The Executive Management of Health Counter (Cedarwood Pharmacy) ensures that effective internal processes are undertaken within the business to protect the data of its employees, its patients, suppliers, and customers.
This policy and procedure is created in the context of the Health Counter core value of To Be Disciplined and Professional and recognises the Services provided by Cedarwood Pharmacy and its responsibility to protect healthcare data as a special category. As part of this, additional measures are in place to protect patient records and processing.
This policy and Privacy Notice is overseen by the Health Counter Data Protection Officer (DPO), a requirement of the GDPR legislation.
1. Objectives, Aim and Scope
1.1. Aims and Objectives
The objectives of Health Counter Network Security Policy:
• GDPR Compliance – to ensure that the Health Counter has an overarching Data Protection Policy enabling a consistent approach to secure data management across the company and compliance with the legislation
• Employee Awareness – to provide insight to colleagues around GDPR and its responsibilities for the company, management, and colleagues
This policy and procedure apply to Health Counter and relates to the provision of Services provided by Cedarwood Pharmacy.
- General Data Protection Legislation (GDPR) 2018
- NHS Information Governance Alliance (IGA)
Our pharmacists and staff are members of your online healthcare team. They aim to provide you with the highest quality of healthcare. To do this they need to keep records about you, your health, and the care we have provided or plan to provide to you.
We know that you value your privacy and the security of personal information held about you.
As part of providing a professional, safe, and efficient service, there is certain information that we record. This includes details of drugs and appliances dispensed against your prescriptions as well as significant advice given, and referrals made to other health professionals and any other relevant information.
Information recorded may include:
• basic details about you, such as address, date of birth, contact details etc
• records of medicines you have been prescribed by the doctor or another qualified prescriber, and which have been supplied by Cedarwood Pharmacy
• details of medicines purchased from the pharmacy without a prescription (“p-meds; over the counter medicines”)
• other details and notes about your health and medical treatment
• information relevant to your continued care from other people who care for you and know you well, such as other health professionals and relatives; and
• any other services we may provide to you
We process your personal data, which includes information from your prescriptions and any other pharmacy and health care services we provide to you for the purposes of:
You have the right to confidentiality under the General Data Protection Regulation and the Data Protection Act 2018, the Human Rights Act 1998, and the common law duty of confidence (the Equality Act may also apply).
We also comply with the NHS Code of Practice on Confidentiality and pharmacists have a requirement under their professional standards to keep records about you confidential, secure and accurate.
All our staff contracts of employment contain a requirement to keep patient information confidential.
Our guiding principle is that we process your records in strict confidence.
Your right to view your health record
You have the right to ask for a copy of all pharmacy records about you.
Generally, there will be no charge for a printed copy of the information we hold about you. We are required to respond to your request within one month.
You will need to give adequate information for pharmacy staff to identify you (for example, full name, address, and date of birth). You will be required to provide ID.