This Website is owned and operated by GP Matters Limited, a limited company incorporated under the Companies Act with Company Registration No.SC424457 and having its registered office address at 5 Park Gate, Glasgow, G3 6DL.

For the purposes of these Terms and Conditions “We”, “Our” and “Us” refers to GP Matters Limited. Please review these Terms and Conditions carefully before using this Website. Your use of this Website indicates your agreement to be bound by these Terms and Conditions.

Data protection
Any personal information you supply to us when you use this Website will be used in accordance with our privacy policy.

Terms of use – Basis of use of website
In using this website you agree that you have read and understood these terms and conditions and you agree to them. If you do not agree to these terms and conditions you are not authorised to use this website.

Your use of the website
You agree that your use of the website shall be in accordance with the following conditions. You will not express opinions that are vulgar, crude, racist, sexist or otherwise offensive.

You will not submit to the website or to any associated online platforms owned by GP Matters Limited any message, e-mail or other communication that contains material which does not belong to you without the owner’s express permission or which contains information that to the best of your knowledge is untrue, incorrect or misleading.

Third party websites
We accept no liability or responsibility for the information services or content of third party websites which are linked to this website. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.

Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.

Our warranty
Although we have taken all reasonable care to make sure that the information available on this website is correct, we are providing this website on an “as is” basis. We make no representation or warranty of any kind regarding the information contained on this website. The information on this website may be inaccurate, incorrect, incomplete, out of date, or unsuitable for any purpose. You must check all such information with us before you take any action in reliance upon it.

Our liability to you
On condition of us allowing you free access to the material on this website you accept that we shall not be liable for any loss or damage caused directly or indirectly by your reliance on the information on this website except to the extent we are unable to do so by law. This is a comprehensive exclusion of liability and includes all losses, damages, costs and expenses of any kind including loss of profit, economic loss, loss of goodwill and all and any direct, indirect or consequential loss of any kind. The exclusions and restrictions of liability contained in these terms and conditions are considered reasonable by you.

Intellectual property
All copyright, trademarks and other intellectual property rights in all material or content in this website shall at all times remain our property or that of our licensors. You are allowed to use this material and content of the website as expressly authorised by us or our licensee. You may not copy, modify, distribute, reproduce, transmit, license, publish, use or resell the information or incorporate into any other work, part or all of the material available on the website in any form except that you may:

Print or download extracts of the material on this website for your personal non-commercial use.
Copy the material on this website for the purpose of sending to individual third parties for their personal non-commercial information, provided that you acknowledge us as the source of the material and that you inform the third parties that these conditions apply to them and that they must comply with them. You will notify us immediately, if you become aware that any third party infringes our intellectual property rights.

Each of the provisions contained in these terms and conditions shall be construed as being independent of every other and if any provision contained in the terms and conditions is determined to be invalid or unenforceable pursuant to applicable law including, but not limited to the limitations on liability, such determination shall not affect the validity of the remainder of the terms and conditions which shall continue in effect.

Our website is operated and controlled from the United Kingdom and these terms and conditions and your use of this website are governed by and construed in accordance with the laws of Scotland. 

Our website uses cookies to distinguish you from other users of our site(s). This helps us to provide you with a good experience when you browse our website and also allows us to improve our site(s). 

A cookie is a small data file that certain web sites write to your hard drive when you visit them. The only personal information a cookie can obtain is information a user supplies him or herself. A cookie cannot read data from your hard disk or read cookie files created by other sites. Cookies, however, enhance our web site performance in several ways, including providing a secure way for us to verify your identity during your visit to our web site and personalising your experience on our site, making it more convenient for you. This web site uses the following cookie types so that we can serve you better.

Functionality or strictly necessary cookies
These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) to provide an enhanced, more personal experience. For instance, remembering a choice such as not to be asked again to fill in a questionnaire or user poll, or fulfilling a request by the user such as submitting a comment. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites. This site uses:

– PHPSESSID: This cookie is automatically created via PHP when a session is in use on the site.

– ASP.NET_SessionId – This is a session cookie and allows for the maintenance of the online journey.

– SecureToken – a session cookie used for the secure maintenance of a signed-in customer.

