PSM Medical Group

St Mary's Health Centre, Cop Lane, Penwortham, Preston, PR1 0SR

Telephone: 01772 970079 (Please note - area code must be dialled, even for local calls)

We are currently closed. If you call us between 18:30-20:30 weekdays, 09:00-17:00 on Saturdays and 09:00-12:00 on Sundays your call will automatically forward to our 'Increased Access' out of hours service where you can book 'on-the-day' GP and Practice Nurse appointments at one of our other network sites in Preston. For more information on this service go to

UCLan Medical Centre, Foster Building, UCLan Campus, Preston, PR1 2HE | Telephone: 01772 970079


What is GDPR?

The General Data Protection Regulation (GDPR) is a new law that determines how your personal data is processed and kept safe , and the legal rights that you have in relation to your own data.

The GDPR strengthens many of the Data Protection Act principles. The main changes are:

  • Practices must comply with subject access requests
  • Where we need your consent to process data, this consent must be freely given, specific, informed and unambiguous
  • There are new, special protections for patient data
  • We are obliged to reply to your request within one month of receipt of the request.

What is patient data?

Patient data is information that relates to a single person, such as your diagnosis, name, age, earlier medical history etc.

What is consent?

Consent is permission from a patient and is defined as “any freely given specific and informed indication of your wishes by which the data subject signifies the agreement to personal data relating to him/her being processed.” However, consent is only one potential lawful basis for processing information. We may not need to seek your explicit consent for every instance of processing and sharing your information, please refer to our privacy notice on the website and in the surgery which provide further information on our legal basis.

We may share your information for direct care purposes – this is when information is used for healthcare and medical purposes. e.g. directly contributing to your treatment, diagnosis, referral and care and this will require appointment bookings and inputting test results etc.

Some of the organisations involved in your care may include:

Out of hours services / Ambulance services / NHS hospital trusts/ Social Services / Community Support Services, e.g. health visitors, district nurses etc.

With your consent, we may also share your information with other organisations for example Local authorities (councils)

We may also use your personal information when required to by the law (for example following a court order to release documentation) and, in exceptional circumstances, where the use of your personal information is justified in the public interest. For example, when assisting the police with the investigation of a serious crime, or if there are concerns regarding child protection, it may be necessary for us to share your personal information with external agencies. For other uses of your personal information we will either directly ask for your consent or use data that does not identify you.

What does GDPR mean for you?

The GDPR highlights key points about processing personal data for staff or patients:

  • Data must be processed lawfully, fairly and transparently
  • It must be collected for a specific, explicit and legitimate purposes
  • Data must be held securely
  • It can only be retained for as long as is necessary for the reasons it was collected
  • It must be limited to what is necessary for the purposes for which it is processed
  • Information must be accurate and kept up to date

Your Rights

  • Being informed about how your data is used
  • Access your own data
  • Can ask to have incorrect information changed
  • Restrict how your data is used
  • Move your t data from one health organisation to another
  • The right to object to patient information being processed (in certain circumstances)

Why do we collect information about you?

 Health professionals caring for you keep records about your health together with any treatment and care you receive from the NHS in order to ensure that you receive quality care. By registering with the practice, your existing records will be transferred to us from your previous practice so that we can keep them up to date while you are our patient. We take great care to ensure that your information is kept securely, that it is that it is up to date, accurate and used appropriately. All our staff are trained to understand their legal and professional obligations to protect your information and only look at your information if they need to.

How are your records used?

Your care records are used to guide health professionals involved in the care you receive to:

  • Assess your health and decide the most appropriate care and treatment for you to review and improve the quality of care you receive.
  • Ensure appropriate information is available if you need to see another doctor, or be referred to a specialist or another part of the NHS
  • Investigate your concerns if you have a query, concern or a complaint.

We may also use your information to:

  • Provide evidence of treatment given, so that the correct payments are made to the practice
  • To prevent further ill health or worsening of current conditions by using ‘risk stratification’ tools and will be done by our commissioners using pseudonymised records. For example to use the tool to identify which patients are at high risk of heart attack. We will contact those patients at risk to ensure correct treatment is given to help prevent them from having a heart attack.

Some other examples for the use of pseudonymised information can be used without you being identified. Some examples include:

Health research and development / Teaching and personal development (particularly for doctors and nurses) /Commissioning/contract monitoring / Staff and patient surveys

Access to medical records

Personal Medical Records:

If you wish to access your medical records, please contact the Medical Centre to register to patient access online or contact the surgery to obtain a copy of the medical records.

Medical Records of Deceased Patients:

If you are a carer, guardian or a family member that is requesting to view medical records of a deceased patient , please contact Primary Care support England on 03330142884 to put a request for viewing medical records.

How to complain

In the event that you feel your GP Practice has not complied with the current data protection legislation, please raise your concerns in the first instance in writing to the Practice Manager at the address below.

If you remain dissatisfied with our response you can contact the Information Commissioner’s Office full details could be found at

General Privacy Notice

Privacy Notice – Provision of Direct Care

Opening Times

  • Monday
    08:00am to 06:30pm
  • Tuesday
    08:00am to 06:30pm
  • Wednesday
    08:00am to 06:30pm
  • Thursday
    08:00am to 06:30pm
  • Friday
    08:00am to 06:30pm
  • Saturday
    See Increased Access page in Appointments section
  • Sunday
    See Increased Access page in Appointments section
NHS A-Z Conditions
Find Local Services
Live Well