How We Use Your Personal Data
We use the data you provide to:
communicate with you, for example: we use contact details such as email address or phone number when responding to enquiries made via online forms.
communicate with other relevant medical professions e.g. referrals for x-rays, consultant opinions etc..
operate our business more effectively, for example: we seek feedback and use this to help improve our service.
Our "Lawful Reasons" For Processing Your Personal Data
The "General Data Protection Regulation" (GDPR) is the primary piece of legislation defining your rights over our processing of your personal information. The GDPR requires us to declare which of six "lawful reasons" we are relying on when we are processing your personal data: we operate on the basis of "consent" and we operate on the basis of "legitimate interest" (e.g. when responding to your enquiry).
How Long We Keep Personal Data
Personal data may be stored by the website for a period of up to 90 days after which time it is removed automatically.
Transfer of Personal Data
It may be transferred to a third party (only with your consent) in the following ways:
1) When sending away samples for analysis e.g. blood tests, urine tests.
2) When making referrals to other healthcare professionals e.g. for a consultant medical opinion.
3) When writing to your NHS GP to inform them of any new prescriptions or significant diagnoses or results.
4) Occasionally we may ask the reception staff at Litfield House to contact you e.g. to make an appointment or to inform you that a letter / prescription is ready. We mention this because whilst we work closely with the administrative staff at Litfield House, they are not part of Beard Medical Practice, although they do adhere to the same standards of confidentiality and GDPR regulations.
We do not share your data with any other organisations for commercial purposes.
Keeping your data secure
We have appropriate security measures in place to prevent your personal information being accidentally lost, or used or accessed in an unauthorised way. We also limit access to your personal information to those who have a genuine need to know it, which for the vast majority of the time is just the doctors at the practice. Some of the technical and organisational measures we use to safeguard your personal data are:
storing your personal data, in all forms, in a secure environment. Paper records are kept in a locked cabinet in a locked inaccessible part of Litfield House.
training of Litfield House staff on the importance of data protection measures;
securing any computers that are used with industry standard anti-virus software.
We also have policies and procedures in place to deal with any suspected data breach so that we can act quickly to minimise any potential damage.
Under the GDPR you have a number of important rights. Those include:
Right to fair processing of information and transparency over how we use your personal information – we are required to inform you why we want to gather your personal information, what we will do with it, who it will be shared with and how long it will be kept for. That information is set out in this privacy notice, but if you require any further information please don’t hesitate to contact us.
Right to request a copy of your information – you can request a copy of your information which we hold (this is known as a ‘subject access request’). If you would like a copy of some or all of this information please contact us with proof of your identity and let us know what information you would like. We must provide this information to you in a commonly used and machine readable format.
Right to require us to correct any mistakes in your information – you can require us to correct any information which we hold. If you would like to do this, please contact us to let us know the information that is incorrect and what is should be replaced with.
Right to ask us to stop contacting you with direct marketing – you can ask us to stop contacting you for direct marketing purposes at any time. If you would like to do this, please contact us and let us know what method of contact (one or all) you are not happy with.
Right to restrict processing – you can ask us to suspend the processing of your personal data in certain circumstances, for example, if you have notified us there is a mistake in the information we hold about you, you may ask us to suspend processing until that mistake is rectified.
Right to erasure – otherwise known as ‘the right to be forgotten’ – you can ask us to delete or remove your personal data from our systems where there is no compelling reason for us to continue processing it.
If you want to exercise any of these rights, please contact us.
How to contact us
If you have any questions or concerns about this privacy notice or the information we hold about you, please do not hesitate to contact us by one of the following methods:
By post: Beard Medical Practice, Litfield House Medical Centre, Clifton Down, Bristol BS8 3LS
By email: firstname.lastname@example.org
By phone: 0117 973 1323
If you would like this notice in another format (for example, audio, large print, braille) please contact us using any of the methods above.
Questions or Complaints
If you have a complaint, we hope that we can resolve any issues you have by contacting us via one of the methods above. However, you also have the right to lodge a complaint with the Information Commissioners Office who may be contacted at https://ico.org.uk/concerns/ or via the helpline: 0303 123 1113