Patient Privacy Information (GDPR)

Introduction

This Privacy Notice:

a) provides you with a detailed overview of how we will manage your data, from the point at

which it is gathered and onwards.

b) will give you all the details you need on how we use your information, and how we will comply with the law in doing so.

c) sets out your rights in respect of your personal information, and how to exercise them.

Your personal data 

As a patient, the personal information we hold about you may include the following:

a) Name

b) Contact details, such as postal address, email address and telephone number (including mobile number)

c) Date of Birth

d) Background referral details

e) Details of GP registration

f) Occupation

Special Categories Personal Information

As a patient, we will hold information relating to your medical treatment which is known as a special category of personal data under the law, meaning that it must be handled even more sensitively. The special categories or personal information we hold about you may include the following: 

a) Details of your current or former physical or mental health. This may include healthcare you have received from other providers such as GP’s, hospitals and medication history. 

b) Details of service you have received from us

The confidentiality of your medical information is important. We make every effort to prevent unauthorised access. In doing so, we comply with UK data protection law, including Data Protection Act 2018, and all applicable medical confidentiality guidelines.

From 25 May 2018, the current Data Protection Act will be replaced by the EU General Data Protection Regulation (GDPR) and a new Data Protection Act. All uses of our information will comply with the GDPR and the new Data Protection Act from that date onwards.

How do we collect your information?

We may collect personal information from a number of different sources including, but not limited to:
a) GPs
b) Dentists
c) Other hospitals, both NHS and private
d) Mental health providers
e) Commissioners of healthcare services
f) Clinicians (including their medical secretaries) 
g) Directly from you

How we will communicate with you

 In order to communicate with you, we are likely to do this by telephone, email and/or post. If we contact you using the telephone numbers provided and you are not available we may l eave a voice message on your voicemail and/or answering service as appropriate.

However:

a) to ensure that we provide you with timely updates and reminder in relation to your care, including basic administration information and appointment information, we may communicate with you by unencrypted email. 

b) to provide you with your medical information (including test results and reports) and invoicing information, we may communicate with you by email which will be encrypted. 

The first time we send you any important encrypted email we will make contact first separately to ensure that you have access the the encrypted mail or agree a password with you directly in advance.

What are the purposes for which your information is used?

a) We have a legal regulatory obligation to us your date to provide you with healthcare 
b) To arrange follow up care for you and where necessary make referrals on your behalf
c) To monitor your progress and changes.
d) To set you up as a patient on our systems for invoicing and insurance purposes.
e) Legal Ground, taking the necessary steps so that you can enter into a contract with us for the delivery of healthcare.
f) For account settlement purposes.
g) Clinical audit where appropriate. 
h) Communicating with you and resolving any queries you might have
i) Communicating with other individuals and healthcare professionals that you ask us to update about your care.

Disclosure to third parties

We may disclose your information to the third parties listed below:

a) A doctor or nurse, carer or any other healthcare professional involved in your treatment

b) Your GP

c) Third parties who assist in administration of your healthcare e.g. insurance companies 

d) The police and other third parties where reasonably necessary for the prevention or detection of crime.

How long do we keep your medical information?

We will only keep your personal information as long as reasonably necessary to fulfil the relevant purposes. All Information will be kept for 7 years after your last appointment. Paper and electronic information about you will be deleted and destroyed after this time.

Your rights

Under data protection law you have certain rights in relation to the personal information we hold about you. These include the rights to know what information we hold about you and how it is used as detailed above and also the right to access your personal information. 

You will not be subject to decisions based solely on automated data processing without your prior consent.

You can complain to the Information Commissioner's Office (ICO) if you are unhappy with the way that we have dealt with a request from you to exercise any of these rights, or if you think we have not complied with our legal obligations. 

Your duty to inform us of any changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us

Updates to this Privacy Notice 

We may update this Privacy Notice from time to time to ensure that it remains accurate. In the event that these changes result in any material difference to the manner in which we process your personal data then we will provide you with an updated copy of the Privacy Notice. 

​

This Privacy Notice was last updated on: 26 December 2018.