Privacy Policy

Introduction

The Guy Pilkington Memorial Home Ltd (GPMH) is the legal entity that operates Fairfield Independent Hospital.   GPMH (“the Hospital”, “we”, “us”, “our”) is committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the Data Protection Act 1998, the data controller is The Guy Pilkington Memorial Home with the registered address at: Fairfield Independent Hospital, Crank Road, St Helens, WA11 7RS, with registration number Z5699811; a registered charity (no. 502791) and registered company (no.1141676 – England and Wales).

This Privacy Policy governs the manner in which GPMH collects, uses, maintains and discloses information collected.

GPMH recognises the importance of protecting personal and confidential information in all that we do, and takes care to meet its legal duties.

What information do we collect about you?

We only collect and use your information for the lawful purposes of administering the business of GPMH. These purposes include:

  • health administration and services
  • accounting and auditing
  • accounts and records
  • education
  • information administration
  • clinical audit
  • property management and services
  • staff administration
  • crime prevention and prosecution of offenders, and
  • advertising, marketing and public relations.

What types of personal data do we handle?

We process personal information to enable us to support the provision of healthcare services to patients, maintain our own accounts and records, promote our services, manage our properties and to support and manage our employees.

We also use information to support and monitor the health services both as a hospital and across the health and social care economy within the UK to enable the delivery of high quality healthcare.

The types of personal information we use include:

  • details held in the patient’s record
  • patient images, for example photographs, x-rays, scans
  • personal details such as names, addresses, telephone numbers
  • family details for example next of kin
  • education and training information
  • resident details for people or patients who stay in our properties
  • employment details
  • financial details, where we provide or receive payment for services
  • visual images, personal appearance and behaviour, for example if CCTV images are used as part of building security, and
  • responses to surveys, where individuals have responded to surveys about healthcare issues.

We also process sensitive classes of information that may include:

  • racial and ethnic origin
  • offences (including alleged offences), criminal proceedings, outcomes and sentences
  • trade union membership
  • religious or similar beliefs
  • employment tribunal applications, complaints, accidents and incident details
  • physical or mental health details, and
  • sexual life.

How will we use information about you?

Information about you is needed to enable staff to deliver treatment and care each time you attend this Hospital. Some of this information may also be needed for other reasons including running services and improving care throughout the NHS and social care system and may be used for:

  • contacting you in relation to services that may support your health and social care needs
  • contacting you via text message, email or other automated appointment reminders
  • making sure that our services meet patient needs including service evaluation, validation and audit
  • helping staff to review the care they provide to ensure that it is of the highest standard
  • investigating complaints, legal claims and incidents
  • preparing reports on NHS performance and activity
  • training and educating staff
  • Clinical Audit and Development – much of the work in the Hospital involves using patient data in on-going audit. If information about you is used, it will be anonymised as far as possible
  • maintaining disease and treatment registers for certain conditions and procedures to ensure that appropriate follow-up and treatment can occur and that a better understanding of incidence and the effectiveness of treatment can improve patient care
  • providing data to the Hospital’s commissioners in order that they can check and report on how effective the services GPMH has been commissioned to deliver
  • obtaining payment for services provided from commissioners, and
  • providing information to other health providers (e.g. a patient’s registered General Practitioners) to support your health and care needs.

We may keep your information in written form or on a computer.

Sharing your information

Sometimes information about your needs is passed on to other agencies or organisations. For example, if you are receiving care at another hospital or to help with your care after discharge or to enable GPMH to receive payment for the treatment you have been provided with.

Anyone who receives this information from us is also under a legal duty to keep it confidential and the Law strictly controls the sharing of some types of very sensitive personal information. The types of organisation who we may share information about you may include:

  • GPs
  • district nurses
  • other health professionals
  • social care colleagues
  • nursing/care homes
  • Commissioners
  • NHS Digital (formerly the Health and Social Care Information Centre (HSCIC), and
  • Department of Health
  • Providers of medical services to the Hospital, for example, MRI and CT providers, pathology providers and others
  • Insurance companies

In certain circumstances we are required by law to report information to the appropriate authority, for example:

  • where we encounter infectious disease which may endanger the safety of others (such as meningitis or measles)
  • where a formal court order has been issued, and
  • where we have safeguarding concerns.

Retaining information

We will only retain information for as long as necessary. Records are maintained in line with the NHS England retention schedule which determines the length of time records should be kept.  We have a detailed Retention of Records Policy which is available on request to the Data Protection Officer – address given below.

Security of your information

We take our duty to protect your personal information and confidentiality seriously. We are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper.

We have appointed a Senior Information Risk Owner (SIRO) who is accountable for the management of all information assets and any associated risks and incidents, and a ‘Caldicott Guardian’ who is responsible for the management of patient information and patient confidentiality. We also have a Data Protection Officer who supports the organisation in protecting patient and Hospital information.

All staff are required to undertake information governance training. This training ensures that staff are aware of their information governance responsibilities and follow best practice guidelines ensuring the necessary safeguards and appropriate use of person-identifiable and confidential information.

