Following the introduction of the General Data Protection Regulations (GDPR) and the Data Protection Act 2018, we are required to explain how we collect and use your information, how it is stored and for how long.
What information do we collect about you?
Whenever you see one of our healthcare professionals they will make a record of your appointment. They will also make a record about what happened at your appointment and the support have been given.
This information is useful because it reminds them what you have told them in previous appointments and the advice they may have given you. It also helps if you are sent to see another service for further advice or treatments.
We make every effort to ensure that the information we collect is up to date and accurate. If you have any concerns about the accuracy of the information that we hold, then please speak to your healthcare professional in the first instance.
As well as information that you provide, we may also receive information about you from other organisations who are involved in your healthcare, for example you GP practice.
Why do we keep this information?
We need to keep this information in order for the healthcare professionals to see what advice, support or treatment you have had and to ensure that it is appropriate. We are also legally required to keep certain information about you. This information may also be used, in an anonymised form, for the purposes of service delivery and audits.
Why we collect information and how your information helps us is explained in our leaflet What happens to the information you collect about me.
Lawful basis for using your personal data
Where Bromley Healthcare is contracted either by Clinical Commissioning Groups (CCG) or local authority to provide Healthcare services, we will process your information under the Public Interest basis. However, in certain circumstances, e.g. Child safeguarding, then we will be processing information as a Legal obligation.
How long do you keep my information for?
Bromley healthcare keeps records in accordance with the Records Management Code of Practice for Health and Social Care 2021 retention schedules.
Do you share my Information?
As a Data Controller, Bromley Healthcare has a number of sharing agreements with other organisations to share information for the legitimate interest of providing direct care, or to protect the vital interests of individuals; in order to prevent serious harm either to them or others. Where we do share information with other organisations, we only share the minimum amount of information necessary.
We have teamed up with Guy’s and St Thomas’ NHS Foundation Trust, South London and Maudsley NHS Foundation Trust and Kings College Hospital NHS Foundation Trust to share information through the Local Care Record. This allows the clinicians who are treating you, to be able to view clinical information from the other organisations. If you do not want your information to be shared in this way, then please contact Guy’s Patient Advice and Liaison Service (PALS), who will be able to assist you.
We also have a sharing agreement with a number of GP practices within Bromley. This allows Bromley Healthcare and the GP practice, to be able to see what treatment is being carried out, or due to be carried out, by the other organisation.
We may also share information with professionals from other organisations, e.g. Local Council, where we are working with them to provide a service to you.
There may also be times when we have to share information with other organisations when there is a statutory duty to do so, e.g. a court order.
Who can see my information?
Only staff who are involved in your treatment can view your information. This may include staff who, in the course of their duties, provide administrative support to clinicians, e.g. writing letters or arranging appointments.
In addition to legal requirements, such as the Data Protection Act, all staff are subject to the Common Law Duty of Confidentiality and the NHS Confidentiality Code of Conduct.
You can request to see this information
To request a copy of your records, you will need to approach the organisation who made the notes in the first place. They are not all held in one place. So, for example, to see notes made by your Bromley Healthcare district nurse, please contact us. To see notes made by your GP, please contact your surgery, and to see notes made by your hospital consultant, please contact the hospital.
To protect your confidentiality there are a few steps to go through so that we know we are providing information to the right person and we don’t compromise your right to privacy.
If you would like to see your health care records from Bromley Healthcare services, please email: email@example.com or write to:
Access to RecordsBromley Healthcare CIC LtdCentral Court1 Knoll RiseOrpington BR6 0JA
Is my information held securely?
Under Data Protection legislation, information relating to an individuals’ health is classed as a ‘Special Category of personal data’ and as such require us to ensure that appropriate security is in place to protect your information. Where we provide information to other organisations, we will also ensure that they hold your information to the same standard of security. We do not hold or process patient information outside the UK.
Data Privacy Impact Assessments
In order to meet our requirements under the General Data Protection Regulations, Bromley Healthcare has, under certain circumstances to complete a Data Privacy Impact Assessments (DPIA). This is a process which helps assess privacy risks to individuals and identifies the legal basis for the collection, use and disclosure of information, known as processing. This helps us to ensure that the information we hold, or plan to hold, will be secure and lawful.
All new projects, initiatives and processes that involve using or sharing personal information require a Data Protection Impact Assessment to be completed at the initial stages and prior to any procurement decision being made. Once completed, all DPIA’s when are submitted to the Data Protection Officer and the Information Governance Steering Group for approval.
Objections and complaints
If you have a complaint about the way your personal data has been handled; believe it is inaccurate, held for too long or it is not secure you can contact our Data Protection Officer (DPO) who will investigate the matter. They can be contacted by e-mail at: firstname.lastname@example.org.
If you are not satisfied with the response or believe your data is not being processed in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
The ICO is the regulator for data protection and upholds information rights. More information is available on the ICO website ico.org.uk.
Recording of telephone calls.
We may record telephone calls that you make to us for the following purposes:
- To assist in quality monitoring of staff
- To investigate and resolve complaints
Bromley Health has a duty of care to its employees and will not tolerate unreasonable behaviour we therefore may use recordings as part of investigations into staff safety issues.
Recording of calls is necessary to protect the interests of you, our staff or both.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.Cookies are used minimally on this website for site usage analytics. You may delete and block all cookies from this site, but some parts of the site may not work as expected.
In order to help us to improve the content, format and structure of this website we record and analyse how visitors use the website. For this purpose, we use Google Analytics.
We do not make any attempt to find out the identities of those visiting our website. We will not associate any data gathered from this site with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, we will be up front about this and we will make it clear when we collect personal information and will explain what we intend to do with it.
For more information on enabling and disabling cookies please visit About Cookies.
|These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
|This cookie is used by the website's CMS (Content Management System) to track if the user is a public guest or is logged in to an account on the website. This cookie is not used for any other purpose.
|Keep track of whether or not you have clicked "Got it!" on the notice about cookies on this website, so that it doesn't keep appearing when you load a page.
|Keep track of which language has been selected from the Google Translate tool.
|Keep track of which colour contrast mode has been selected from the Accessibility Tools.
|Keep track of the text size that has been set from the Accessibility Tools.
|Keep track of whether the accessibility bar is opened or closed.