Privacy

General Principles

Consultations and medical records are subject to medical confidentiality. Information can generally only be shared with other people with your knowledge and consent. It is my policy to send copies of correspondence about you, to you for information.

It is normal medical practice (and often a condition of insurance companies) that your general practitioner (GP) is made aware of appointment details and treatment plans, although again this is only with your consent. Sometimes issues arise that you may not want communicating with your GP, or that are important to phrase correctly so please feel free to discuss this at the appointment.

Medical Confidentiality

In general, all medical information disclosed to a Doctor remains confidential within your medical records and can only be released to other parties with your written consent. The main exception is if not disclosing information would expose you or others to risk of death or serious harm. This is a very unusual situation and occurs rarely. Further details from the General Medical Council can be found here (opens in a new window).

Employer / Solicitor / Court reports

Arrangements may differ if your appointment is at the request of your employer, solicitor, or the courts. In these circumstances there is an expectation by the party arranging the consultation that a written report will be sent to them in the first instance. Again, this would only be with your knowledge and consent and there is usually a provision for you to see the report before it is forwarded to your employer / solicitor.


IT and Information Security

It is a reality that medical information is increasingly held electronically in hospitals and GPs, even if only on a secretary’s PC. I take the security of such information very seriously. As a result, my systems are likely to be more secure than traditional paper-based medical files.

All on-site electronic data are protected by RAID storage to minimise the risk of hardware failure and regularly backed-up to encrypted media stored off-site. Remote access is only possible to authorised users via 128-bit encryption (similar to that used by banks).

Identifiable data is never emailed or transferred to unencrypted external storage media. Written consent is required if you wish to communicate via email as you should be aware it is not secure. Video consultations are via a secure connection (128-bit SSL).

Fully registered with the Information Commissioner as a Data Controller, under the provisions of the Data Protection Act.