Cooper MediCare family practice wants to ensure the highest standard of medical care of our patients. We understand that confidentiality is a fundamental principle of medical ethics and is central to the trust between patients and doctors. The privacy practices we adopt in our practice are in line the Medical Council guidelines, the privacy principles of Data Protection legislation. We see our patients’ consent as being the key factor in dealing with their health information. This statement is about making consent meaningful by advising you of our policies and practices on dealing with your medical information.
Here in Cooper MediCare family practice, we have set out a summary of this policy in our Data Protection Patient Information Leaflet which was provided to you at the time of registering with the practice. That leaflet should be read in conjunction with this policy.
Managing your information
- In order to provide for patients care we need to collect and keep information about patients and their health on our records.
- We commit to retaining patient information securely.
- We will only ask for and keep information that is necessary. We will attempt to keep it as accurate and up to date as possible. We will explain the need for any information we ask for if a patient is not sure why it is needed.
- We ask all patients to inform us about any relevant changes that we should know about. This would include such things as any treatments or investigation being carried out that we are not aware of. Patients are asked to inform us of change of address and phone numbers.
- All persons in the practice (not already covered by a professional confidentiality code) sign a confidentiality agreement that explicitly makes clear their duties in relation to personal health information and the consequences of breaching that duty.
- Access to patient records is regulated to ensure that they are used only to the extent necessary to enable the employee in question, whether secretary, manager, or healthcare professional perform their tasks for the proper functioning of the practice. In this regard, patients should understand that practice staff may have access to their records for:
- Identifying and printing repeat prescription for patients. These are then reviewed and signed by the GP.
- Generating a social welfare certificate for the patient. This is then checked and signed by the GP.
- Typing referral letters to the hospital consultants or allied health professional such as physiotherapists, occupational therapists, psychologists and dieticians.
- Opening letters from the hospitals and consultants. The letters could appended to a patient’s paper file or scanned into their electronic patient record.
- Scanning clinical letters, radiology reports and any other documents not available in electronic format.
- Downloading laboratory results and out of Hours Coop reports and performing integration of these results into the electronic patient record.
- Photocopying or printing documents for referral to consultants, attending an antenatal clinic or when a patient is changing GP.
- Checking for a patient if a hospital or consultant letter is back or if a laboratory or radiology results is back, or in order to schedule a conversation with the GP.
- When a patient makes contact with a practice, checking if they are due for any preventative services, such as vaccination, antenatal visit, contraceptive pill check, cervical smear tests, etc.
- Handling, printing, photocopying and postage of medico legal and life assurance reports, and of associated documents.
- The practice is committed to guarding against accidental disclosures of confidential patient information. Before disclosing identifiable information about patients, the practice:
- Take into consideration Freedom of Information and Data Protection principles.
- Be clear about the purpose for disclosure.
- Have the patient’s consent or other legal basis for disclosing the information.
- Have considered using anonymised information and be certain it is necessary to use identifiable information.
- Be satisfied that we are disclosing the minimum information to the minimum amount of people necessary.
- Be satisfied that the intended recipient is aware the information is confidential and that they have their own duty of confidentiality.
Disclosure with consent
If a patient is capable of making their own decisions about their healthcare, we will get their consent before giving confidential information that identifies them to the patient’s relatives close friends, or for research or to disease registers.
If the patient does not consent to disclosure of identifiable information we will respect that decision except where failure to make the disclosure would put the patient or others at risk of serious harm or the disclosure is required by law or in the public interest as outline below.
Patients should understand and accept that their healthcare information must be shared within the healthcare team and with support staff to provide effective and safe care. If disclosure of a patient’s information within our practice or to other health care providers is necessary as part of a patient’s treatment and care, we will explain this to the patient and disclose the information to an appropriate person making sure they are aware of their duty of confidentiality. If a patient objects to the transfer of the information we deem necessary we will explain to the patient that we cannot arrange referral or treatment without disclosing the information.
We recognise that clinical audit, quality assurance, education and training are essential for providing safe and effective healthcare. If we are providing patient information pursuant to of any of these activities, we understand the information must be anonymised or coded before it is disclosed outside the healthcare team. If that is not possible we will make sure a patient is told about the disclosure in advance and given the opportunity to object. We will respect a patient’s wishes in respect of the disclosure.
We will only prepare a medical report on a patient with a patient’s consent. A report will be specific to the episode for which the report has been requested. We understand that a medical report requested by third party such as an employer, insurance company or legal representative must be factual, accurate and not misleading. We will seek to ensure that the patient understands the scope and purpose of the report and that the GP cannot omit relevant information.
We will also seek to ensure the patient is aware of our duty of care to them and to the person/company from whom the report was requested. We will take the patient through the report before we release it so the patient appreciates the extent of the information we are reporting upon.
We are committed to ensuring that any audio, visual or photographic recordings of a patient or relative of a patient, in which the person is identifiable, should only be made with express consent of that person. The recordings will be kept confidential as a part of the patient’s record of consent. We will do all we reasonably can to protect confidentiality of the recording. We will get consent before sharing such videos, photos or other images of a patient.
We will only take images of patients on a GP’s personal mobile device when necessary for the patient’s care. Such images will not identify a patient and shall only be kept for the minimum time necessary.
In general, work related Medical Certificates from a GP will only provide a confirmation that a patient is unfit for work with an indication of when the patient will be fit to resume work. Where it is considered necessary to provide additional information we will discuss that with the patient. However, Social Worker Certificates of Incapacity for work must include the medical reasons the patient is unfit to work.
Your Data Protection rights
Under Data Protection legislation, you have the right to:
- Withdraw consent to the processing of your personal information.
[Note: If you withdraw consent, we may not be able to continue to provide treatment and service to you. We will talk to you about the possible consequences of withdrawing consent. If and when you let us know that you are thinking of this. The withdrawal of consent will not undermine the lawfulness of processing carried out prior to the withdrawal.]
- Request to access the information we hold about you.
- Request the correction of inaccuracies in/erasure of the information we hold about you.
- Request the restriction of processing of the information we hold about you.
- Exercise your entitlement to data portability.
- Make a complaint to the Office of the Data Protection Commissioner of Ireland.
Cooper MediCare family practice registered Data Protection Officers are Michelle Cooper. Any queries, concerns or requests to exercise your rights under Data Protection legislation may be addressed to Dr. Michelle Cooper, 17 Ashe Street, Tralee, Co. Kerry.
Transferring to another practice
If you decide at any time and for whatever reason to transfer to another practice we will facilitate that decision by making available to your new doctor a copy of your records on receipt of your signed consent from your new doctor. For medico-legal reasons we will also retain a copy of your records in this practice for an appropriate period of time which may exceed eight years.
Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
Other cookies may be stored on your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.