We are committed to protecting your privacy. You can access our website without giving us any information about yourself. But sometimes we do need information to provide services that you request, and this statement of privacy explains data collection and use in those situations.
In general, you can visit our web site without telling us who you are and without revealing any information about yourself. However there may be occasions when you choose to give us personal information, for example, when you choose to contact us or request information from us. We will ask you when we need information that personally identifies you or allows us to contact you.
We collect the personal data that you may volunteer while using our services. We do not collect information about our visitors from other sources, such as public records or bodies, or private organisations. We do not collect or use personal data for any purpose other than that indicated below:
- To send you confirmation of requests that you have made to us
- To send you information when you request it.
We intend to protect the quality and integrity of your personally identifiable information and we have implemented appropriate technical and organisational measures to do so. We ensure that your personal data will not be disclosed to State institutions and authorities except if required by law or other regulation.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should be aware that we don’t have any control over the other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites.
As part of our commitment to improving patient care and population health management, this
GP practice uses Ardens Manager, a secure clinical analytics platform.
Ardens Manager allows us to securely analyse pseudonymised patient data from our clinical
system (EMIS) to:
• Identify areas for improving quality of care and outcomes
• Monitor performance against national and local indicators (e.g Quality and Outcomes
Framework (QOF))
• Support proactive care for at-risk patients
• Fulfil our contractual and clinical governance responsibilities
What data is shared?
• The data processed by Ardens Manager is pseudonymised. This means personal
identifiers like your name or NHS number are removed and replaced with codes. The
data no longer identifies you, but it can be re-identified by authorised staff within the
practice if needed to support your care.
• Pseudonymised data may be shared securely with other NHS organisations only for
direct care, planning, quality improvement, and assurance purposes, and never for
marketing or commercial use.
Who can access the data?
• Access is limited to authorised staff within the practice and approved roles within our
Primary Care Network (PCN) and Integrated Care Board (ICB) who are involved in
planning and managing services.
• We remain the data controller. Ardens (the data processor) acts on our behalf under a
strict Data Processing Agreement and complies with UK GDPR and NHS Digital
standards.
Legal basis for processing
We process this data under UK General Data Protection Regulation (GDPR) Article 6(1)(e),
the performance of task carried out in public interest. For health data, the condition is Article
9(2)(h), the provision of health and social care.
Your rights
Under the UK GDPR, you have the right to object to your data being processed in this way,
that is, used in a pseudonymised form for service planning, performance monitoring, and care
improvement via Ardens Manager platform.
If you wish to object, please contact the Practice Manager. We will carefully consider your
request and assess whether we can reasonably stop processing your data without affecting
our ability to deliver safe, effective care or meet our legal obligations.
Please note that:
• The data used by Ardens Manager is pseudonymised and does not directly identify
you.
• The processing supports important functions such as identifying gaps in care,
reviewing service quality and managing local health needs.• In some cases, we may need to continue using your data where we have a compelling
legal or clinical grounds to do so in the public interest.
This is different from the NHS National Data Opt-Out which allows you to stop your identifiable
information being used for research and planning outside of your direct care. To manage your
national preferences, visit www.nhs.uk/your-nhs-data-matters
Find out more
• For more information on how Ardens Manager processes data, visit:
https://www.ardens.org.uk/privacy
NHS England has been directed by the government to establish and operate the OpenSAFELY COVID-19 Service and the OpenSAFELY Data Analytics Service. These services provide a secure environment that supports research, clinical audit, service evaluation and health surveillance for COVID-19 and other purposes.
Each GP practice remains the controller of its own GP patient data but is required to let approved users run queries on pseudonymised patient data. This means identifiers are removed and replaced with a pseudonym.
Only approved users are allowed to run these queries, and they will not be able to access information that directly or indirectly identifies individuals.
Patients who do not wish for their data to be used as part of this process can register type 1 opt out with their GP.