What are your rights
What are your rights?
The UK General Data Protection Regulation (UK GDPR) 2016 determines how your personal data is processed and advises on how to keep this data safe. It also stipulates your rights when it comes to processing your data, dependent on the purpose and legal basis used.
There are 6 principles within UK GDPR that organisations must adhere to when processing patient and staff data –
- Must be processed lawfully, fairly, and transparently
- Collected for specific, explicit, and legitimate purposes
- Processed for limited purposes in line with why the data was collected
- Data must be accurate and where necessary kept up to date
- Held securely by the use of appropriate
There are 8 rights in total that patients and staff may exercise –
- Right to be informed
- Right of access
- Right to rectification
- Right to object
- Right to erasure
- Right to restrict processing
- Right to portability
- Rights related to automated decision making and profiling
(Some rights are limited and there may be legitimate grounds that override these rights)
Please refer to the guide on Individual Rights for full information.
Should you want to exercise any of these rights in relation to the processing of your data, please contact the Practice Manager