Healthwatch Ltd is committed to protecting the privacy of your personal information. This is a legal obligation of Healthwatch and, in addition, as a business which values its reputation it is in our interests to ensure that protection.
We collect personal information from you when you provide it to us through our registration forms. Any information we store is held on secure servers in the EU. We take steps to protect your information from misuse, loss and unauthorised access by:
- ensuring we have strict security procedures for access to our business premises
- internet security such as password protection, firewalls and encryption
We only disclose your information to a third party when we need to do so to provide a service that you have requested unless we are required to do so by law.
Medical records are stored in compliance with standards set by the General Medical Council.
By agreeing to our Terms and Conditions you are accepting and consenting to the terms outlined in this policy.
Information we may collect from you:
When you use our booking system for appointments with health professionals we may collect personal information such as
- your name
- your date of birth
- your contact details (email address, phone number and address)
- the type of appointment you are requesting
- the reason for asking for an appointment
- payment details
When registering for your appointment or service at the practice we will collect registration information such as
- your name
- your date of birth
- your contact details (email address, phone number and address) and emergency contact details
- sexual orientation*
- marital status*
- medical history
*our regulators (the CQC) require us to ask you for this information
Normally we collect information from you directly, but we may also collect your personal information from our website, via our booking form, from email, via telephone or via the NHS database.
We may also collect information from third parties such as family members, legal guardians, insurance companies or other people you have authorised to provide your personal information to us.
We require you to provide accurate details and do not permit you to use a pseudonym or remain anonymous. Some information is designated as mandatory and without this information you may not be able to access the Mayfield Clinic.
The Mayfield Clinic uses social networking services such as Instagram, Facebook and Twitter to communicate about our activities. We may collect your personal information when you communicate with us by using these social networking services, and the social networking services will also handle your personal information for their own activities.
Why do we collect and use your personal information:
To provide you with services
For communicating with you about our products and services
For quality assurance purposes
To make disclosures as required by regulatory bodies such as GMC and CQC
Where you request or have consented to insurance companies who are paying for your service
Where you request it, to provide it to your GP, laboratory services or other healthcare practitioners to whom
we refer you
To process your payment for products and services
On a de-identified basis for analysis research and marketing
Third Party service providers:
We do not accept any responsibility or liability for third party service providers.
We do not store any credit or debit card information. Payments are processed via a third party booking system provider (Hero Doctor) that is fully compliant with level 1 payment card industry (PCI) data security standards. Any payment transactions are encrypted using SSL technology.
We encrypt data transmitted to and from the website. However secure transmission of information via the internet cannot be fully guaranteed due to potential events beyond our control and you acknowledge transmission is at your own risk.
Subject to the above provisions, you agree to the transfer, storing or processing of your personal data.
Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage. You can opt-out of Google Analytics cookies altogether on this Google Analytics Opt-Out Add-on.
Healthwatch and third-party vendors, including Google, use first-party cookies (Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) to inform, optimise, and serve ads based on past visits to our website. More specifically, our website has implemented and uses advertising features, and we utilise Google Analytics to implement a specific features called Remarketing, Google Display Network Impression Reporting and Google Analytics Demographics and Interest Reporting. Remarketing is a feature of Google Ad's that allows us to optimise the delivery of ad content specifically targeted to a visitor's interests based upon previous visits to our site. According to its own policy, Google does not collect any personal data with this process. Nevertheless, if you do not want to use the remarketing feature from Google, you can disable it by changing the appropriate settings in Google Ad Settings Manager.
Access to information:
Legislation gives you the right to access information held about you. Further information can be found here https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-of-access/. Excessive requests for personal information are subject to a processing fee.
How to contact us
By letter: Privacy Officer Healthwatch Ltd, 3rd Floor Mayfield House, 256 Banbury Road, Oxford OX2 7DE
By email: firstname.lastname@example.org
By phone: 01865 423425
All fees must be pre-paid before the time of consultation through herodoctors.co.uk. We will provide a receipt for all payments which may be used to claim reimbursement from your health insurance should you have cover. We accept guarantees of payments from some insurers. All invoices submitted to insurance companies must be paid within 30 days. If payment is not received by the insurer within 30 days, or the claim is denied then the patient is liable for the full cost of the claim.
Further treatment will only be offered at the discretion of the doctor for any patients who have outstanding accounts.