This website uses cookies to function correctly.
You may delete cookies at any time but doing so may result in some parts of the site not working correctly.

GDPR

GDPR - General Data Protection Regulation

The General Data Protection Regulation (GDPR) comes into effect in the UK on 25 May 2018. The GDPR and the forthcoming Data Protection Act (DPA) 2018, which has yet to be finalised, will replace the current Data Protection Act.

What is the GDPR?

The GDPR was designed to harmonise data privacy laws across Europe. The aim is to protect citizens from privacy and data breaches.

The current DPA dates from the 1990s when organisations held much less data on individuals. As the amount of data held has increased and technology has advanced, so has the risk of cyber crime and data breaches. The GDPR aims to address gaps in current legislation by providing a framework with greater scope and tougher punishments for those who fail to comply.

The key principles of the current DPA remain unchanged, but some areas of legislation have been strenghtened.

Like the DPA, the GDPR applies to ‘controllers’ and ‘processors’ of data – a controller says how and why personal data is processed and the processor acts on the controller’s behalf. Practices are data controllers.

How We Use Your Information

Fair Processing Notice for Patients

Privacy Notice

Patient Opt Out Form



Call 111 when you need medical help fast but it’s not a 999 emergencyNHS ChoicesThis site is brought to you by My Surgery Website