 |
By *issVery OP Woman
over a year ago
streatham |
A private clinic is using this new law to state that they can’t email me my medical photographs (which don’t identify me) even if I give my consent for them to do so! They want me to pay £10 for them to post it on a USB or I need to take time off, trek all the way to central with my own usb to get them.
Before I argue this further, does anyone know if they are right or just using this as a way to get £10! How can posting it be safer than emailing it? Arghhhhh |
Reply privately, Reply in forum +quote
or View forums list | |
|
By (user no longer on site)
over a year ago
|
"A private clinic is using this new law to state that they can’t email me my medical photographs (which don’t identify me) even if I give my consent for them to do so! They want me to pay £10 for them to post it on a USB or I need to take time off, trek all the way to central with my own usb to get them.
Before I argue this further, does anyone know if they are right or just using this as a way to get £10! How can posting it be safer than emailing it? Arghhhhh"
The NHS charge £10 too |
Reply privately, Reply in forum +quote
or View forums list | |
|
By *issVery OP Woman
over a year ago
streatham |
Ok I Just found this document by British Medical Association regarding access to health records and the GDPR rules..
“4.6 In what format should access be provided?
If the request is made electronically access should normally be given in electronic format. Where patients request the medical record to be emailed to them it is strongly recommended that the practice secures the patient’s agreement (in writing or via email) that they accept the risk of sending unencrypted information to a non-NHS email address. If the patient agrees a USB stick or a CD can be used as alternative electronic formats if these are supplied by the patient.
For requests which are not made electronically a paper copy should be provided.”
So as long as I consent and accept the risk, they should email them..
|
Reply privately, Reply in forum +quote
or View forums list | |
Look on the information commissioner's website (ico).
From my understanding you can make a subject access request which is now free and they will have to send you everything in terms of data that they hold on you.
Security has also been tightened up under the regulation and this could be why they may be adverse to sending them via email. |
Reply privately, Reply in forum +quote
or View forums list | |
|
By *issVery OP Woman
over a year ago
streatham |
"My IT colleagues tell me email is so vulnerable to hacking it is just like leaving your front door unlocked. At work we use secure systems like Egress. It seems to work pretty well."
I completely understand, but I just read in British Medical Association doc regarding new law that as long as patient accepts the risk (and clinic have it recorded) they can email it. And to be honest, it just a patch of hair from my head ffs don’t care where else it lands(yeah it’s not the point, but I’m just sayin) |
Reply privately, Reply in forum +quote
or View forums list | |
"You are entitled to make a Data Subject Access Request.
Under the new GDPR, organisations are no longer entitled to charge for this. "
This - and if you request it electronically, you are entitled to receive it electronically. Any problems complain to their Data Protection Officer. |
Reply privately, Reply in forum +quote
or View forums list | |
» Add a new message to this topic
