View our full complaints policy, leaflet and complaints form here.
Grimethorpe Surgery
Reviewed 20/12/23
Review due 20/12/24
PRACTICE COMPLAINTS PROCEDURE
Procedure Written by
Review Annually
Responsibility for review Doctors, Nurses or Practice Manager
Review dates Reviewed by
Reviewed October 2017
Reviewed 22/11/18
Reviewed 23/11/19
Reviewed 30/11/20
Reviewed 2/12/21
Reviewed 22/12/22
Reviewed 20/12/23
By Dr JEC Bennekers, name change and readability improved and easier
navigation of document enabled.
Dr J.E.C. Bennekers
Dr J.E.C. Bennekers
Dr J.E.C. Bennekers
Dr J.E.C. Bennekers
Dr J.E.C. Bennekers
Grimethorpe Surgery
Reviewed 20/12/23
Review due 20/12/24
INTRODUCTION
This procedure sets out the Practice’s approach to the handling of complaints and is intended
as an internal guide which should be made readily available to all staff. A leaflet for patient
use is given at Appendix A.
PROCEDURE
1. General provisions
The Practice will take reasonable steps to ensure that patients are aware of:
(a) The Complaints Procedure;
(b) The role of NHS England (South Yorkshire and Bassetlaw) Oak House, Moorhead Way,
Bramley, Rotherham, S66 1YY and other bodies in relation to complaints about services under
the contract; and
(c) Their right to assistance with any complaint from independent advocacy services
The Practice will take reasonable steps to ensure that the complaints procedure is accessible
to all patients
2. Receiving of complaints
The Practice may receive a complaint made by, or (with his/her consent) on behalf of a
patient, or former patient, who is receiving or has received treatment at the Practice, or:
(a) Where the patient is a child:
(i) By either parent, or in the absence of both parents, the guardian or other adult who
has care of the child,
(ii) By a person duly authorised by a local authority to whose care the child has been
committed under the provisions of the Children Act 1989; or
(iii) By a person duly authorised by a voluntary organisation by which the child is being
accommodated
(b) Where the patient is incapable of making a complaint, by a relative or other adult who has
an interest in his/her welfare
Grimethorpe Surgery
Reviewed 20/12/23
Review due 20/12/24
3. Period within which complaints can be made
The period for making a complaint is:
(a) Six months from the date on which the event which is the subject of the complaint
occurred; or
(b) Six months from the date on which the event which is the subject of the complaint comes
to the complainant’s notice (provided that the complaint is made no later than 12 months
after the date of the event).
GPs and / or complaints managers have the discretion to extend the time limits if the
complainant has suffered particular distress that prevented them from acting sooner. When
considering an extension to the time limit, it is important that the GP or manager take into
consideration that the passage of time may prevent an accurate recollection of events by the
clinician concerned or by the person bringing the complaint. The collection of evidence,
Clinical Guidelines or other resources relating to the time when the complaint event arose
may also be difficult to establish or obtain. These factors may be considered as a suitable
reason for declining a time limit extension.
4. Complaints handling
The practice will nominate:
(a) The Practice Manager is responsible for the operation of the complaints procedure and the
investigation of complaints; and
(b) A Partner, or other senior person associated with the practice, to be responsible for the
effective management of the complaints procedure and for ensuring that action is taken in
the light of the outcome of any investigation
5. Action upon receipt of a complaint
Complaints may be received either verbally or in writing and must be forwarded to the
Complaints Officer (or his/her stand-in if the Complaints Officer is unavailable), who must:
– acknowledge in writing within the period of three working days beginning with the day on
which the complaint was made or, where that is not possible, as soon as reasonably
practicable.
– ensure the complaint is properly investigated
– within the period of 20 working days beginning with the day on which the complaint was
received by the Complaints Officer where that is not possible, as soon as reasonably
practicable, the complainant must be given a written statement of the investigation and its
conclusions or, where this is not possible, an update
Grimethorpe Surgery
Reviewed 20/12/23
Review due 20/12/24
DNA (did not attend) appointment Policy (including patient leaflet)
Information about data collected and Type 1 Opt-Out
General Practice Data for Planning and Research: NHS Digital Transparency Notice
How and why NHS Digital collects, analyses, publishes, and shares data collected from GP practices for planning and research.
