Skip to main content
  • Language
    • Afrikaans
    • Albanian
    • Arabic
    • Armenian
    • Azerbaijani
    • Basque
    • Belarusian
    • Bengali
    • Bulgarian
    • Catalan
    • Chinese (Simplified)
    • Chinese (Traditional)
    • Croatian
    • Czech
    • Danish
    • Dutch
    • Esperanto
    • Estonian
    • Filipino
    • Finnish
    • French
    • Galician
    • Georgian
    • German
    • Greek
    • Gujarati
    • Haitian Creole
    • Hebrew
    • Hindi
    • Hungarian
    • Icelandic
    • Indonesian
    • Irish
    • Italian
    • Japanese
    • Kannada
    • Korean
    • Lao
    • Latin
    • Latvian
    • Lithuanian
    • Macedonian
    • Malay
    • Maltese
    • Norwegian
    • Persian
    • Polish
    • Portuguese
    • Punjabi
    • Romanian
    • Russian
    • Serbian
    • Slovak
    • Slovenian
    • Spanish
    • Swahili
    • Swedish
    • Tamil
    • Telugu
    • Thai
    • Turkish
    • Ukrainian
    • Urdu
    • Vietnamese
    • Welsh
    • Yiddish
  • Text Size
    • Increase Text Size
    • Decrease Text Size
    • Reset Text Size
Bexley Medical Group Providing NHS services
Providing NHS services
Search
Show Main Menu
  • Home
  • Appointments
  • Prescriptions
  • Services
  • Surgery Information
  • Health Information & Support
  • Contact
Home > Privacy Notice

Privacy Notice

Extended access privacy notice (DOCX, 33KB)

Our Healthier South East London privacy notice

 

SEL Data privacy notice (DOCX, 216KB)

Privacy Notice – Call Recording (DOCX, 16KB)

 

Bexley Medical Group – Practice Privacy Notice

How we use your personal information

This privacy notice explains how we collect, use, store and share your personal information when you receive care from Bexley Medical Group.

Healthcare professionals who provide your care are required to keep records about your health and any treatment or care you have received. These records help us to provide you with safe, effective and appropriate healthcare.

Who we are

Bexley Medical Group is the data controller for your personal information.

We are responsible for ensuring that your personal data is processed lawfully and in accordance with data protection legislation.

ICO Registration Number: Z7335603

What information we collect

Your GP record may be held electronically, on paper, or both. We ensure your information is kept secure and confidential.

This may include:

  • Personal details (name, address, date of birth, NHS number, contact details)
  • Emergency contacts, carers, or legal representatives
  • Details of appointments, visits, and consultations
  • Medical history, diagnoses, care plans, and treatment details
  • Test results (e.g. blood tests, x-rays, scans)
  • Medication and allergy information
  • Information received from other healthcare professionals or carers
  • Sensitive information (e.g. ethnicity, religion, sexual orientation where relevant)
  • Safeguarding or criminal-related information where necessary

Why we use your information

We use your information to:

Provide direct care

  • Assess your health and provide treatment
  • Prescribe medication and arrange investigations
  • Refer you to other services (e.g. hospitals, community teams)

Manage and improve services

  • Monitor the quality and safety of care we provide
  • Carry out clinical audits and service reviews
  • Support planning and delivery of NHS services

Protect public health and safety

  • Identify risks to your health
  • Support safeguarding responsibilities
  • Respond to public health concerns

Legal basis for processing

We process your information under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

The main lawful bases we rely on are:

  • Providing healthcare and treatment
  • Carrying out tasks in the public interest (running NHS services)
  • Managing health and care systems and services

We also comply with the common law duty of confidentiality.

Sharing your information

We only share information when it is necessary, relevant, and lawful.

For your care

We may share information with:

  • Hospitals and NHS Trusts
  • Other GP practices
  • Community services (e.g. district nurses, mental health teams)
  • Pharmacists
  • Out-of-hours and urgent care providers
  • Social care services

For NHS administration and commissioning

Your information may be shared with NHS organisations responsible for planning, funding, and managing services.

National organisations

Some data may be processed centrally by NHS England to support service planning, audit, and improvement.