Performance cookies
These cookies collect anonymous information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works. Any data collected is limited to the website operator’s use only, for managing the performance and design of the site. These cookies can be third party cookies but the information must be for the exclusive use of the publisher of the website visited. This site uses:

Google’s cookies for analytics and for conversion tracking. As follows:


This cookie is typically written to the browser upon the first visit to our site from that web browser. If the cookie has been deleted by the browser operator, and the browser subsequently visits your site, a new __utma cookie is written with a different unique ID. This cookie is used to determine unique visitors to our site and it is updated with each page view. Additionally, this cookie is provided with a unique ID that Google Analytics uses to ensure both the validity and accessibility of the cookie as an extra security measure. This cookie expires 2 years from set/update.


This cookie is used to establish and continue a user session on our site. When a user views a page on our site, the Google Analytics code attempts to update this cookie. If it does not find the cookie, a new one is written and a new session is established. Each time a user visits a different page on our site, this cookie is updated to expire in 30 minutes, thus continuing a single session for as long as user activity continues within 30-minute intervals. This cookie expires when a user pauses on a page on our site for longer than 30 minutes.

• Google Conversion tracking
The conversion tracking cookie is set on your browser only when you click an ad delivered by Google where the advertiser has opted in to conversion tracking. These cookies expire within 30 days and do not contain information that can identify you personally. If this cookie has not yet expired when you visit certain pages of the advertiser’s website, Google and the advertiser will be able to tell that you clicked the ad and proceeded to that page. Each advertiser gets a different cookie, so no cookie can be tracked across advertiser websites. If you want to disable conversion tracking cookies, you can set your browser to block cookies from the googleadservices.com domain.

• DoubleClick tracking
We may, from time to time, use the Google DoubleClick cookie to allow us to implement Google Display Network impression reporting which reports display advertisement impressions, other uses of ad services and interactions with these ad impressions and ad services which are related to our websites.

We also have implemented Google Analytics Demographics and Interest reporting which reports 3rd-party audience data (such as anonymised age, gender and interests) within Google Analytics. You can manage how Google manages this information and “opt out” from data collection at Google Ads Preferences Manager.

Why do we need to use these cookies?

We use the information we obtain from our cookies for the following:

• Website usage and analytics
• To track your journey from page to page to enable the booking and payment process to function
• Tracking transactions to measure the effectiveness of search and marketing campaigns

Other third-party cookies and Targeting cookies
A cookie is classed as being first party if it is set by the site being visited. However, a third party cookie is issued by a different server to that of the domain being visited. It could be used to trigger a banner advert based on the visitor’s viewing habits or for analytical purposes. For example, when visiting a page with content embedded from YouTube, Google or Facebook. These service providers may set their own cookies on your web browser. Such anonymous cookies may be set by that third party to track the success of their application or to customise their application to you.

Targeting cookies are used to deliver adverts more relevant to you and your interests. They collect information about your browsing habits and are linked to services provided by third parties, such as ‘like’ and ‘share’ buttons and advertisements. We may use targeting cookies to send third party partners of GP Matters Limited information on your visit so that they can make our advertising more relevant to you when you visit their websites. An example of such a third party partner would be Facebook. Online Targeted Advertising does not result in more ads, rather the ads you see will be more relevant to you.

Blocking and deleting cookies
Should you wish to do so, you can refuse cookies by disabling them in your web browser’s settings. If this is done it is important not to exclude the benign and useful session cookies. Choose an option that rejects all third-party cookies such as Do Not Track (DNT), which can be enabled in your browser. Please note that this may impact on the usability of ours and other websites.

Most browsers are defaulted to accept and maintain cookies and you can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it or not.Please consult the support documentation for your web browser, which can be found online, for more information.

Questions, comments and requests regarding this privacy and cookie policy are welcomed and should be addressed to: info@gpmatters.com

Data Protection Compliance Policy
This Data Protection Compliance Policy sets out the steps taken by GP Matters Limited to ensure that its data processing practices are in accordance with UK data protection law. GP Matters Limited acknowledges that the personal data it processes is, and shall remain, the property of the Client/Patient. Upon termination of the contractual relationship with the Client/Patient, GP Matters Limited (or other properly appointed responsible agent) will continue to hold the personal data on behalf of the Client/Patient. The Client/Patient reserves the rights to access their personal data in accordance with this data protection statement at any time. Personal data will not be given to any other third parties for any purpose. GP Matters Limited has in place appropriate technical and organisational measures against the accidental, unauthorised or unlawful processing, destruction, loss, damage or disclosure of personal data and adequate security programmes and procedures to ensure that unauthorised persons do not have access to personal data or to any equipment used to process personal data. GP Matters Limited provides individuals (including the Client/Patient HR) with the right of access, rectification, blocking, erasure and/or destruction available to such individuals under the applicable data protection laws in the UK. GP Matters Limited acknowledges that the personal data it processes is, and shall remain; the property of the Client/Patient and it will return to the Client/Patient all copies of the relevant data upon termination of the contractual relationship with them as and when requested.

