Dr Justin Carter

GDPR and data protection

This is an important topic these days.

Please read this this important document. It sets out how your data is handled. If forms an agreement between us and you'll be asked to sign a copy of this document at your appointment to show you’ve read, understood and agreed to the contents.

The summary is this:
Your information is not used for any purpose other than providing you with healthcare. It is shared only with clinicians and organisations I work with to provide you with healthcare. The primary record of your care is stored on a secure cloud based server provided by Microsoft (with whom I have a contractual agreement). The level of data security in place is appropriate for healthcare record storage. International standards (such as the US HIPAA standards) are met or exceeded by this storage structure.

The reason that your records are stored in this way is that it is more secure than paper based records whilst also allowing me to readily access your information when needed (especially in an urgent or unplanned situation) from almost any location.

Correspondence about you with my secretary and other professional colleagues will be via an encrypted email service. Once you've been seen in clinic, paper based correspondence will go to you and your GP (unless you instruct otherwise) with an option of you receiving email based results (which may not be fully encrypted) should you choose to opt in to that.

I am registered with the Information Commissioners Office (ICO) as a data processor and of course all of the protections afforded to you under the General Data Protection Regulations apply.