Job Description

This position is part of the Greater Derby Primary Care Network (PCN) team, which delivers clinical and non-clinical support services to 11 GP practices within the Derby area. The network serves a patient population of over 95,000 patients.

Role Summary

The Subject Access Request (SAR) & Medical Reports Administrator ensures high-quality management and timely provision of records & reports, in compliance with data protection legislation. The role involves handling SARs & medical report requests from patients, representatives, solicitors, and external agencies such as the Police, Benefits Agency, NHS Trusts, and others.

Key areas/Tasks

To record the receipt of all requests from external agencies using the subject access & medical report spreadsheet To use the IGPR software when actioning SARS requests Ensure that any information is redacted as necessary prior to disclosure in accordance with current legislation, including any 3rd party information documented in the medical records where it is not possible to obtain consent of the 3rd party. To review medical report requests & fill in administrative information in preparation to be passed onto a GP to complete any medical reporting documentation. To liaise with Medical Staff where necessary in order to gain their "professional opinion" as to whether disclosure is likely "to cause serious harm or distress to the applicant", before copies are forwarded to the applicant. Ensure that the verification of any identification is undertaken and consent granted prior to disclosing any information Prioritises workload for self to ensure that all requests are processed in accordance with the general data protection regulations (GDPR), and within the required 30 day timescales Where the timescales are unable to be achieved, ensuring that any extension of this is communicated prior to the 30 days to the applicant giving the reason for the delay and anticipated timescale. To task a request to a practice staff member if paper copies of a record is requested and recording the date reports have been dispatched against the application on the subject access request spread sheet. To scan, send and document completed medical reports to the requester as appropriate & document in system & spreadsheet accordingly. To take every reasonable opportunity to maintain and improve your professional knowledge and competence, ensuring that all Statutory & Mandatory Training is completed within the required timescales To be aware and comply with Practice/PCN policies. Post will require frequent periods of sitting, inputting at the keyboard for majority of working shift. Post will have contact with patients and other external service representatives to provide guidance of the provision of records and may be subject to occasional emotional circumstances due to the nature of the request for information.

Personal/Professional Development

To take every reasonable opportunity to maintain and improve your professional knowledge and competence. To participate in personal objective setting and review, including the creation of a personal development plan and the PCN appraisal process.

Health and Safety

To take reasonable care for your own Health and Safety and that of any other person who may be affected by your acts or omissions at work.

Confidentiality

To ensure that confidentiality is always maintained and that data belonging to the Practice/PCN is protected and recorded accurately.

Equality and Diversity

To promote equality and diversity in your working live ensuring that all the staff you work with feel valued and treated in a fair and equitable manner.

Data Protection Bill, General Data Protection Regulations (GDPR) and the NHS Code of Confidentiality

All staff are responsible for ensuring that they are familiar with and adhere to the NHS policies, procedures and guidelines with regards to the Data Protection Bill, General Data Protection Regulations (GDPR) and the NHS Code of Confidentiality

GDPR replaces the EU Data Protection Directive of 1995 and supersedes the law of member states that were developed in compliance with the Data Protection Directive 95/45/EC. Its purpose is to protect the "right and freedom" of natural persons (i.e. livening individuals) and to ensure that personal data is not processed without their knowledge, and, wherever possible, that it is processed with their consent.

Processing includes holding, obtaining, recording, using and disclosing of information and applies to all forms of media, including paper and images. It applies to confidential patient information but is far wider in its scope, e.g. it also covers personal records.

Whiles GDPR applies to both patient and employee information, the Confidentiality Code of Practice (COP) applies only to patient information. The COP incorporates the requirements of GDPR and other relevant legislations together with the recommendations of the Caldicott report and medical ethics considerations, in some cases extending statutory requirements and provides detailed specific guidance.

Safeguarding Children, Young People and Adults with care and support needs

All staff are responsible for ensuring that they are familiar with and adhere to the Safeguarding Children and Adults policies, procedures and guidelines. All health professionals who come into contact with children, parents, adults with care and support needs and carers in the course of their work have a responsibility to safeguard and promote their welfare as directed by the Children Acts 1989/2004 and the Care Act 2014. Health professionals also have a responsibility even when the health professional does not work directly with a child or adult with care and support needs but may be seeing their parent, carer or other significant adult.

All staff are required to attend safeguarding awareness training and undertake any additional training in relation to safeguarding relevant to their role.

This job description is not intended to be an exhaustive list and may be subject to change from time to time.

Person Specification

Essential:

Minimum of 3 GCSE's or equivalent Previous experience of working in an administrative/customer service role

or

NHS experience Working in a demanding environment to meet tight deadlines Good use of IT systems/equipment Excellent communication skills: both written & verbal Manage and prioritise workload Ability to demonstrate diplomacy and tact Ability to develop and maintain good productive relationships with colleagues & third party companies Attention to detail and accuracy in documentation Ability to handle confidential information with discretion and integrity Ability to work well within a team and to maintain good working relations with colleagues Patient focused Occupational Health cleared to perform the duties of the role

Desirable but not essential:

Previous health records experience Previous experience of using Systm One or iGPR software A sound knowledge of Health Records functions and processes Good knowledge of any of the following: Freedom of Information Act, Data Protection Act, General Data Protection Regulation , Access to Health Records, Safeguarding*
Has an understanding of medical terminology.
Job Types: Part-time, Permanent

Pay: 12.30 per hour

Benefits:

Company pension Free parking
Schedule:

Day shift Monday to Friday No weekends
Application question(s):

Are you available to attend a face to face interview on Thursday 24th July 2025?
Work Location: In person

Application deadline: 21/07/2025