GDPR

What is GDPR

The United Kingdom General Data Protection Regulation (UK–GDPR) is the UK’s data privacy law that governs the processing of personal data from individuals inside the UK.

Under data protection law we must tell you about how we use your personal information. This includes the personal information that we share with other organisations and why we do so.  This additional privacy notice provides details about the personal information that we are sharing with NHS Digital for its General Practice Data for Planning and Research data collection

• Code of Confidentiality  (updated July 2022)
• Villa Privacy Notice – Patients (GDPR)(GDPR) updated 2024
• Villa Privacy Notice – Staff (GDPR) (GDPR) updated 2024
• GP Privacy Notice – Childrens (GDPR)(Updated 2024)
• subject Access Villa
• General-Data-Protection-Regulation-Patient-Information-Leaflet-2018 (4)

OPT OUT Form

The mandatory implementation of the National Data Opt-Out (NDOO), deadline of 31 March 2022, has been extended until 31 July 2022. It’s not intended to extend implementation of the deadline any further.

 As set out in the Operational Policy Guidance, the opt-out applies to the disclosure of confidential patient information for purposes beyond an individual’s direct care across the health and care system in England, unless an exemption has been granted. 

 Applications that need to be considered for exemption should contact the Confidentiality Advisory Group by 30 June 2022 at the latest cag@hra.nhs.uk.   If you have any further questions, please contact nationaldataopt-out@nhsx.nhs.uk.

If you do not want your personally identifiable patient data to be shared outside of your GP practice for purposes except your own care, you can register an opt-out with your GP practice. Please complete the attached form to register your choice. Opt-out form