Fair Processing Notice

CONTENTS

  1. Introduction
  2. What type of data do we collect?
  3. Why do we collect this personal data?
  4. Who has access to your personal data?
  5. How do we keep your personal data secure?
  6. How long do we keep your personal data?
  7. What are your rights?
  8. Complaints

InHealth Limited (“InHealth”) is registered in England & Wales under company number 05190234, with our registered office at Beechwood Hall, Kingsmead Road, High Wycombe, Bucks HP11 1JL.

1.0 Introduction

  1. Being transparent and providing accessible information to patients about how we use personal data is a key element of the Data Protection Act and EU General Data Protection Regulation (GDPR) (together the Data Protection Legislation).
  2. In this notice, we set out your rights in respect of the above legislation and how InHealth will use your data for lawful purposes in order to deliver your care.

2.0 What type of data do we collect?

  1. We may collect the following types of data about you in the delivery of your care:
    • ‘Personal Data’ meaning any information relating to an identifiable person who can be directly or indirectly identified from the data. This includes, but is not limited to: name, date of birth, postcode, address, next of kin and NHS number; and
    • ‘Sensitive Data’ which includes but is not limited to: medical history, including details of appointments and contact with you, results of investigations, supportive care arrangements, social care status, race, ethnic origin, genetics and sexual orientation.
  2. All Personal Data must be processed fairly and lawfully, whether it is received directly from you, your referrer or another third party.

3.0 Why do we collect this personal data?

  1. We collect only the Personal Data we need to enable us to provide our services to you. Without your Personal Data, we will be unable to provide those services.

4.0 Who has access to your Personal Data?

  1. All Personal Data is accessed solely for the purpose of delivering a service to you and is collected, stored and processed by us in accordance with Data Protection Legislation. Unless we have your specific consent, we will not disclose your personal information to anyone except: (i) our staff, your referrer and other third parties directly involved in your care; (ii) as required by law or (iii) where we have a legitimate reason to do so.

5.0 How do we keep your personal data secure?

  1. We maintain the security of your Personal Data by:
    • Staff training and awareness
    • Limiting access to Personal Data to those who need to see it
    • And storing your Personal Data safely on secure systems.
  2. InHealth is accredited with ISO9001 Quality Management System and ISO27001 Information Security Management Standard.

6.0 How long do we keep your personal data?

  1. We will not keep your Personal Data for any longer than is necessary. InHealth has a data retention policy which is informed by guidance from the Department of Health and NHS Records Management Code of Practice.

7.0 What are you rights?

  1. You have the right to:
    • Ask us what Personal Data we hold about you
    • Request a copy of your Personal Data
    • Correct any mistakes in your Personal Data
    • Ask us to amend or update your Personal Data
    • Ask us to delete your Personal Data.
  2. Please note that in certain circumstances for legal or other reasons we may not be able to comply with your request.
  3. For further information please contact us at dataprotection@inhealthgroup.com.

8.0 Complaints

  1. If you have a complaint about the way your Personal Data is/has been handled, please address it in the first instance to: complaints@inhealthgroup.com.
  2. If you remain dissatisfied with our response you may contact the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Enquiry line: 0303 123 1113.