Under the NHS Confidentiality Code of Conduct, all our staff are also required to protect your information, and inform you of how your information will be used. This includes, in most circumstances, allowing you to decide if and how your information can be shared.

If you do not want your information to be shared, please discuss this with your health care professional. If you decide you still do not want your identifiable information shared please complete the attached Patient Dissent to share form and return it to:

 

The Data Protection Officer

Fairfield Independent Hospital

Crank Road

St Helens

WA11 8SD

Or by email to DataProtectionOfficer@fairfield.org.uk

Everyone working for the Hospital and the wider health service is subject to the common law duty of confidentiality. Information provided in confidence will only be used for the purposes advised and consented to by the patient, unless it is required or permitted by law.

 

How can you get access your personal information?

Everyone should be able to see the information that is kept in their health records. If you want to see these records you can request access by completing a request form which is available from the Data Protection Officer at the Hospital.

No fee will be charged for this service and you should receive a response within 40 days of applying.

The Hospital is obliged to let you see the information and to explain any part of the records which you do not understand. Should a doctor decide that seeing your records might put your health at risk you may only be shown part of your records or your request may be declined.

If you feel that you have not been fairly treated or that your application has not been dealt with properly then you should complain through Fairfield Independent Hospital complaints procedure. Nothing prevents your doctor from showing you their own records during consultation.

 

Who else has the right to apply to see my record?

  • Any person with authority in writing from the patient to apply on behalf of the patient.
  • Any person appointed by the Court to manage the affairs of the patient (documented proof needs to be supplied).
  • Where a patient has died, the patient’s personal representative, or any person having a claim arising from the death (documented proof needs to be supplied).

If you require further general information regarding how this Hospital safeguards your information you can contact the Data Protection Officer at the Hospital.

We want to make sure that your personal information is accurate and up to date. If you think any information is inaccurate or incorrect then please let us know.

Specific Arrangements for the Website:

Personal identification information we collect when you access our website

We may collect personal identification information from users in a variety of ways, including, but not limited to, when users visit our site, register on the site, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our site. Users may visit our site anonymously. We will collect personal identification information from users only if they voluntarily submit such information to us. Users can always refuse to supply personal identification information, except that it may prevent them from engaging in certain site related activities.

Non-personal identification information

We may collect non-personal identification information about users whenever they interact with our site. Non-personal identification information may include the browser name, the type of computer and technical information about users’ means of connection to our site, such as the operating system and the internet service providers used and other similar information.

Web browser cookies

Our Site may use “cookies” to enhance user experience. Users’ web browsers place cookies on their hard drive for record-keeping purposes and sometimes to track information about them. Users may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the site may not function properly. More information on the way we use “cookies” is given on our website.

How we use collected information

GPMH may collect and use users’ personal information for the following purposes:

  • To improve customer service
    Information you provide helps us respond to your customer service requests and support needs more efficiently.
  • To improve our Site
    We may use feedback you provide to improve our products and services.
  • To send periodic emails
    We may use the email address to respond to their inquiries, questions, and/or other requests. If a user decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc.

How we protect your information

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our site.

Sharing your personal information

We do not sell or trade users’ personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.

Third party websites

We do not allow advertising or other content on our site. However, we provide links to the sites and services of our partners, suppliers, commissioners and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our site, is subject to that website’s own terms and policies.

Image Exchange Portal

As part of a shared service agreement your radiology images and records may be shared with other healthcare providers as part of determining and providing your care. If you would like to know more about the extent of this sharing, or you wish us not to share at all with another organisation, or have any other concerns about it, please contact a member of staff in the imaging department.

Sharing your images is covered by the consents you sign when you originally access treatment at the Hospital but GPMH wants to be as open and as detailed about your information sharing options as possible. If you are concerned about sharing your images with other health care providers, please discuss with your clinician what the consequences to your care opting out may have and alternative ways to support your care.

If you do not want to withdraw your consent to sharing images please complete the Data Control form noted above with your clinician and return it to the Data Protection Officer at Fairfield Independent Hospital.

 

Changes to this privacy policy

GPMH has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect.

 

Your acceptance of these terms

By using this site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our site. Your continued use of the site following the posting of changes to this policy will be deemed your acceptance of those changes.

 

Complaints about how we process your personal information

In the first instance, you should contact the Data Protection Officer at the following address:

The Data Protection Officer

Fairfield Independent Hospital

Crank Road

St Helens

WA11 7RS

Or by email to DataProtectionOfficer@fairfield.org.uk

 

Changes to our privacy notice

We keep our Privacy Notice under regular review and we will place any updates on this webpage. This notice was last updated on September 2017.

Data Protection Notification

GMPH is a ‘data controller’ under the DPA. We have notified the Information Commissioner that we process personal data and the details are publicly available from the:

Information Commissioner’s Office

Wycliffe House

Water Lane,

Wilmslow SK9 5AF

www.ico.gov.uk

 

How to contact us

Please contact us if you have any questions about our privacy notice or information we hold about you:

Post:

The Data Protection Officer

Fairfield Independent Hospital

Crank Road

St Helens

WA11 7RS

 

Email: DataProtectionOfficer@fairfield.org.uk

 

Phone: 01744 739311