Medical Interoperability Gateway (MIG)

The Medical Interoperability Gateway is a system which allows us to share the clinical information held on our computer systems with other healthcare professionals who may be treating you. Your information would only be shared with appropriate professional services that have undergone strict security assessments (e.g. ambulance and out-of-hours services, community health, social care) and are working with you to provide support. The MIG helps to ensure that your information is available when it is needed most.

Health and Social Care Professionals will always ask for your consent to view certain information when treating and supporting you, this means that you are always presented with an option to agree or disagree.

In certain circumstances a patient’s information may be viewed without their direct consent, but only if there is a “Duty of care” – for example, if there are safeguarding concerns about someone’s welfare, during a medical emergency, or if the patient is unable to respond at the time of treatment. Only authorised health and social care staff involved in your care would be able to access your information, and they can only access the specific information required to do their job.

All information shared via SCR or MIG is transferred in an encrypted format over highly secure NHS networks. Your information can only be access by Healthcare Professionals with “chip and pin” smartcard access, and the relevant access rights. Your information will never be transferred outside of the NHS without your direct consent.

Sharing Your Data

Chesterfield Medical Partnership will never disclose or share your personal information to anyone outside the practice except under the following circumstances:

  • You have provided us with written consent for your information to be shared with a specific third party (eg. with a relative or carer)
  • You have provided us with explicit consent for your information to be shared with another healthcare professional who is providing you with treatment / care.
  • When you are unable to provided us with explicit consent (eg. due to injury or illness), but failure to disclose your information to another healthcare professional could potentially harm your health or well-being
  • We are required by law, or have received a court order to release the information to assist in the investigation of a crime, or in the greater public interest

Summary Care Records (SCR)

The Summary Care Record is an electronic record of significant medical information which is created from your medical records. Your SCR can be accessed by other healthcare professionals when they are providing you with care (eg. if you are taken into hospital) and may provide them with important information to assist with your treatment.

There are 2 forms of SCR:

Standard SCR: Contains basic important information such as the medicines you are taking, allergies you may suffer from and any bad reactions you may have had medication in the past.


Enhanced SCR: If you choose to the practice can add other important information to your SCR.

This could include information such as your significant medical history, vaccination history, communication preferences, or end of life care information.

Specific sensitive information like fertility treatments, sexually transmitted infections, pregnancy terminations and gender reassignment therapy etc. are automatically excluded. If you would like this information to be included in your SCR you will need to provide further specific consent.

An SCR is entirely optional. You can choose to have just the standard SCR, the enhanced SCR or opt out completely. You are free to change your mind and opt in or out of SCR at any time.

Please contact the practice if you would like to discuss opting in or out of the SCR.

More information regarding the SCR can be found on the NHS Digital website

Protecting Your Data

Everyone working in the NHS has a legal duty to keep information about you confidential and secure. All staff at Chesterfield Medical Partnership have signed a Confidentiality Agreement which confirms their commitment to ensuring the security and safe handling of all your personal information.

Data Protection Act (2018) & GDPR

The Practice fully complies with both the Data Protection Act [2018], the EU General Data Protection Regulations [2018] (GDPR) . These pieces of legislation outline the responsibilities of all organisations which hold individual’s personal data and the measures they must have in place to protect against unauthorised access to, or loss of this data.

More information regarding how the NHS protects your personal data can be found on the NHS Digital website.

Data Extraction

NHS bodies such NHS England, NHS Digital or the local CCG routinely extract anonymous and statistical data from our patient records. This type of data extraction is essential for the provision of NHS services and data may be extracted for a variety of reasons including contract payments, safety monitoring, medical research and the service planning.

The data extracted is completely anonymous and could not be used to identify an individual patient in any way.

Fit Note Data

The Health and Social Care Information Centre (HSCIC) extract anonymous data regarding the issuing of fit notes from our clinical system.

The data collected is fully anonymised and includes:

  • The number of computer generated fit notes issued
  • The number of patients recorded as “unfit” or “maybe unfit” for work
  • Fit note duration
  • Gender
  • Health condition type
  • Location including CCG area
  • Whether workplace adaptations were recommended

More information regarding the extraction of Fit Note data can be found on the HSCIC website.