GDPR May 2018
The EU General Data Protection Regulation (GDPR) becomes enacted on the 25th May 2018 and will standardise data privacy and protection laws across Europe. The UK government is equally committed to this process. As a result, there may be some further fine tuning of this process following on from the Brexit transition. It will also affect companies outside of Europe as it applies to any entity that processes personal data tied to offering goods and services to, or monitoring behaviour of, European data subjects. The GDPR has implications for all healthcare service operators; with in the NHS and Private sectors.

GP Matters Limited is very much aware of its obligations as a data processor under the GDPR and we are committed to discharging these obligations in a robust and professional manner. All the activities here at GP Matters Limited remain underpinned by the same ongoing obligations regarding patient and client confidentiality and always remain an essential part of the core “duties of a doctor” and there are high expectations which are also enforceable by our professional body (General Medical Council) and this will continue in the same vein. This applies to Occupational Health (business to business) related activities just as much as it does for ordinary private GP services. As part and parcel of our ongoing GDPR compliance efforts we will continue to review, improve, refine and document our security measures to protect any of our patients and clients against any unauthorised access, use or disclosure of the content we protect. As well as providing direct private patient care, GP Matters Limited also provides occupational and Company medical services on behalf of third party employers and it is important that all service users and agents have confidence in all aspects of our service and the data that we must process to effectively do so.

The medical director (Dr Carole McAlister) is the Data Controller for GP Matters Limited and will remain so and he will also be primarily responsible for dealing with any of the measures required to facilitate best practice and all related data/GDPR matters and taking full cognisance of the newly emerging legislation. Dr McAlister also welcomes any informal or other feedback about any of these statements and how they are interpreted by others (carole@gpmatters.com). Furthermore, as part of our extensive obligations to the inspectorate here in Scotland (Healthcare Improvement Scotland) all policies (including those relating to data processing and the GDPR) are assessed and monitored by them for appropriate compliance.

What GDPR will mean for patients/staff?

Your data:
• Must be processed lawfully, fairly and transparently.
• Collected only for specific, explicit and legitimate purposes.
• Must be limited to what is necessary for the purposes for which it is processed.
• Must be accurate and kept up to date.
• Must be held securely.
• It can only be retained for as long as is necessary for the reasons it was collected.

Patients/staff rights:
• Being informed about how their data is used.
• To have access to their own data.
• To ask to have incorrect information changed.
• To restrict how their data is used.
• Move their patients/staff data from one organisation to another.
• To object to their personal information being processed (in certain circumstances).

The GDPR will supersede the current Data Protection Act (DPA).It is like the Data Protection Act (DPA) 1998, with which GP Matters Limited already fully complies with: but further strengthens many of the DPA’s principles.

The main changes are:
• The Practice must comply with Subject Access Requests (see appendix 1 – below) – a written signed request from an individual to see what information is held about them – like where we require your consent to process data. This must be freely given, specific, informed and unambiguous.
• New special protection for personal data.
• The Information Commissioner’s Office must be notified within 72 hours of a data breach.
• Higher fines for data breaches.

There is a lot of guidance available on line to explain all these issues in much greater detail. The Information Commissioners Office website is generally highly informative and very reliable: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Information for individuals is also available there; for example, a subject access request SAR) can be read about at: https://ico.org.uk/for-the-public/personal-information (or ask GP Matters Limited reception/(see appendix 1 – below).

Existing patients and clients of GP Matters Limited are very welcome to make direct contact with us at any time to make any kind of enquiry about their existing data and how this is stored/protected. Every effort will be made to reply to you as quickly as possible but initially, all queries will be dealt with only by the Medical Director. Thank-you for your forbearance and be rest assured, that for most of services provided by GP Matters Limited; business and service will essentially continue along the same lines.
We will in due course be asking all existing users coming back for future appointments to review our new patient form (also on the website) and re-sign a copy for their GP Matters Limited records: to update and refresh this professional service ‘relationship’.

Daniel Diez 19th November, 2018
Practice Manager

Privacy Notice for patients
Further information on the Privacy Notice for Patients can be found on this webpage or by request (please email info@gpmatters.com) .