Safeguarding and legal disclosures

In certain circumstances, we may share information without your consent, for example:

  • To protect you or others from serious harm
  • For safeguarding adults or children
  • When required by law (e.g. court order)
  • For prevention or detection of serious crime

Population health and service planning

We may use your data in a de-identified or pseudonymised form to:

  • Identify health risks
  • Improve services
  • Support proactive care

Where identifiable data is required, this will only be used where legally permitted.

Shared care records – London Care Record

We use the London Care Record (formerly known as Connect Care) to allow authorised healthcare professionals involved in your care to securely access relevant information.

This supports safer, faster, and more joined-up care.

You can choose to opt out of having your information shared through this system.

Accessible information and translation services

We follow the Accessible Information Standard.

If you have communication needs (e.g. large print, braille, interpreter, British Sign Language), we will ensure information is provided in a way you can understand.

We may use approved external providers where necessary, sharing only the minimum information required.

How we communicate with you

We may contact you to:

  • Arrange or remind you about appointments
  • Discuss your care
  • Provide health advice or information

Methods may include:

  • Telephone
  • Letter
  • SMS text messages
  • Email (where appropriate)

Please note: Email is not always a secure method of communication.

Research

Your information may be used for research purposes only where appropriate approvals are in place. Where consent is required, we will ask for it first.

Your rights

Under data protection law, you have the right to:

  • Be informed about how your data is used
  • Access your personal information
  • Request correction of inaccurate data
  • Request deletion in certain circumstances
  • Restrict or object to processing
  • Data portability (where applicable)
  • Challenge automated decision-making

Accessing your records (Subject Access Requests)

You can request a copy of your personal data held by the practice.

  • Requests are usually completed within one calendar month
  • We may ask for identification to confirm your identity
  • There is normally no charge unless requests are excessive or repetitive

Children’s information

Parents or guardians may access a child’s records unless the child is assessed as competent to make their own decisions or access would not be appropriate.

How long we keep your information

We retain records in accordance with national NHS retention guidelines.

Data security

We take appropriate measures to protect your information from loss, misuse, or unauthorised access.

All staff are trained in confidentiality and data protection.

Data breaches

If a data breach occurs, we will:

  • Investigate promptly
  • Take action to minimise risk
  • Report to the Information Commissioner’s Office where required
  • Inform affected individuals if there is a high risk

National Data Opt-Out

You can choose to opt out of your confidential information being used for planning and research (this does not affect your direct care).

You can set your preference online or via NHS services.

Maintaining transparency

We support the use of patient data to improve health and care services across the NHS.

This practice shares relevant patient information with NHS England for purposes such as health service planning, research, and improving treatments and outcomes.

This is sometimes referred to as General Practice Data for Planning and Research (GPDPR).

You can find out more about how this data is used, and your choices, by visiting the NHS website or speaking to the practice.

Contact details

If you have any questions about how we use your information, or wish to exercise your rights, please contact:

Data Protection Lead: Sarah Hearn
Bexley Medical Group
171 King Harold’s Way
Bexleyheath
DA7 5RB

Tel: 020 8303 1127

Complaints

If you are unhappy with how your data is handled, please contact the practice in the first instance.

You also have the right to complain to the Information Commissioner’s Office (ICO).

Obtaining copies of our privacy notice

Copies of our Practice Privacy notices are available in paper notices are available in paper form or upon request orally. Please address your request to the practice in writing for the attention of the Information Governance Lead. 

 

Last Updated 20 May 2026

Share

  • Print
  • Facebook
  • Bluesky
  • X (Twitter)
  • LinkedIn
  • Mastodon

Site

  • Sign In
  • Sitemap
  • Back To Top

About

  • Disclaimer
  • Website Privacy
  • Website Accessibility
  • Cookies
  • Content Attribution

Social

  • Facebook

Contact

King Harold's Way Surgery

171 King Harold’s Way, Bexleyheath, Kent, DA7 5RB

  • 020 8303 1127
  • bexleymedicalgroup@nhs.net

Erith Health Centre

50 Pier Road, Erith, Kent, DA8 1RQ

  • 020 8303 1127

Hurst Place Surgery

294A Hurst Road, Bexley, Kent, DA5 3LH

  • 020 8303 1127
© Neighbourhood Direct Ltd  2026
GP Practice Website by Oldroyd Publishing Group

Loading...