Data Protection Legislation is Changing from 25th May, the current UK Data Protection Act 1998 is being replaced by the EU General Data Protection Regulation (GDPR) and Data Protection Act 2018.

The new legislation is very similar to the 1998 Act but provides some enhanced rights for individuals around how the Practice uses your information.

Why do we Need Your Information?

The NHS Act 2006 and Health and Social Care Act 2012 invests statutory functions on GP Practices to promote and provide the health service to improve quality of services, reduce inequalities, conduct research, review performance of services and deliver education and training.

To do this we will need to process your information in accordance with the current data protection legislation to:

  • Protect your vital interests
  • Pursue our legitimate interests as a provider of medical care, particularly where the individual is a child or vulnerable adult
  • Perform tasks in the public’s interests
  • Deliver preventative medicine, medical diagnosis, medical research, and manage the health and social system and services

Should you require any further information on GDPR or the Data Protection Act, this can be found on the Information Commissioner’s Office (ICO) website:


You can also contact the Practice’s Data Protection Officer. When contacting the Data Protection Officer please ensure you include the details of the Practice:

Data Protection Officer: Mr James Carroll

Tel No: 0191 404 1000 (Ext 3436)

E-mail address: [email protected]

For Subject Access Requests, the practice needs to be contacted directly and not the DPO: [email protected]