To provide more time to speak with patients, doctors, health charities and others, the collection of GP data for Planning and Research in England has been deferred from 1 July to 1 September 2021.
Quick summary:
We will not collect your name or where you live. Any other data that could directly identify you, for example NHS number, General Practice Local Patient Number, full postcode and date of birth, is replaced with unique codes which are produced by de-identification software before the data is shared with NHS Digital.
This process is called pseudonymisation and means that no one will be able to directly identify you in the data. The diagram below helps to explain what this means. Using the terms in the diagram, the data we collect would be described as de-personalised.
Not happy to have your pseudo-anonymized data shared? You can fill a Type 1 Opt-Out form and bring it to the surgery for processing.
Click on the image to download the form
Want to know more before you decide? Then, please read on below.
Purpose of this Transparency Notice
Under data protection law we must tell you about how we use your personal information. This includes the personal information that we collect from and share with other organisations and why we do so. We do this through Transparency Notices. Read our main Transparency Notice.
This additional Transparency Notice provides details about the personal information that GP practices are sharing with us under our General Practice Data for Planning and Research data collection.
We use the term patient data to refer to personal information in the rest of this notice.
About the General Practice Data for Planning and Research data collection
How sharing patient data with NHS Digital helps the NHS and you
The NHS needs data about the patients it treats in order to plan and deliver its services and to ensure that care and treatment provided is safe and effective. The General Practice Data for Planning and Research data collection will help the NHS to improve health and care services for everyone by collecting patient data that can be used to do this. For example patient data can help the NHS to:
monitor the long-term safety and effectiveness of care
plan how to deliver better health and care services
prevent the spread of infectious diseases
identify new treatments and medicines through health research
GP practices already share patient data for these purposes, but this new data collection will be more efficient and effective.
This means that GPs can get on with looking after their patients, and NHS Digital can provide controlled access to patient data to the NHS and other organisations who need to use it, to improve health and care for everyone.
Contributing to research projects will benefit us all as better and safer treatments are introduced more quickly and effectively without compromising your privacy and confidentiality.
Patient data from GP medical records kept by GP practices in England is used every day to improve health, care and services through planning and research, helping to find better treatments and improve patient care. The NHS is introducing an improved way to share this information – called the General Practice Data for Planning and Research data collection.
NHS Digital will collect, analyse, publish and share this patient data to improve health and care services for everyone. This includes:
informing and developing health and social care policy
planning and commissioning health and care services
taking steps to protect public health (including managing and monitoring the coronavirus pandemic)
in exceptional circumstances, providing you with individual care
enabling healthcare and scientific research
Any data that NHS Digital collects will only be used for health and care purposes. It is never shared with marketing or insurance companies.
What patient data we collect
This collection will start from 1 September 2021. Patient data will be collected from GP medical records about:
any living patient registered at a GP practice in England when the collection started – this includes children and adults
any patient who died after the data collection started, and was previously registered at a GP practice in England when the data collection started
We will not collect your name or where you live. Any other data that could directly identify you, for example NHS number, General Practice Local Patient Number, full postcode and date of birth, is replaced with unique codes which are produced by de-identification software before the data is shared with NHS Digital.
This process is called pseudonymisation and means that no one will be able to directly identify you in the data. The diagram below helps to explain what this means. Using the terms in the diagram, the data we collect would be described as de-personalised.
Image provided by Understanding Patient Data under licence.
NHS Digital will be able to use the same software to convert the unique codes back to data that could directly identify you in certain circumstances, and where there is a valid legal reason. Only NHS Digital has the ability to do this. This would mean that the data became personally identifiable data in the diagram above. An example would be where you consent to your identifiable data being shared with a research project or clinical trial in which you are participating, as they need to know the data is about you.
