DEBNEYS OPTICIANS PRIVACY NOTICE
Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.
The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:
- improving the quality and standards of care provided
- research into the development of new treatments
- preventing illness and diseases
- monitoring safety
- planning services
This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.
Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.
You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.
To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters. On this web page you will:
-
See what is meant by confidential patient information
-
Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
-
Find out more about the benefits of sharing data
-
Understand more about who uses the data
-
Find out how your data is protected
-
Be able to access the system to view, set or change your opt-out setting
-
Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
-
See the situations where the opt-out will not apply
You can also find out more about how patient information is used at:
https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and
https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)
You can change your mind about your choice at any time.
Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.
Health and care organisations have until 2020 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. Our organisation is compliant with the national data opt-out policy.
We at Debney’s Opticians hold various pieces of information about you that you have given us including your name, address, telephone numbers, email address, D.O.B. and NHS number. Our legal basis for processing this data is for legitimate interest and for the purposes of health care. The only instances we receive information you haven’t directly supplied to us is from other registered health care professionals such as doctors and consultants and those under their supervision.
We also keep clinical details such as the state of your eye health, your spectacle and/or contact lens specifications and copies of letters we have written and received from other professionals.
We consider all this information to be confidential and do not share with any other 3rd parties (other than those above) unless your express permission has been given or we have a legal obligation to. If you are an NHS patient, we are obliged to provide the portion of your record that relates to NHS services to authorised persons within the NHS (who are in turn subject to a duty of confidentiality) if they request this. This is usually to confirm that we have provided the NHS services that we have been paid for, and to improve quality of care. It is also possible that the NHS may contact you to ask if you have received services (such as a sight test or spectacles) as part of this monitoring.
Your information is stored securely as digital format and on paper records. All staff are aware of the importance of ensuring and maintaining the confidentiality of personal data. All electronic data is password protected and we have a suitable back-up procedure. Any on-line back-up uses a service which encrypts the data securely. When computers are replaced old hard drives are securely erased or physically destroyed. Paper records are kept in lockable filing cabinets.
We follow the guidelines set by our governing body for length of retaining records:
-
All records are retained for 10 years from the date of last seeing the patient.
-
Records of children are retained until they are 25 AND it is 10 years since they were last seen.
-
Records of the deceased are kept for 10 years.
-
Paper records are destroyed by secure shredding.
-
Digital records are deleted
We do not record any telephone conversation.
Within the practice we may use your information to analyse trends or to audit our performance which enables us to monitor and improve the quality of care that we offer you. We do not use 3rd party marketing companies.
We store bank account information on those patients that pay by standing order for contact lenses and debit/credit card information for any card payment taken. We have a security protocol in place to ensure employees can only access the information essential for their role and receive appropriate training. The information is stored securely and is kept only for tax purposes and future claims/information.
Electronic transfer of patient information such as emails, are ONLY sent to other NHS.net email addresses. Copies of patients prescriptions or copies of records are either to be collected by the patient or legal representative (I.D. may be asked for) or by recorded post which will incur a cost.
Our Data Protection Officer is: Jon Debney who can be contacted via the practice.
If you require independent advice or wish to make a complaint, please contact the Information Commissioners Office at www.ico.gov.uk
debneycaldicottguardian@gmail.com