Skip to main content

Patient Objections Management (POM): GDPR information


Why and how we process your data in the Patient Objections Management system, and your rights.

Controller NHS Digital
How we use the information (processing activities)

Collection of Patient Objections Management (POM) data to identify patients who have registered that do not want their patient identifiable information being shared for purposes other than their direct care - patients who have 'opted out'. We monitor the number of patient objections, and make sure any data release has had patient information removed where a type 2 objection has been made.

Does this contain sensitive (special category) data such as health information? No
Who are recipients of this data?

Internal use only

Is data transferred outside the UK? No
How long the data is kept Data is no longer held and has been superseded by the National Data Opt out Programme.
Our lawful basis for holding this data Legal obligation
Your rights
  • Tick Be informed
  • Tick Get access to it
  • Tick Rectify or change it
  • Cross Erase or remove it
  • Tick Restrict or stop processing it
  • Cross Move, copy or transfer it
  • Cross Object to it being processed or used
  • Cross Know if a decision was made by a computer rather than a person
How can you withdraw your consent?

Consent not the basis for processing

Is the data subject to decisions made solely by computers? (automated decision making) No
Where does this data come from? General Practice (GP) medical records
The legal basis for collecting this data

Legal obligation (Direction)

Where NHS Digital uses this data