Purpose
This procedure defines the process to be followed when a request for access to personal data is received.
Areas covered in this SOP are: Information requests (IR), Subject Access Requests (SAR), Freedom of Information Requests (FOI) and disclosing information to the police.
Personal information held by us is managed in accordance with GDPR and the Data Protection Act 2018 (DPA 2018). Our Data Protection Policy, Subject Access Request Procedure and Privacy Policy provide guidance on the situations in which personal data can be disclosed and transferred outside our organisation.
It is the policy of BrisDoc to assist the Police and other law enforcement agencies whilst still upholding an individual’s right to confidentiality and complying with GDPR.
No part of this guidance is intended to overrule a clinician’s professional duty of confidentiality. Guidance on confidentiality is provided below.