We will only collect structured and coded data from patient medical records that is needed for specific health and social care purposes explained above.
Data that directly identifies you as an individual patient, including your NHS number, General Practice Local Patient Number, full postcode, date of birth and if relevant date of death, is replaced with unique codes produced by de-identification software before it is sent to NHS Digital. This means that no one will be able to directly identify you in the data.
NHS Digital will be able to use the software to convert the unique codes back to data that could directly identify you in certain circumstances, and where there is a valid legal reason. This would mean that the data became personally identifiable in the diagram above. It will still be held securely and protected, including when it is shared by NHS Digital. We will collect:
data on your sex, ethnicity and sexual orientation
clinical codes and data about diagnoses, symptoms, observations, test results, medications, allergies, immunisations, referrals and recalls, and appointments, including information about your physical, mental and sexual health
your name and address (except for your postcode in unique coded form)
written notes (free text), such as the details of conversations with doctors and nurses
images, letters and documents
coded data that is not needed due to its age – for example medication, referral and appointment data that is over 10 years old
coded data that GPs are not permitted to share by law – for example certain codes about IVF treatment, and certain information about gender re-assignment
Opting out of NHS Digital collecting your data (Type 1 Opt-out)
If you do not want your identifiable patient data (personally identifiable data in the diagram above) to be shared outside of your GP practice for purposes except for your own care, you can register an opt-out with your GP practice. This is known as a Type 1 Opt-out.
Type 1 Opt-outs were introduced in 2013 for data sharing from GP practices, but may be discontinued in the future as a new opt-out has since been introduced to cover the broader health and care system, called the National Data Opt-out. If this happens people who have registered a Type 1 Opt-out will be informed. More about National Data Opt-outs is in the section Who we share patient data with.
NHS Digital will not collect any patient data for patients who have already registered a Type 1 Opt-out in line with current policy. If this changes patients who have registered a Type 1 Opt-out will be informed.
If you do not want your patient data shared with NHS Digital, you can register a Type 1 Opt-out with your GP practice. You can register a Type 1 Opt-out at any time. You can also change your mind at any time and withdraw a Type 1 Opt-out.
Data sharing with NHS Digital will start on 1 September 2021.
If you have already registered a Type 1 Opt-out with your GP practice your data will not be shared with NHS Digital.
If you wish to register a Type 1 Opt-out with your GP practice before data sharing starts with NHS Digital, this should be done by returning this form to your GP practice. If you have previously registered a Type 1 Opt-out and you would like to withdraw this, you can also use the form to do this. You can send the form by post or email to your GP practice or call 0300 3035678 for a form to be sent out to you.
If you register a Type 1 Opt-out after your patient data has already been shared with NHS Digital, no more of your data will be shared with NHS Digital. NHS Digital will however still hold the patient data which was shared with us before you registered the Type 1 Opt-out.
If you do not want NHS Digital to share your identifiable patient data (personally identifiable data in the diagram above) with anyone else for purposes beyond your own care, then you can also register a National Data Opt-out. There is more about National Data Opt-outs and when they apply in the National Data Opt-out section below.
Our legal basis for collecting, analysing and sharing patient data
When we collect, analyse, publish and share patient data, there are strict laws in place that we must follow. Under the UK General Data Protection Regulation (GDPR), this includes explaining to you what legal provisions apply under GDPR that allows us to process patient data. The GDPR protects everyone’s data.
NHS Digital has been directed by the Secretary of State for Health and Social Care under the General Practice Data for Planning and Research Directions 2021 to collect and analyse data from GP practices for health and social care purposes including policy, planning, commissioning, public health and research purposes.
NHS Digital is the controller of the patient data collected and analysed under the GDPR jointly with the Secretary of State for Health and Social Care.
All GP practices in England are legally required to share data with NHS Digital for this purpose under the Health and Social Care Act 2012 (2012 Act). More information about this requirement is contained in the Data Provision Notice issued by NHS Digital to GP practices.