Security Policy
GP Matters Limited has in place and undertakes to maintain appropriate technical and organisational measures against the accidental, unauthorised or unlawful processing, destruction, loss, damage or disclosure of data. Likewise, adequate security programs and procedures are in place to ensure that unauthorised persons do not have access to the data or to any equipment used to process the data.

Appendix 1
General Data Protection Regulation 2016 (GDPR)

Subject Access Request Form

The General Data Protection Regulation (GDPR) gives people the right to know what personal information an organisation has about them. To use this right, you can make what is known as a ‘subject access request’.

Only the following people may apply for access to personal information.
• The person who the information is about.
• Someone acting on behalf of the person who the information is about.

You have a right to know whether or not we have any information about you, and a right to have a copy of that information. You have a right to know the following.

• What kind of information we keep about you.
• The reason we are keeping it and how we use it.
• Who gave us your information
• Who we might share your information with and who might see your information.

You also have the right to have any codes or jargon in the information explained. You won’t be able to see information that could:

• Cause serious harm to your physical or mental health, or anyone else’s
• Identify another person (except members of NHS clinical staff who have treated the patient) unless that person gives their permission.

If you need any more advice about your rights under the General Data Protection Regulation, please contact the GP Matters Data Protection Officer or, you can contact the Information Commissioner’s Office:

Data Protection Officer, Medical Director: Dr Carole McAlister, GP Matters, 24 Buckingham Terrace, Glasgow G12 8ED, tel 0141 7373 289, email: info@gpmatters.com

The Information Commissioner’s Office – Scotland 45 Melville Street Edinburgh EH3 7JL. Phone: 0131 244 9001 Email: Scotland@ico.org.uk

Data will be provided free of charge. There may be a charge of a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
A reasonable fee may occur when complying with requests for further copies of the same information. This does not mean that there will be a charge for all subsequent access requests.
The fee must be based on the administrative cost of providing the information.

Response time
We will deal with your request as quickly as possible and within 30 days of receiving your request. If we have any problems getting your information we will keep you up to date on our progress.

How long records are kept
The usual rules to do with keeping records are that:
• GP Matters records are kept for 20 years after last contact
• maternity records are kept for 25 years after the birth of the last child;
• children’s and young people’s records are kept until the child’s or young person’s 25th birthday;
• mental-health records are kept for 20 years after the date of the last contact.
This may help you in considering what types of records you are applying to see.

Points to consider

Making false or misleading statements to access personal information which you are not entitled to is a criminal offence.
Accessing health records and information is an important matter. Releasing information may in certain circumstances cause distress. You may want to speak to an appropriate health professional before filling in the form below.

For the purpose of the Data Protection Act 1998 (the Act), GP Matters is fully registered with the Information Commissioner’s Office (ICO Ref ZA487876) and the Medical Director, Dr Carole McAlister is the Data Protection Officer.
GP Matters Limited, is a limited company incorporated under the Companies Act with Company Registration No. SC424457 and having its registered office address at 5 Park Gate, Glasgow, G3 6DL. 

A Privacy Notice (or ‘Fair Processing Notice’) is an explanation of what information the Practice collects on patients, and how it is used. Being transparent and providing clear information to patients about how a Practice uses their personal data is an essential requirement of the Data Protection Act (DPA) 1998. This is being added to by the GDPR and new DPA 2018.

Under the DPA/GDPR, the first principle is to process personal data in a fair and lawful manner and applies to everything that is done with patient’s personal information. In practice, this means that the Practice must;
• Have legitimate reasons for the use or collection of personal data
• Not use the data in a way that may cause adverse effects on the individuals (e.g. Improper sharing of their information with 3rd Parties)
• Be transparent about how you the data will be used, and give appropriate privacy notices when collecting their personal data
• Handle personal data only as reasonably expected to do so
• Make no unlawful use of the collected data

Personal data must be processed in a fair manner – the DPA says that information should be treated as being obtained fairly if it is provided by a person who is legally authorized or required to provide it. Fair Processing means that the Practice must be clear and open with people about how their information is used.
Providing a ‘Privacy Notice’ is a way of stating the Practice’s commitment to being transparent and is a part of fair processing, however you also need to consider the effects of processing on the individuals and patients concerned;

• What information are we collecting?
• Who collects the data?
• How is it collected?
• Why do we collect it?
• How will we use the data?
• Who will we share it with?
• What is the effect on the individuals?
• If we use it as intended, will it cause individuals to object or complain?

Conducting a Privacy Impact Assessment is an effective way of assessing whether you can safely collect or use patient data according to the DPA and Information Governance requirements.

