Privacy: Proxy ordering of medication in care homes
Brocklebank Practice keep identifiable and clinical data on you relating to health and social care.
In order to allow care home staff to order medication on behalf of their residents, access is granted to allow them to act as a ‘proxy’ on residents’ behalf. This means they will be able to request repeat prescriptions using the GP’s online system. Previously, this has been done via the use of paper repeat prescription forms so the care home staff will not view any new or additional sensitive information.
People who have access to your information will only have access to that which they need to fulfil their roles.
You have the right to object to our sharing your data in these circumstances, but we have an overriding responsibility to comply with our legal obligations. Please see below.
We are required by Articles in the General Data Protection Regulations to provide you with the information in the following 9 subsections.
|Controller contact details||
Brocklebank Practice, 249 Garratt Lane London SW18 4DU
Tel 0203 818 8270
|Data Protection Officer contact email@example.com|
|Purpose of the processing||
In order to facilitate proxy ordering of repeat prescriptions via the GP system, care home staff are granted access by the GP to view and request repeat prescription medication and allergy information of residents. The benefit of doing this is that it enables care home staff to more effectively manage residents’ medication.
Once the prescription has been requested by care home, the usual process is followed, in that the request goes to the GP for approval, and then on to the relevant pharmacist to dispense.
This processing is for the provision of direct care, which is care delivered to the individual alone.
|The Lawfulness Conditions and Special Categories||
The processing of personal data in the delivery of direct care and for providers’ administrative purposes in this surgery and in support of direct care elsewhere is supported under the following Article 6 and 9 conditions of the GDPR:
Article 6(1)(e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’.
Article 61(f) ‘processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data….’
Article 9(2)(h) ‘necessary for the purposes of preventative or occupational medicine for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services...”
We will also recognise your rights established under UK case law collectively known as the “Common Law Duty of Confidentiality”
“Common Law Duty of Confidentiality”, common law is not written out in one document like an Act of Parliament. It is a form of law based on previous court cases decided by judges; hence, it is also referred to as 'judge-made' or case law. The law is applied by reference to those previous cases, so common law is also said to be based on precedent.
The general position is that if information is given in circumstances where it is expected that a duty of confidence applies, that information cannot normally be disclosed without the information provider's consent.
In practice, this means that all patient information, whether held on paper, computer, visually or audio recorded, or held in the memory of the professional, must not normally be disclosed without the consent of the patient. It is irrelevant how old the patient is or what the state of their mental health is; the duty still applies.
Three circumstances making disclosure of confidential information lawful are:
|Recipient or categories of recipients of the shared data||
The data will be shared with approved care home staff.
|Rights to object||You have the right to object to some or all the information being processed under Article 21. Please contact the Controller. You should be aware that this is a right to raise an objection, which is not the same as having an absolute right to have your wishes granted in every circumstance.|
|Right to access and correction||You have the right to access the data that is being shared and have any inaccuracies corrected. There is no right to have accurate medical records deleted except when ordered by a Court of Law.|
|Retention period||The data will be retained in line with the law and national guidance|
|Right to Complain||
You have the right to complain to the Information Commissioner’s Office
INDEX - Policies
- Call Recording Policy
- Chaperone Policy
- Complaints to the Practice
- Net GP Earnings
- Named Allocated GP
- Data Choices
- Summary Care Record Preferences
- Access to Medical Records
- Care Quality Commission
- Complaints, Subject Access Requests and Freedom of Information
- Direct Care Emergencies
- Direct Care Routine and Referrals
- National Screening and Reporting
- Legal Requirements
- Litigation and Claims
- NHS Digital
- Patient Communication
- Patient Participation Group
- Proxy Ordering
- Reporting Gunshot and Knife Wounds
- Risk Stratification
- Use of Covid Data for Research Purposes
Functional Cookies are enabled by default at all times so that we can save your preferences for cookie settings and ensure site works and delivers best experience.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.