Practice Name: Rathcoole Medical Centre
Practice Address: Main Street Rathcoole, Co. Dublin
Practice Phone: Number: 01 458 9655
Data Controllers : Dr James Clarke, Dr Ailsa Clarke
Lead for Data Protection : Dr Ailsa Clarke
Purpose of the Processing
In Ireland, the General Practitioner or Family Doctor provides life-long, cradle to grave, general medical services to individuals and families. The GP is the generalist in the health services and deals with patient problems across a range of specialties, everything from antenatal care to palliative care. The information collected and processed thus ranges from demographic information through physical, psychological and social data at all levels of granularity. The data ranges from the genetic aspects of a woman’s breast cancer diagnosis to the trigger factors of a university student suffering from panic attacks and anxiety. The domain for this information is the domain of medicine in its broadest definition
Rathcoole Medical Centre want to ensure the highest standard of medical care for our patients. We understand that a General Practice is a trusted community governed by an ethic of privacy and confidentiality.
Categories of Personal Data
The following Table applies for both Public and Private Patients and shows the categories of personal data processed by GPs.
|Category of Personal Data||Purpose of Processing||Lawfulness of Processing|
name, address, contact details (phone, mobile, email), dates of appointment
|Necessary to support the administration of patient care in general practice||Article 6.1(d): processing is necessary in order to protect the vital interests of the data subject or of another natural person;|
Article 6.1(e): processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
Special Categories are processed under the derogations in Articles 9.2(h) and 9.2(i). Please see the notes under this table.
Individual Health identifier, GMS number, PPSN, date of birth, religion, sexual orientation, gender, family members, family history, contact details of next of kin, contact details of carers, vaccination details, medication details, allergy details, current and past medical and surgical history, genetic data, laboratory test results, imaging test results, near patient test results, ECGs, Ultrasound scan images, and other data required to provide medical care.
|Necessary to provide patient care in general practice.|
The PPS number is needed for specific schemes such as sickness certification (Department of Social Protection), childhood immunisation programme, mother and child scheme, cervical screening, etc. (HSE).
record of billable services provided, patient name, address, contact details, billing and payment records for GMS and private patients
|Required for providing a service and billing. Also required for submission of reimbursement claims to the HSE Primary Care Reimbursement Service.||Article 6.1(c): processing is necessary for compliance with a legal obligation to which the controller is subject (Revenue, Medical and Legal Obligations), and Article 6.1(b) in relation to getting paid for providing a service to private patients.|
Notes on the Legal Basis for Processing of Data
It is not possible to undertake medical care without collecting and processing personal data and data concerning health. In fact, to do so would be in breach of the Medical Council’s ‘Guide to Professional Conduct and Ethics for Doctors’. The legal basis for processing of data by GPs is provided by the following articles in GDPR: Article 6.1(c), 6.1(d), 6.1(e) and Article 9.2(h) and 9.2(i).
Article 6.1(c) in relation to the lawfulness of processing states: ‘processing is necessary for compliance with a legal obligation’, for example for accounts and reimbursement claims.
Article 6.1(d) in relation to the lawfulness of processing, states: ‘processing is necessary in order to protect the vital interests of the data subject or of another natural person’.
Article 6.1(e): in relation to the lawfulness of processing, states: ‘processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller’. This includes the use of PPS numbers by GPs.
Article 9.2(h) in relation to the processing of special categories of personal data, states: ‘processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3’;
Paragraph 3 relates to the processing of data concerning health by medical practitioners subject to professional confidentiality under the regulation of the Irish Medical Council.
Article 9.2(i) relates to processing necessary for reasons of public health.
Article 6 and Article 9 need to work in conjunction with one another. So for instance a GP will rely upon a combination of Article 6 to process non sensitive data and Article 9 conditions to process special categories of data.
The processing of personal data in general practice is necessary in order to protect the vital interests of the patient and for the provision of health care and public health. The lawfulness of processing data for the provision of medical care in general practice is not based on consent.
However, explicit and informed consent is required for some defined data outflows, for example to insurance companies, solicitors and banks. This is covered in Section 3.
Categories of Recipients Whom We Share Personal Data
These are broken down into four categories as shown in the table below: sharing data in relation to the provision of medical care, sharing data with data processors where a contract is required, sharing data under legal arrangements, and sharing data for public health purposes.
|Categories of Recipient||Description|
|Health and Social Care Providers||Other GPs, Health Service Executive, Voluntary Hospitals, Private Hospitals and Clinics, Private Consultants, Physiotherapists, Occupational Therapists, Speech and Language Therapists, Social Workers, Palliative Care Services, Out of Hours Services, Pharmacies, Nursing Homes, Counselling Services, Diagnostic Imaging Services, Hospital Laboratories, and other health care providers|
|Data Processors, with a contract||GP Practice Software Vendor (Clanwilliam Health), Online Data Backup Companies (RCSI), Healthlink|
|Legal Arrangements||Coroner, Revenue, Social Protection, Medical Council|
|Public Health||Infectious disease notifications, influenza surveillance|
|Third Parties, with explicit patient consent||Solicitors, Insurance Companies, Health Insurance Companies, Banks|
Health care is a community of trust. Each individual health care provider is subject to privacy and confidentiality ethics and rules overseen by their professional regulator, for example the Medical Council or the Nursing and Midwifery Board of Ireland. When a patient is referred by a GP to a Consultant this referral is discussed and agreed between the patient and the GP. As part of this decision is an understanding to be open and transparent, with all relevant medical information being shared with the Consultant in order to provide medical care. It is not possible to make a referral without sending the necessary information. In fact, to do so would leave the GP open to a medical negligence action. The transmission of personal data concerning health is part of the referral process and part of the practice of medicine. It does not need a separate signed patient consent form.
When sharing patient personal data with other data controllers in their own right, such as the HSE or Voluntary Hospitals, the responsibility for compliance with data protection regulations, including subject rights, falls to that party, for example, the Voluntary Hospital. There is a requirement to have appropriate governance arrangements in place where each entity understands their respective responsibilities.
Transfers to a Third Country
During standard operating procedures, patient records shall not be transferred outside of the European Economic Area (EEA). Where patient data is to be transferred, explicit consent will be sought having informed the patient of the risks of such transfers of the personal data outside of the EEA (Art 49.1(a)). In emergency situations where, for example, a patient has a medical event in the USA and needs their medical details transferred to support their care, or is physically or legally incapable of giving consent, this is allowable (Art 49.1(f)). It should, where possible, be associated with patient explicit consent, which should be retained for evidential purposes
Time Limits (the envisaged time limits for erasure of the different categories of data)
See Guidelines Link as a March 2022 – ensure this aligns with data protection act too – page 12
Personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
The retention periods for medical records are taken from the HSE ‘National Hospitals Office, Code of Practice for Healthcare Records Management”. These periods are also in line with the recommendations of Medical Indemnity Agencies and the Health Information and Quality Authority (HIQA).
The GP will commission regular information security audits to ensure that appropriate measures are in place to secure patient data in the practice. Such an audit should cover:
ï Operating Systems and Security Patches;
ï Hardware; ï Networks, including Wi-Fi;
ï Anti-virus and anti-malware;
ï Firewalls; ï Data Backup;
ï Peripheral and medical devices;
ï Access controls;
ï Appropriate use of the Internet;
The information security audit should search for unencrypted patient identifiable information on the hard drives of practice computers and servers. Possible examples include downloaded electronic messages, GMS panel lists, referral and discharge letters, scanned documents and spreadsheets. Advice should be provided, by the information security auditors, on how to manage such files, whether through incorporation into the GP practice software management system, deletion, encryption at rest, or other means.