Under the Data Protection Act, the data controller is the person or organization that will decide the purpose and the manner in which any personal data will be processed – they have overall control of the data they collect and decide how and why it will be processed.

A GP Practice is a data controller for the patient information it collects and should already have data processing arrangements with third parties (e.g. IT systems providers) to ensure they do not use or access data unlawfully; the data controllers will have ultimate responsibility for the Practices’ compliance with the DPA. The data controller for GP Matters is the Medical Director (Dr Carole McAlister)

As GP Matters is an entirely private provider, no information is gathered routinely and shared with NHS with respect to identifying those patients at higher risk of needing secondary care within hospitals etc. This is a provision undertaken ONLY by NHS GP services.


Personal information may be shared within a secure and confidential environment to determine which person/body/insurer should pay for the treatment received. This means sharing identifiable information such as name, address, date of treatment etc. to enable the billing process.

If the Practice shares information with any external organisations (within or outside the NHS), then it should let patients know by listing them. Partner organisations will usually include Private Hospital providers; healthcare professionals and NHS organisations (hospitals/NHS GP services etc.)

The DPA gives patients the right to view any information held about them – the ‘Right of Subject Access’. GP Matters is fully registered with the Information Commissioner’s Office (ICO Ref ZA487876).

This privacy notice explains why we as a Practice collect information about our patients and how we use that information.
GP Matters manages patient information in accordance with existing laws and with guidance from organisations that govern the provision of healthcare in Scotland/UK such as the Department of Health/NHS Scotland, Healthcare Improvement Scotland and the General Medical Council.
We are committed to protecting your privacy and will only use information collected lawfully in accordance with:

• Data Protection Act and GDPR 2018.
• Human Rights Act 1998
• Common Law Duty of Confidentiality
• Health and Social Care Act 2012
• NHS Codes of Confidentiality and Information Security

As data controllers, GPs have fair processing responsibilities under the Data Protection Act 2018. In practice, this means ensuring that your personal confidential data (PCD) is handled clearly and transparently, and in a reasonably expected way.

The Health and Social Care Act 2012 changed the way that personal confidential data is processed, therefore it is important that our patients are aware of and understand these changes, and that you have an opportunity to object and know how to do so.

The health care professionals who provide you with care maintain records about your health and any treatment or care you have received (e.g. Private/NHS Hospital Trust, GP Surgery, Walk-in clinic, etc.). These records help to provide you with the best possible healthcare. We are not routinely given information from the NHS unless we have instigated a referral on your behalf or have your explicit consent to seek that data under specific circumstances.

Private/NHS health records may be processed electronically, on paper or a mixture of both; a combination of working practices and technology are used to ensure that your information is kept confidential and secure. Records held by this GP practice may include the following information:

• Details about you, such as address and next of kin
• Any contact the practice has had with you, including appointments (emergency or scheduled), clinic visits, etc.
• Notes and reports about your health
• Details about treatment and care received
• Results of investigations, such as laboratory tests, x-rays, etc. Consultant reports/letters and outcome reports from a wide variety of allied healthcare professionals
• Relevant information from other health professionals, relatives or those who care for you

GP Matters collects and holds data for the sole purpose of providing healthcare services to our patients and we will ensure that the information is kept confidential. However, we can disclose personal information if:

a) It is required by law
b) You provide consent – either implicitly for the sake of your own care, or explicitly for other purposes
c) It is exceptionally justified to be in the public interest

A patient can object to their personal information being shared with other health care providers but if this limits the treatment that you can receive then the doctor will explain this to you at the time.

If you provide us with your mobile phone number, we may use this to send/text you reminders about any appointments or other health screening information being carried out.

Our Website may use cookies to optimise your experience:.
Using this feature means that you agree to the use of cookies as required by the EU Data Protection Directive 95/46/EC/ GDPR.

Risk stratification is a process for identifying and managing patients who are at high risk of requiring emergency or urgent care. This is a routine provision within NHS general practice but not so for GP Matters (being exclusively private). However, if a new ‘eligible’ condition such as Cancer or Diabetes is identified, the doctor here will discuss (with you) having this notified (as part of any general data sharing/ updates with NHS GP) with the appropriate NHS body so that you may be in a better position to avail yourself of subsequent/future care within the NHS system.

Information such as your name, address and date of treatment may be passed on to enable the billing process - these details are held in a secure environment and kept confidential. This information will only be used to validate invoices and will not be shared for any further commissioning or other purposes.


