+44 (0)1962 920 369 info@ourprivatedoctor.co.uk

Privacy Policy and Code of Practice

References that apply in this document

Your Subtitle Goes Here
3
  • OurPrivateDoctor.co.uk is the domain name of the website used by Dr Aarti Narayan-Denning, a GMC registered doctor on the GP register. This website provides information about independent healthcare clinical services offered, including but not limited to the areas of integrated health, weight management, hormone and nutritional balance and wellbeing.
  • “We”, “our”, “us” refer to the appointed representative of the clinic, or appropriate team member, currently Dr Aarti Narayan-Denning
  • “Practice” refers to the private clinical (independent healthcare) service.
  • “Privacy lead” refers to the designated person in the practice for privacy and confidentiality, currently Dr Aarti Narayan-Denning
  • “Clinic” address is the practice location, which is currently St Lawrence House, 2 Barnes Close Winchester SO23 9QX
  • “Website” refers to OurPrivateDoctor.co.uk. The website is the online presence of the practice. Our website address is: https://ourprivatedoctor.co.uk.
  • “Database” refers to information held in any form, paper or digital.
  • “Writing” or “written” as used in these terms includes emails. Information shared via email is considered equivalent to written information.
  • “Appointment” refers to any planned and pre-arranged contact that you may have with the practice. It includes and is not limited to face-to-face, in-clinic, video or virtual consultation, email reviews and online.

General Data Protection Regulation 2016 (GDPR)

Your Subtitle Goes Here
3

For the purpose of GDPR, the data protection officer is the Privacy lead. Please contact us via the email specified on the website if you wish to contact the Data Protection Officer. We are a small Practice and therefore there is no requirement for us to have a data controller currently. This will be reviewed every 3 years. The registered address of the practice for the purpose of data protection is the clinic address.

We understand that your information is entrusted to us and we comply with data protection legislation regarding data processing and with clinical confidentiality guidelines.

What is “personal information” and “processing”?

Your Subtitle Goes Here
3

When we refer to “personal information or “personal data” in this policy, we mean information that could, or has the potential to identify you as an individual or provides information about you. Accordingly, we may hold and use information about you as a customer, a patient, or in any other capacity, for example when you visit our websites, complete a form, access our services, or speak to us.

Everything we do with your personal data counts as processing it, including collecting, storing, amending, transferring, and deleting it.

Purpose of processing information

Your Subtitle Goes Here
3
  • To provide direct health care and advice to individual patients
  • For example, when a patient agrees to a referral for direct care, such as to a hospital, relevant information about the patient needs to be shared with the other healthcare staff to enable them to give appropriate advice, investigations, treatments and/or care.
  • To check and review the quality of care. (This is called audit and clinical governance).
  • To advise patients of changes to services or new services

We will use personal information given to us in accordance with these terms and conditions, and with any additional statements appearing on forms used for submitting personal information. We will not disclose personal information to any third parties without obtaining your prior consent unless we are required by law to do so.

If you submit an enquiry, we will use your personal information to administer and respond to your enquiry. We will store securely the information you supply and our response. We may produce reports on enquiries to enable us to monitor and develop our service, but reports will be based on anonymous data; we will not identify individuals in our reports.

If you comment or complain about our services, we may use your details to investigate your comments.

Lawful basis for processing

Your Subtitle Goes Here
3

These purposes are supported under the following sections of the GDPR:

  • Article 6(1)(e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’; and
  • Article 9(2)(h) ‘necessary for the purposes of preventative or occupational medicine for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services…”
  • Healthcare staff will also respect and comply with their obligations under the common law duty of confidence.

Security of your personal information

Your Subtitle Goes Here
3

We endeavour to protect all information we hold about you by ensuring that we have appropriate security measures in place to prevent unauthorised access, information being lost, destroyed, or damaged. Please see our Fair Processing Notice document for details of how we process personal data that you share with us through means other than the website.

Data collection during service enquiries

Your Subtitle Goes Here
3

When you contact us to enquire about a service or a product, we will collect personal information about you to enable us to provide you with the information that you have enquired about. Information collected will be kept securely and only accessed by those individuals responsible for ensuring you are provided with the correct information about our services.

Data collection during telephone calls

Your Subtitle Goes Here
3

In the interests of staff training and continually improving our services, calls to the practice and its representatives may be monitored or recorded.

