HealthBridge Direct Privacy Notice

Our contact details

Name: Healthbridge Direct Limited

Address: The Vintry, Redbridge Lane East, Ilford IG4 5EY

Phone Number: 020 3981 3500

E-mail: patientservices@healthbridgedirect.co.uk

Data Protection Officer: Judith Andrews

We are registered with the Information Commissioner’s Office ZA103528

 

What type of information we hold

We currently collect, process and store personal information and special category information.  This includes:

  • Name
  • Contact details such as address, phone number and email address
  • GP Medical Records
  • Recruitment applications
  • Personnel records
  • Financial information

 

How we get the information and why we have it

Most of the personal information we process is provided to us directly by you or by accessing medical records.  We do this for the following reasons:

  • To comply with legal or regulatory requirements
  • Carry out our obligations arising from any contracts entered into between you and us
  • Carry out our obligations as required by public health and social care projects
  • To administer our business and support those who work with us
  • Notify you about changes to our service
  • Send newsletters from time to time

To process this personal information and special category information, we rely on the following lawful bases and conditions under the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR):

  1. Public health
  2. Health or social care purposes
  3. Employment, social security and social protection
  4. Contractual obligation.
  5. Legitimate interest
  6. You are able to remove your consent at any time by contacting us at patientservices@healthbridge.co.uk

What we do with the information we have

We use the information in order to:

  • Fulfil our obligations relating to public health
  • Comply with our legal and regulatory obligations
  • Deal with enquiries and complaints
  • Supply you with our services
  • Enable your use of any services that we may provide through our website or third-party websites
  • Process invoices and payments
  • Perform money laundering, financial and credit checks

We may share this information with other health-related organisations.

 How we store your information

Your information is securely stored using password protected and encrypted systems.

We will only keep information about you as follows:

  • GP Medical Records are retained for 10 years after the death or after the patient has permanently left the country, unless the patient remains in the European Union. In the case of a child, if the illness or death could have potential relevance to adult conditions or have genetic implications for the family of the deceased, the advice of the clinicians will be sought as to whether to retain the records for a longer period.  Current legislation states that electronic patient records (EPRs) are not destroyed or deleted.
  • Recruitment applications and CVs are retained for 12 months after which the personal identifiable information for unsuccessful applicants will be deleted.
  • Personnel records are retained for 6 years after an employee has left the organisation after which the personal identifiable information will be deleted.
  • Financial records are retained for 7 years in line with tax and accounting guidance.

How the NHS and care services use your information

Healthbridge Direct Limited is one of many organisations working in the health and care system to improve care for patients and the public.

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.

The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:

  • improving the quality and standards of care provided
  • research into the development of new treatments
  • preventing illness and diseases
  • monitoring safety
  • planning services

This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.

Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.

To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters.  On this web page you will:

  • See what is meant by confidential patient information
  • Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
  • Find out more about the benefits of sharing data
  • Understand more about who uses the data
  • Find out how your data is protected
  • Be able to access the system to view, set or change your opt-out setting
  • Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
  • See the situations where the opt-out will not apply

 

You can also find out more about how patient information is used at:

https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and

https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)

You can change your mind about your choice at any time.

Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.

Healthbridge Direct is compliant with the national data opt-out policy.

 

Your data protection rights

Under data protection law, you have rights including:

Your right of access – You have the right to ask us for copies of your personal information.

Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.

Your right to object to processing – You have the the right to object to the processing of your personal data in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at patientservices@healthbridgedirect.co.uk if you wish to make a request.

 

How to complain

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Helpline number: 0303 123 1113

Last Updated 08/04/2024