts the data securely before transmitting it from the practice PC.

When computers are replaced, old hard drives are securely erased or physically destroyed.

Records are retained for periods as agreed by the optical bodies.

Confidential paper information requiring destruction is shredded.

Records due for destruction are shredded.

If the need arises to transfer information we have procedures that include consent and secure transfer

Any suspected breaches of security or loss of information are reported to ICO with 72 hours and are dealt with appropriately by the person responsibility for confidentiality and data management.

Paper records are kept secure and away from access by the public.

How we use and process the information we hold

To discharge our legal and contractual duties:

If you have a sight test you will be given a copy of your spectacle prescription as soon as your sight test is completed

If you have a sight test and you are referred to a doctor, we will offer you a copy of the referral letter. If we cannot give this to you straight away we will give you a written statement that you are being referred, with the reason for the referral (e.g. “cataract”) written on the GOS2 or similar private form.

If you are fitted with contact lenses you will be given a copy of your contact lens specification when the fitting process has been completed.

We make sure that staff who help in the provision of GOS are appropriately trained, and supervised for the tasks that they undertake.

We will obtain consent to use your data for your eye health needs including sending you information on products or services relevant to your needs.

How we transfer personal data

We always transfer personal information (data) securely.

We will ask your permission if we want to transfer personal information about you to someone else.

We will ask your permission if we transfer the information to another healthcare professional who is responsible for your care and who needs that information to help to care for you.

By continuing to browse or by clicking “Accept All Cookies” you agree to the storing of first- and third-party cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts. Cookie policy