Health information collected during treatments and services

Your Subtitle Goes Here
3

Where sensitive clinical information is collected it will be kept confidential and secure and will only be disclosed to and received from those individuals involved with your treatment or care, or to their agents and, if applicable and only with your explicit consent, to any person or organisation who may be responsible for meeting your treatment expenses or their agents.

Data collection from information entered onto the practice website

Your Subtitle Goes Here
3

We take a proactive approach to website user privacy. We ensure that the necessary steps are taken to protect the privacy of its users throughout their visiting experience. The website complies with all UK national laws and requirements for user privacy. For full details, please be sure to read our website privacy policy before using or submitting information to the website.

By using the website, you agree to the terms of this Overarching Privacy Policy and our Website Privacy Policy. Whenever you submit information via the website, you consent to the collection, use, and disclosure of that information in accordance with these policies. The website is intended for use by residents of the United Kingdom.

Data we get from other organisations

Your Subtitle Goes Here
3

We may receive information about your health from other organisations who are involved in providing you with health following a referral from our practice. For example, if you go to hospital for treatment or an operation the hospital will send us a letter to let us know what happens. This means your medical record at this practice is kept up-to date when you receive care from other parts of the health service.

Note: Although obliged to share patient information with your NHS GP (with your consent) currently independent doctors do not have access to care and treatment records you receive elsewhere (NHS or private).

Cookies and Internet Protocol (IP) logging

Your Subtitle Goes Here
3

When you visit our website, our server will record your computer’s IP address (the unique numerical address given to every computer connected to the Internet) and the time and duration of your visit.

This website uses cookies, a piece of data that may be stored on your computer when you visit a website; these cookies store the anonymised IP address (the last digit group of the IP is removed before storage).

Cookies and your IP address will be used to track the pages you visit on our website. We will use this information to analyse the way our site is used, and to administer and improve the accessibility of our site. We will not use it for any other purpose. You may disable the use of cookies in your Internet browser without affecting your use of our website.

For full details, please be sure to read our Cookie Policy before using the website.

Links to other websites

Your Subtitle Goes Here
3

From time to time our website may contain links to other sites. We are not responsible for the content or privacy practices of third parties that run other websites.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Requesting your consent under GDPR

Your Subtitle Goes Here
3

We will continue to obtain consent from you as a patient be it implied, verbal or written for the treatment or procedures undertaken at the practice. This will be in line with the General Medical Council’s guidelines and will be recorded appropriately in your medical record.

In addition to this, we require your consent under GDPR to communicate with you by phone or email or post. We will

  • Ask you to opt-in to any marketing or other communications
  • Offer choices as to how to communicate with you should you so wish
  • Offer you the option to withdraw consent to that communication at any time

Recipient or categories of recipients of the processed data

Your Subtitle Goes Here
3

This section pertains to disclosure of information

To provide proper and safe medical care we may need to disclose personal information about you including to:

  • Healthcare professionals and staff in this practice
  • Hospitals (if required, e.g. referral or emergency transfer)
  • Out of hours services
  • Diagnostic and treatment centres
  • Other organisations involved in the provision of direct care to individual patients
  • Regulatory bodies e.g Care Quality Commission

Information would only be shared with your consent and you would be copied into all correspondence if you wished. Disclosure will take place on a ‘need-to-know’ basis. Only those individuals or organisations who need to know to provide care for you will be given the information.

Information may be provided to external service providers and regulatory bodies for the purpose of clinical audit or compliance monitoring to ensure the highest standards of care and record keeping are maintained.

Sometimes we need to share information so that other people, including healthcare staff, children or others with safeguarding needs, are protected from risk of harm. These circumstances are rare.
We do not need your consent or agreement to do this. Please see our safeguarding policies for more information. Please ask us if you wish to see our Safeguarding Policy.

In very limited circumstances or when required by law or a court order, personal data may have to be disclosed to a third party not connected with your health care. The practice would take legal advice before disclosing data in these very limited circumstances and where possible you will be informed of these requests for disclosure

The highest standards of confidentiality will be applied to your personal data in accordance with data protection law and confidentiality. Any publishing of this data for clinical audit or research purposes will be in a coded or anonymised form. Anonymous or aggregated data may be used by the practice or disclosed to others, for research or statistical purposes.

