Woodseats Medical Centre

0114 2850140

Privacy

Privacy notice

As data controllers, GPs have fair processing responsibilities under the Data Protection Act and GDPR law 2018. This means ensuring that your personal confidential data (PCD) is handled in ways that are safe, transparent and what you would reasonably expect.

 

Woodseats Medical Centre’s Privacy Notice

 

Privacy Notice Update: Use of Heidi AI Scribe Technology
Heidi – Patient Letter AI

Why We Use Heidi AI
Woodseats Medical Centre now uses Heidi, an AI-powered scribe, to help clinicians document patient consultations more accurately and efficiently. You’ll be asked for your consent before any transcription begins.

What Data Is Processed
Heidi may process:

  • Patient Data: Name, contact details, medical history, diagnosis, treatment, and consultation details
  • Clinician Data: Audio recordings of the clinician’s voice and professional identifiers

Legal Basis for Use
Data is processed with your explicit consent under:

  • GDPR Article 6(1)(a) – Consent
  • GDPR Article 9(2)(h) – Provision of health care

Data Retention & Security

  • Retention: Audio is stored temporarily and deleted once confirmed in the Electronic Health Record (EHR)
  • Security: Data is encrypted and stored on secure UK-based, NHS-compliant servers. Only authorised staff have access

Access & Sharing
Heidi acts as a data processor under contract, meeting all NHS data security standards. Only healthcare providers involved in your care can access your transcribed data.

Your Rights
You can:

  • Access your data
  • Withdraw consent at any time
  • Request corrections to your records

To ask questions or withdraw consent, contact:
syicb-sheffield.woodseatsmedicalcentre@nhs.net

 

OpenSAFELY

NHS England has been directed by the government to establish and operate the OpenSAFELY COVID-19 Service and the OpenSAFELY Data Analytics Service. These services provide a secure environment that supports research, clinical audit, service evaluation and health surveillance for COVID-19 and other purposes.

Each GP practice remains the controller of its own GP patient data but is required to let approved users run queries on pseudonymised patient data. This means identifiers are removed and replaced with a pseudonym.

Only approved users are allowed to run these queries, and they will not be able to access information that directly or indirectly identifies individuals.

Patients who do not wish for their data to be used as part of this process can register type 1 opt out with their GP.

Find additional information about OpenSAFELY.

 

This website uses cookies

A cookie is a small file, typically of letters and numbers, downloaded on to a device (like your computer or smart phone) when you access certain websites.

Cookies allow a website to recognise a user’s device.

Some cookies help websites to remember choices you make (e.g. which language you prefer if you use the Google Translate feature). Analytical cookies are to help us measure the number of visitors to a website. The two types we use are ‘Session’ and ‘Persistent’ cookies. Some cookies are temporary and disappear when you close your web browser, others may remain on your computer for a set period of time.

We do not knowingly collect or intend to collect any personal information about you using cookies. We do not share your personal information with anyone.

What can I do to manage cookies on my devices?

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.

To opt out of being tracked by Google Analytics across all websites visit https://tools.google.com/dlpage/gaoptout.

If you are concerned about cookies and would like to ask further questions please do not hesitate to write to our website developers – support@gpsurgery.net

Date published: 18th October, 2014
Date last updated: 15th December, 2025