GDPR/Privacy Notices

Your Information

Cromer Group Practice takes privacy seriously and we want to provide you with information about your rights, who we share your information with and how we keep it secure.

Please use the links below to find more information about the practice and data protection.

Digitised Patient Paper Records

Cromer Group Practice is undertaking a new initiative to digitise your GP paper records. This simply means scanning the current paper copy to create a new digital copy which can be kept in your main GP electronic record. Paper copies will then be destroyed.

We would like to assure patients that a full assessment of how your data will be managed and kept secure has been undertaken with the advice of our Data Protection Officer. We have taken steps to make sure that the copies created are of good quality and accurate.

A contract is in place between us and the provider of the scanning services and we have performed checks on the provider of the service and the secure sharing and storage of patient data. You can find out more about the provider at https://www.necsws.com/privacy-notice.

Patient Requests for Medical Records or Reports

We use a processor, iGPR Technologies Limited (“iGPR”), to assist us with responding to report requests relating to your patient data, such as subject access requests that you submit to us (or that someone acting on your behalf submits to us) and report requests that insurers submit to us under the Access to Medical Records Act 1988 in relation to a life insurance policy that you hold or that you are applying for.

iGPR manages the reporting process for us by reviewing and responding to requests in accordance with our instructions and all applicable laws, including UK data protection laws.

The instructions we issue to iGPR include general instructions on responding to requests and specific instructions on issues that will require further consultation with the GP responsible for your care.