We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Data Protection Act 2018 (which is overseen by the Information Commissioner’s Office), Human Rights Act, the Common Law Duty of Confidentiality, and the NHS Codes of Confidentiality and Security. Every staff member who works for GP Matters or any of its partner organizations has a legal obligation to maintain the confidentiality of patient information.

All of our staff, contractors and committee members receive appropriate and regular training to ensure they are aware of their personal responsibilities and have legal and contractual obligations to uphold confidentiality, enforceable through disciplinary procedures. Only a limited number of authorised staff have access to personal information where it is appropriate to their role and is strictly on a need-to-know basis.

We maintain our duty of confidentiality to you at all times. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. life or death situations), or where the law requires information to be passed on.

We may also have to share your information, subject to strict agreements on how it will be used, with the following organisations:
• Private Hospital Providers (BMI ROSS HALL / NUFFIELD for example) inpatient and outpatient care
• Health Insurers (e.g. BUPA/WPA, PPP, AVIVA…)
• NHS Trusts • Specialist Trusts
• Independent Contractors such as dentists, opticians, pharmacists, psychologists and other certified allied healthcare practitioners.
• Voluntary Sector Providers (rarely and only if requested by client/patient)
• Ambulance Trusts (exceptional and rare circumstances)
• Social Care Services (as above)
• Education Services (as above and only as a result of patient/client request)
• Fire and Rescue Services (exceptional safety critical issues)
• Police


You have a right under the Data Protection Act 2018 to access/view information the practice holds about you, and to have it amended or removed should it be inaccurate. This is known as ‘the right of subject access’. If we do hold information about you, we will:
• Give you a description of it
• Tell you why we are holding it
• Tell you who it could be disclosed to
• Let you have a copy of the information in an intelligible form

If you would like to make a ‘subject access request=SAR’, please contact GP Matters in writing. There may be a charge for this service. (You can also ask reception to email/post you a copy of explanatory SAR information)

The practice is registered as a data controller under the Data Protection Act. The registration number is ZA487876 and can be viewed on-line in the public register at http://www.ico.gov.uk/

It is important that you tell the person treating you if any of your details such as your name or address have changed or if any of your details such as date of birth is incorrect in order for this to be amended. You have a responsibility to inform us of any changes so our records are accurate and up to date for you.

The Data Protection Act requires organisations to register a notification with the Information Commissioner to describe the purposes for which they process personal and sensitive information. This information is publicly available on the Information Commissioners Office website www.ico.org.uk. GP Matters is registered with the Information Commissioners Office (ICO).

The Data Controller, responsible for keeping your information secure and confidential is Dr Carole McAlister (Medical Director). Any changes to this notice will be published on our website and displayed in prominent notices at GP Matters.


1. www.ico.org.uk (information commissioner’s office)
2. www.gmc-uk.org (General Medical Council; regulatory body for all doctors: ethical guidanceetc.)
3. http://www.healthcareimprovementscotland.org (care regulator and inspector inScotland)   

GP MATTERS - Practice Policies

This section lists a summary of some of the most relevant Practice Policies. It is not practical to list all of the Practice policies on this webssite but please speak to our Practice Manager (Tel 0141 334 0894 or info@gpmatters.com if you require additional and more detailed information on any of our policies.

Practice Policies on this webpage:
• Patient Rights
• Confidentiality & Medical Records
• Freedom of Information
• Access to Records
• Complaints
• Chaperones
• Violence Policy
• Safeguarding Adults Policy Statement
• Safeguarding Children Policy Statement
• Equality and Diversity Policy
• Clinical Governance Policy
• Consent Policy

Patient Rights
You will be treated with respect and as a partner in your care. Being a partner means you
responsibilities too.
We will:
•Work in partnership with you to achieve the best medical care possible.
•Involve you and listen to your opinions and views in all aspects of your medical care.
•The prevention of disease, illness and injury is a primary concern.
The medical staff will advise and inform you of the steps you can take to promote good
health and a
healthy lifestyle. We would respectfully ask that you:
•Let us know if you intend to cancel an appointment or are running late.
•Treat staff with courtesy and respect. Reception staff may have to ask some personal
questions to assist us in providing you with the best service
•Inform the practice staff of any alterations in your circumstances, such as change of
surname, address or telephone number. Please ensure that we have your correct
telephone number, even if it’s ex-directory.
As patients, you are responsible for your own health and that of any dependants. It is
important that you adhere to information and advice given to you by health professionals,
and co-operate with the practice in endeavouring to keep you healthy.