NHS Digital has various powers to publish anonymous statistical data and to share patient data under sections 260 and 261 of the 2012 Act. It also has powers to share data under other Acts, for example the Statistics and Registration Service Act 2007.
Regulation 3 of the Health Service (Control of Patient Information) Regulations 2002 (COPI) also allow confidential patient information to be used and shared appropriately and lawfully in a public health emergency. The Secretary of State has issued legal notices under COPI (COPI Notices) requiring NHS Digital, NHS England and Improvement, arm’s-length bodies (such as Public Health England), local authorities, NHS trusts, clinical commissioning groups and GP practices to share confidential patient information to respond to the COVID-19 outbreak. Any information used or shared during the COVID-19 outbreak will be limited to the period of the outbreak unless there is another legal basis to use confidential patient information.
The legal basis under GDPR for General Practice Data for Planning and Research
How we use patient data
NHS Digital will analyse and link the patient data we collect with other patient data we hold to create national data sets and for data quality purposes.
NHS Digital will be able to use the de-identification software to convert the unique codes back to data that could directly identify you in certain circumstances for these purposes, where this is necessary and where there is a valid legal reason. There are strict internal approvals which need to be in place before we can do this and this will be subject to independent scrutiny and oversight by the Independent Group Advising on the Release of Data (IGARD).
These national data sets are analysed and used by NHS Digital to produce national statistics and management information, including public dashboards about health and social care which are published. We never publish any patient data that could identify you. All data we publish is anonymous statistical data.
We may also carry out analysis on national data sets for data quality purposes and to support the work of others for the purposes set out in Our purposes for processing patient data section above.
Who we share patient data with
All data which is shared by NHS Digital is subject to robust rules relating to privacy, security and confidentiality and only the minimum amount of data necessary to achieve the relevant health and social care purpose will be shared.
All requests to access patient data from this collection, other than anonymous aggregate statistical data, will be assessed by NHS Digital’s Data Access Request Service, to make sure that organisations have a legal basis to use the data and that it will be used safely, securely and appropriately.
These requests for access to patient data will also be subject to independent scrutiny and oversight by the Independent Group Advising on the Release of Data (IGARD). Organisations approved to use this data will be required to enter into a data sharing agreement with NHS Digital regulating the use of the data.
There are a number of organisations who are likely to need access to different elements of patient data from the General Practice Data for Planning and Research collection. These include but may not be limited to:
the Department of Health and Social Care and its executive agencies, including Public Health England and other government departments
NHS England and NHS Improvement
primary care networks (PCNs), clinical commissioning groups (CCGs) and integrated care organisations (ICOs)
local authorities
research organisations, including universities, charities, clinical research organisations that run clinical trials and pharmaceutical companies
If the request is approved, the data will either be made available within a secure data access environment within NHS Digital infrastructure, or where the needs of the recipient cannot be met this way, as a direct dissemination of data. We plan to reduce the amount of data being processed outside central, secure data environments and increase the data we make available to be accessed via our secure data access environment. For more information read about improved data access in improving our data processing services.
Data will always be shared in the uniquely coded form (de-personalised data in the diagram above) unless in the circumstances of any specific request it is necessary for it to be provided in an identifiable form (personally identifiable data in the diagram above). For example, when express patient consent has been given to a researcher to link patient data from the General Practice for Planning and Research collection to data the researcher has already obtained from the patient.
It is therefore possible for NHS Digital to convert the unique codes back to data that could directly identify you in certain circumstances, and where there is a valid legal reason which permits this without breaching the common law duty of confidentiality. This would include:
where the data was needed by a health professional for your own care and treatment
where you have expressly consented to this, for example to participate in a clinical trial
where approval has been provided by the Health Research Authority or the Secretary of State with support from the Confidentiality Advisory Group (CAG) under Regulation 5 of the Health Service (Control of Patient Information) Regulations 2002 (COPI) – this is sometimes known as a ‘section 251 approval’
This would mean that the data was personally identifiable in the diagram above. Re-identification of the data would only take place following approval of the specific request through the Data Access Request Service, and subject to independent assurance by IGARD and consultation with the Professional Advisory Group, which is made up of representatives from the BMA and the RCGP. If you have registered a National Data Opt-out, this would be applied in accordance with the National Data Opt-out policy before any identifiable patient data (personally identifiable data in the diagram above) about you was shared. More about the National Data Opt-out is in the section below.
