The General Data Protection Regulation (GDPR) became law on 24th May 2016. This is a single EU wide regulation on the protection of confidential and sensitive information. It enters into force in the UK on the 25th May 2018.

Patient Health Records are dealt with in the strictest confidence within the surgery.
All staff are trained and sign a confidentiality agreement and the practice adheres to the Data Protection Act of 1998. Information will not be released to other parties without written consent of the patient.

You may also under the Data Protection Act request a full copy of you medical notes although there will be an administration fee for this.