Confidentiality & Medical Records
The practice complies with data protection and access to medical records legislation.
information about you will be shared with others in the following circumstances:
• To provide further medical treatment for you e.g. from hospital services.
• To help you get other services e.g. from the social work department. This requires your
• When we have a duty to others e.g. in child protection cases
Reception and administration staff require access to your medical records in order to do
their jobs.
These members of staff are bound by the same rules of confidentiality as the medical staff.

Freedom of Information
Information about the General Practitioners and the practice required for disclosure under this act can be made available to the public. All requests for such information should be made to the practice manager.

Access to Records
In accordance with the Data Protection Act 1998 and Access to Health Records Act,
patients may request to see their medical records. Such requests should be made through the practice manager and may be subject to an administration charge. No information will be released without the patient consent unless we are legally obliged to do so.

We make every effort to give the best service possible to everyone who attends our
However, we are aware that things can go wrong resulting in a patient feeling that they
have a genuine cause for complaint. If this is so, we would wish for the matter to be settled as quickly, and as amicably, as possible.
To pursue a complaint please contact the practice manager who will deal with your
concerns appropriately. Further written information is available at request regarding our
complaints procedure.
Please contact us on Tel 0141 339 0894 or info@gpmatters.com

The practice is committed to providing a safe and comfortable environment where patients and staff are confident that best practice is being followed.
Patients are entitled to ask for a chaperone for any consultation, examination or procedure where they feel they prefer to have a chaperone.
Patients would help us by requesting a chaperone when booking an appointment where a chaperone is required. This may mean rescheduling appointments in order to meet this

Violence Policy
We operate a zero tolerance policy with regard to violence and abuse and the practice has the right to remove violent patients from the list with immediate effect in order to safeguard practice staff, patients and other persons. Violence in this context includes actual or threatened physical violence or verbal abuse which leads to fear for a person’s safety. In this situation, we will notify the patient in writing of their removal from the list and record in the patient’s medical records the fact of the removal and the circumstances leading to it.

Safeguarding Adults Policy Statement

Purpose: This policy will enable GP Matters to demonstrate its commitment to keeping
safe patients who are vulnerable adults and other vulnerable adults with whom it comes
into contact with. The Practice duly acknowledges its duty to respond appropriately to any allegations, reports or suspicions of abuse.
It is important to have the policy and procedures in place so that all who work at the
Practice can work to prevent abuse and know what to do in the event of abuse.

The Policy Statement and Procedures have been drawn up in order to enable the Practice
• Promote good practice and work in a way that can prevent harm, abuse and
coercion occurring
• Ensure that any allegations of abuse or suspicions are dealt with appropriately and
the person experiencing abuse is supported
• Stop that abuse occurring

Definition: Vulnerable adults are defined as:
People aged 18 or over
Who are receiving or may need community care services because of learning, physical or
mental disability, age or illness
Who are or may be unable to take care of themselves, or unable to protect themselves
against significant harm or exploitation.

Scope: It is acknowledged that significant numbers of vulnerable adults are abused and it
is important that the Practice has a Safeguarding Adults Policy, a set of procedures to
follow and puts in place preventative measures to try and reduce these numbers.

GP Matters is committed to implementing this policy.

It addresses the responsibilities of all members of the practice team and those outside the team with whom we work. It is the role of the Safeguarding Adults Lead and the Practice Manager to brief all staff and partners on their responsibilities under the policy.

In order to implement this policy the Practice will work:
To promote the freedom and dignity of the person who has or is experiencing abuse
To promote the rights of all people to live free from abuse and coercion
To ensure the safety and wellbeing of people who do not have the capacity to decide how
they want to respond to abuse that they are experiencing
To manage services in a way which promotes safety and prevents abuse
To recruit staff safely, ensuring all necessary checks are made
To provide effective management for staff through support and training

GP Matters will:
Work with other agencies within the framework of the local Safeguarding Adults Board
Policy and Procedures
Act within GMC guidance on confidentiality and will usually gain permission from patients
before sharing information about them with another agency
Pass information to Adult Services when more than one person is at risk eg if there are
concerns regarding any form of abuse including neglect.
Inform patients that where a person is in danger, a child is at risk or a crime has been
committed then a decision may be taken to pass information to another agency without the services user’s consent
Make a referral to Adult Services as appropriate
Endeavour to keep up to date with national developments relating to preventing abuse and welfare of adults
The Practice recognises that it is the role of the practice to be aware of maltreatment and share concerns but not to investigate or to decide whether or not a vulnerable adult has been abused.