Details of who we have shared data with, in what form and for what purposes are published on our data release register.
National Data Opt-out (opting out of NHS Digital sharing your data)
This applies to identifiable patient data about your health (personally identifiable data in the diagram above), which is called confidential patient information. If you don’t want your confidential patient information to be shared by NHS Digital for purposes except your own care – either GP data, or other data we hold, such as hospital data – you can register a National Data Opt-out.
If you have registered a National Data Opt-out, NHS Digital won’t share any confidential patient information about you with other organisations unless there is an exemption to this, such as where there is a legal requirement or where it is in the public interest to do so, such as helping to manage contagious diseases like coronavirus. You can find out more about exemptions on the NHS website.
From 1 October 2021, the National Data Opt-out will also apply to any confidential patient information shared by your GP practice with other organisations for purposes except your individual care. It won’t apply to this data being shared by GP practices with NHS Digital, as it is a legal requirement for GP practices to share this data with NHS Digital and the National Data Opt-out does not apply where there is a legal requirement to share data.
You can find out more about and register a National Data Opt-out or change your choice on nhs.uk/your-nhs-data-matters or by calling 0300 3035678.
Other organisations with whom we share your personal data must only keep it for as long as is necessary and as set out in the Data Sharing Agreement with that organisation. Information about this will be provided in their privacy notices on their websites.
Where we store patient data
NHS Digital only stores and processes patient data for this data collection within the United Kingdom (UK).
Fully anonymous data (that does not allow you to be directly or indirectly identified), for example statistical data that is published, may be stored and processed outside of the UK. Some of our processors may process patient data outside of the UK. If they do, we will always ensure that the transfer outside of the UK complies with data protection laws.
Your rights over your patient data
You can read more about the health and care information collected by NHS Digital, our legal basis for collecting it and your choices and rights in:
We may make changes to this Transparency Notice. If we do, the ‘last edited’ date on this page will also change. Any changes to this notice will apply immediately from the date of any change.
Social Media Patient Policy
Introduction
There are many social media platforms that are widely used by both staff and patients; these include Facebook, Twitter, Instagram, YouTube and LinkedIn. At Grimethorpe Surgery we have a website, which provides a range of useful information for our patient population.
Grimethorpe Surgery has a duty to maintain patient confidentiality and to safeguard vulnerable patients. You can help us achieve this by adhering to the code of conduct outlined in this policy.
Patients at Grimethorpe Surgery are expected to adhere to the following code of conduct at all times:
The practice requires all users of portable devices to use them in a courteous and considerate manner, respecting their fellow patients. Portable devices are not to be used during consultations.
Patients are not permitted to disclose any patient-identifiable information about other patients, unless they have the express consent of that patient.
Patients must not post any material that is inaccurate, fraudulent, harassing, embarrassing, obscene, defamatory or unlawful. Any such posts on social media will, if brought to our attention, lead to a written warning letter from the Practice Manager.
Patients are not permitted to take photographs in the waiting room or areas where other patients are present, nor are photographs of staff permitted. Video recording is also not allowed.
Patients must not post comments on social media that identify patients, or identify staff who work at the practice.
Patients are to use NHS Choices should they wish to leave a review about Grimethorpe Surgery or fill in a Friends and Family form available on our website. This will enable the Practice Manager to respond appropriately.
Defamatory comments about our team are not to be shared on any social media platform. Legal advice will be sought, and the appropriate action taken against any patient who posts defamatory comments.
Patient complaints on social media
We have a separate complaints policy which patients are to use should they wish to make a complaint. We will only respond to complaints made to the practice in accordance with the practice policy. If a complaint is made on social media and brought to our attention, this too will lead to a written warning letter from the Practice Manager.