Other important information about how the practice uses your information to provide you with healthcare

Your Subtitle Goes Here
3
  • All patients who receive care are registered on our computer system and/or in a locked manual filing system. This database holds your name, address, date of birth, telephone number, email address, confirmation that ID has been checked and your regular (NHS) GP.
  • You will be asked to indicate if you consent to sharing clinical information with your regular GP, and you may change this decision anytime).
  • Important: Please note that some prescription treatments such as those for weight management and hormonal balance cannot be carried out without liaising with the registered NHS GP, and you will be advised of this.
  • This database is only accessible to authorised practice members and does not hold information about the care you receive.
  • Personal data about you is held in the practice’s computer system and/or in a locked manual filing system. The information is only accessible to authorised practice members.
  • Our computer system has secure audit trails and we back up information routinely.
  • The practice has a confidentiality policy that all staff adhere to.
  • Digital data is held securely via UK based server hosts, with SSL security, on SiteGround.

What personal data do we hold apart from that collected when registering on the website

Your Subtitle Goes Here
3

As a medical practice we will hold medical records and information about you in order to treat you appropriately and in a timely manner. We need to hold personal information to provide patients with a high standard of medical care. This personal data can include:

  • Past and current medical conditions; personal details such as age, address, telephone number, email, next of kin, NHS GP (as outlined above in the ‘Registering for care’ section)
  • X-rays and clinical photographs
  • Information about your treatment that we have provided or propose and its cost
  • Notes of conversations or incidents that might occur for which a record needs to be kept
  • Records of consent to treatment
  • Any correspondence relating to you from yourself or other health care professionals

Retention period

Your Subtitle Goes Here
3

GP medical records will be kept in line with the law and national guidance. Digital medical records will be stored indefinitely until government regulations change.

Marketing

Your Subtitle Goes Here
3

If you have consented to our processing your personal information for marketing purposes we may send you information about our products and services which may be of interest to you. You have the right to ask us not to process your information in this way at any time. If you no longer wish to receive web based marketing information you can unsubscribe. For non-web based marketing information please write to our Privacy Lead at the address given at the end of this document.

Fraud

Your Subtitle Goes Here
3

Personal data may be disclosed to others with a view to preventing fraud or to assist in police investigations in line with the GDPR.

Your rights in relation to your information

Your Subtitle Goes Here
3

You benefit from a number of rights with respect to the personal data we hold about you, depending upon the grounds on which we process your data and subject to exemptions. Where possible, we will process your request within one month free of charge. If any of your details change or are incorrect please let us know as soon as possible. For any queries you may have regarding our processing or personal data, please contact our Privacy Lead or any other member of our team using the contact details provided at the end of this document.

Your rights include:

Right to access and correct

Your Subtitle Goes Here
3

You have the right to access your personal data and to amend or rectify it (including the ability to request copies of your medical record. Parents may access their child’s records if this is in the child’s best interests and not contrary to a competent child’s wishes. Formal applications for access must be in writing to the practice.

Right to object

Your Subtitle Goes Here
3

You have the right to restrict or object to data processing, when such processing is no longer needed in order to provide you with the services you have requested, and when such restriction is permissible under healthcare regulation. This includes your right to withdraw consent (when it is legally permissible to do so).

Right to be forgotten

Your Subtitle Goes Here
3

You have the right to request that your data be deleted from our records, when this deletion is permissible under the regulations that govern the periods for which the practice is required to retain such data.

Changes to our privacy statement

Your Subtitle Goes Here
3

We keep our privacy policies under regular review and as a result they may be amended from time to time without notice. As a result, we encourage you to review these privacy policies regularly.

If you do not agree

Your Subtitle Goes Here
3

If you do not wish personal data that we hold about you to be disclosed or used in the way that is described in this Code of Practice, please discuss the matter with your doctor. You have the right to object; however, this may affect our ability to provide you with medical care. You have a right to withdraw your consent at any time, however this will not be retrospective.

Right to complain

Your Subtitle Goes Here
3

You have the right to complain to the Information Commissioner’s Office. For further details about your rights under the Data Protection Act, please visit the Information Commissioners Office website

www.ico.org.uk

Telephone: 0303 123 1113

Write: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England, UK.

Contact details for the practice

Your Subtitle Goes Here
3

If you have any questions in relation to our privacy policies please contact us:

Email : info@ourprivatedoctor.co.uk

Phone : 01962 920 369

Name : Dr Aarti Narayan-Denning

Address : St Lawrence House, 2 Barnes Close, Winchester SO23 9QX