Safeguarding Children Policy Statement
Purpose: GP Matters is committed to protecting children from abuse and neglect,
preventing impairment of health and development, and ensuring they grow up in
circumstances consistent with the provision of safe and effective care enables children to have optimum life changes and enter adulthood successfully.

This policy is in place to:
Provide awareness for all staff of the importance of prompt and effective action in
response to child protection concerns
To practice good inter-agency cooperation at all levels
To ensure that agreed multi-agency procedures are followed in dealing with cases of child abuse
To promote the sharing of information in order to safeguard the welfare of children at risk

Scope: GP Matters is committed to implementing this policy. This policy will be made
accessible to staff and Partners and will be reviewed regularly.
The commitment to the safeguarding of children means that many different practice
protocols and polices include mention of child protection. The purpose of this policy is to
give an overview of Child Protection procedures, and signpost to the specific polices as
It addresses the responsibilities of the practice tam and those outside the team with whom we work.
It is the Safeguarding Children Lead and the Practice Manager to brief the staff and
partners on their responsibilities under the policy.

Responsibilities: GP Matters will:
Make arrangements to take all reasonable measures to ensure that risks of harm to
children’s welfare are minimised including protecting children from maltreatment and
preventing impairment of children’s health or development.
Ensure all national, regional and local guidelines are followed as applicable to the practice
Work with colleagues in other disciplines (Health Visitors, Social services etc) to ensure
timely and appropriate action.
Share information essential to enable early intervention and preventative work, for
safeguarding and promoting welfare and for wider public protection
Make a referral to Children’s Services as appropriate
Manage services in a way which promotes safety and prevents abuse
Recruit staff safely, ensuring all necessary checks are made
Provide effective management for staff, through support and training

Equal Opportunities Policy
The Practice will take all steps necessary to ensure that all patients, staff and visitors are
treated with dignity and respect.
Patient services and care are offered and provided according to clinical need regardless of sex, age, marital status, race, ethnicity, disability, sexual orientation, religion or belief.
All Practice employment policies operate regardless of sex, marital status, pregnancy,
race, ethnicity, disability, sexual orientation, religion or belief, and from 2006, age. This
applies, for example, to recruitment, selection, training, remuneration and terms of
employment, promotion, and dismissal policies.
All employees and Directors and other people who work at the Practice eg. locum GPs,
attached staff, temporary staff and contractors are bound by the Practice’s Equal
Opportunities policy and unfair discrimination against patients, staff or visitors will be
considered as a disciplinary offence.

Clinical Governance
Everyone at the Practice is committed to providing the best possible care we can for our
As a Health Improvement Scotland registered clinic we work within a system called
Clinical Governance to help us keep improving our services to patients. The system is
based on five principles, and this is how we apply them in our surgery:
• Patients
We like to work in partnership with our patients to provide the most appropriate care and
treatment for each individual in our care. This means listening to your concerns, answering your questions and providing information on illnesses and treatments so that you can be fully involved in decisions about your care and treatment.
We also have an annual patient survey to find out how well you think we are doing.
• Clinical Effectiveness
We carry out audits of our clinical work to make sure we are following up-to-date
guidelines and best practice.
• Risk Management
Having good systems for routine procedures helps us to avoid mistakes.
We have procedures for reporting mistakes and ‘near misses’ so that we can learn from
these and prevent them happening again. These are discussed in the practice meetings so that everyone is aware of risks and how to avoid them.
• Use of Information
We use a clinical information system to help us maintain accurate records for all our
patients. With hand held computers this means that a doctor on a home visit has up-todate information on test results, reports from the hospital and medication literally at their fingertips.
Also the staff use the Internet to check the latest information about conditions and
• Education and Training
The practice is committed to ensuring that all staff have the right training for their job.
The staff have Continuing Professional Development to maintain and develop clinical and
other skills.

Consent for a non-intimate examination, such as taking blood pressure, is generally
implied. This means permission will not be sought.
Consent for an intimate examination requires expressed (verbal) consent. This means
permission will be sought.
Consent for a minor operation requires written consent. You will be counselled so that
informed consent is obtained.
Consent for Children's Treatment (Under the Age of 16)
Where it is considered appropriate by parents, or where an adolescent does not wish the
presence of an adult, a child may give the legal consent to their own treatment.
Under these circumstances, the clinician must be satisfied that the child has a full
understanding of the advice and treatment being provided.  

© Copyright 2021 GP Matters Limited - All Rights Reserved