Haddenham Medical Centre is committed to ensuring the secure and appropriate use of information technology systems in order to protect patient information, maintain confidentiality, and support the safe delivery of healthcare services.
All practice computers, systems, email accounts, and electronic communications are used in accordance with NHS guidance, the Data Protection Act 2018, UK GDPR, and relevant cybersecurity standards.
The practice:
- Uses secure NHS-approved systems for managing patient information
- Restricts access to confidential information to authorised staff only
- Requires all staff to complete regular information governance and cybersecurity training
- Maintains secure passwords, antivirus protection, and system updates
- Monitors and manages IT systems to reduce the risk of unauthorised access, data breaches, or cyber threats
- Ensures electronic records are stored securely and backed up appropriately
Staff are responsible for:
- Using IT systems professionally and securely
- Maintaining patient confidentiality at all times
- Reporting any suspected data breaches, phishing attempts, or security concerns immediately
- Following practice policies regarding the use of email, internet access, and portable devices
Patients contacting the practice electronically should be aware that while every effort is made to keep communications secure, email and online communications may carry some inherent risks.
The practice regularly reviews its IT and information security procedures to ensure compliance with current NHS and legal requirements.
- Ensuring that contingency is provided for possible failure or equipment theft and that any such contingency plans are tested and kept up to date
Additionally we will take all reasonable measures to comply with our legal responsibilities under: