Our contact details
Name: Paul Batey – Data Protection Officer
Address:6 Whielden Close, Amersham Bucks HP7 0HY
The type of personal information we collect
We currently collect and process the following information:
Personal identifiers, contacts and characteristics (for example, name and contact details, email and phone number)
Special Category of information (for example Health information, religious beliefs, ethnic origins and race to tailor care) see below
Criminal convictions and details to allow anti-money laundering and fraud checks used to prevent crime
Financial information to process payments for fee paying clients
Records of services you request from us.
Special category information includes:
information about your physical or mental health, including genetic information or biometric information (we may get this information from application forms you have filled in, from notes and reports about your health and any treatment and care you have received or need, or it may be recorded in details of contact we have had with you such as information about complaints or incidents, and referrals from your existing health care provider, including but not limited to quotes and records of medical services you have received); and information about your race, ethnic origin and religion (we may get this information from your medical information preferences to allow us to provide care that is tailored to your needs).
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
to provide care as directed and instructed by you. We normally process your information to deliver our services as outlined in any contract or agreement we have with you or with a third party representing you and with your permission.
We also receive personal information indirectly, from the following sources in the following scenarios:
referrals from third parties and only when agreed by you and in the best interests of your care.
this includes any third parties that interest or it is required by law and to any contract to which this applies.
special category information will only be held whilst we are providing care to you and will be removed when no longer necessary, due to the nature of care this may vary from person to person and strict adherence to the removal of any information at your request will be processed within 14 days.
We use the information that you have given us in order to communicate with you your GP and GP surgery and those in primary and secondary care with your permission or to maintain the wellbeing and health of you. assuming you have not opted out of third party sharing of your medical information at your constituent GP surgery or with NHS England. by opting into our services, it is assumed you agree for us to hold and have access to only your summary care records as and when required.
We will not share this information with any other parties, except with your consent.
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:
(a) Your consent. You are able to remove your consent at any time. You can do this by contacting Medicare pro UK limited; via e-mail email@example.com or in writing to our business address.
(b) We have a contractual obligation.
(c) We have a legal obligation.
(d) We have a vital interest.
(e) We need it to perform a public task.
(f) We have a legitimate interest.
Special category information is necessary for the purposes of preventative and occupational medicine used in assessment and managing medical diagnosis and also to provide health social care treatment and to manage healthcare interests for you for as required by any law’s that apply and is in the public interest.
In the case that your referral has come directly from a third party you will be alerted immediately to confirm the legitimacy and obtain consent to hold information on your behalf, such as cases of insurance referral or GP referral etc.
special category information will also be retained if requested my body such as the Care Quality Commission or the General Medical Council or any other body providing investigation or requiring legal access to the information. Medicare pro will keep information about the treatment provided its purpose designed to protect the public against dishonesty malpractice or serious improper behaviour such as safeguarding concerns or a complaint and may be shared with the regulator if required by law.
we will not process or save any data without your permission or if there is no other legal reason for us to process it if we require any additional access to information, we can request this of you and we must make it clear what it is we're asking for and ask you to confirm that you give us permission to access this. We are unable to provide healthcare or treatment without access and permission to this special category of information Anne is assumed by engaging in our services that you approve of this access. If you choose to withdraw your permission will no longer be able to provide any treatment or care for you this does not affect any of your statutory rights but does not automatically entitle you to future care or consideration for health or any other service that relies on us having permission to process and access your personal information.
How we store your personal information
Your information is securely stored.
We keep your personal information and special category information in a digital format encrypted on a cloud-based server which is password protected and not stored in a physical drive for as long as you remain a customer, engaging in our services and also dependant on the type of service provided. This information can be kept for as long as is reasonable to show that we meet the obligations we have to you and required by law. We will then dispose your information by digital deletion and overwrite protocols. All paper and written records are scanned, uploaded and destroyed Via shredding immediately following treatment.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at firstname.lastname@example.org if you wish to make a request.
See Lawful basis for processing | ICO for more information.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at email@example.com or the business address above.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk