Tudor Gate Surgery is committed to protecting your personal data and ensuring confidentiality in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Freedom of Information Act 2000.

We only share identifiable information about you in the following circumstances:

  • To provide further medical treatment, for example from district nurses or hospital services

  • To help you access other services such as social services (this requires your consent)

  • When we have a duty to protect others, such as in child protection cases

  • Anonymised data may be used at local or national level to help the Health Board or Government plan services (e.g. diabetic care). This data does not identify individuals.

If you do not wish your anonymised information to be used in this way, please inform us.

Welsh GP Record

Your Welsh GP Record is a summary of key medical information taken from your full GP record and made available to selected Health Professionals in Out of Hours and certain Secondary Care settings.

It includes:

  • Your name, address and contact details

  • Current medications and prescriptions from the past two years

  • Any allergies or adverse reactions

  • Current medical problems or diagnoses

  • Recent test results (within the previous year), such as blood tests or X-rays

It does not include any private discussions with your GP.

More information is available on request from the surgery.

How We Use Your Information

We use your medical record to provide safe, effective healthcare and treatment, including:

  • Diagnosing and managing your health

  • Referrals to hospital or specialist care

  • Prescriptions to your preferred pharmacy

  • Checking the quality of care through audits and reviews

We only share relevant information when it is necessary to provide your care or when legally required.

Read our Privacy Notice for full details.

Your Rights Under GDPR

You have several rights under data protection law, including the right to:

  • Access your medical records

  • Request corrections to inaccurate information

  • Object to certain uses of your data (though this may affect your care)

  • Withdraw consent where it has been previously given

You may make a Subject Access Request (SAR) to view your medical records.
More information is available in our GDPR SAR Leaflet (PDF)

Safeguarding

We may need to share personal data without your consent when it is required to:

  • Protect individuals from harm

  • Meet safeguarding responsibilities

These decisions are made under strict legal and professional frameworks.

Management of Records

We follow strict procedures in line with records management guidance to ensure that we keep the right information at the right time to make informed healthcare decisions. This includes:

  • Paper and electronic documents

  • Emails

  • Audio and video recordings

  • X-rays

  • CCTV footage

We are committed to maintaining high standards through policies that support information governance and legal compliance.

For more guidance on record-keeping in healthcare, visit:
Managing health and social care records: Code of Practice | GOV.WALES

Call Recording and CCTV

  • All calls to and from the surgery are recorded for training and quality purposes.

  • CCTV is in use to support crime prevention and safety.

Information Governance and Access

For FOI requests or information governance enquiries, please contact the practice manager.

Complaints and Further Support

If you have concerns about how your data is used or wish to make a complaint, contact:

Information Commissioner’s Office
Visit: https://ico.org.uk/global/contact-us
Call: 0303 123 1113

Data Protection Contacts

Data Controller: Dr H. S. Neville
Data Protection Officer: Mrs S. M. Lapping, Practice Manager