Privacy Policy - Menopause Care

Menopause Care has a duty to look after all confidential patient information and to be clear about how Menopause Care uses such information.

This is a Privacy Notice – also known as a Fair Processing Notice and is in accordance with the General Data Protection Regulation (GDPR) which came into force in May 2018 and replaces the Data Protection Act 1998.

To provide a service to patients, it is necessary that both doctors and non-medical staff working with Menopause Care have access to patient medical records and this access is kept to a necessary minimum.

We take information about you in order to respond to your queries and tailor our support to suit your needs.
We do not provide this information to any third parties.

This notice describes how Menopause Care uses and manages the information held about patients, including how the information may be shared with other organisations and how the confidentiality of patient information is maintained.

Personal data is information that relates to a living individual who can be identified from that data.

Menopause Care keeps records about the health care and treatment provided to patients.

This helps to ensure that patients receive the best possible care.

It helps patients because:

Accurate, up-to-date information is important for providing the right care.

Patient information may be shared, for the purposes of providing direct patient care, with NHS organisations, such as NHS Acute Trusts (hospitals), NHS Community Health (primary care), NHS general practitioners (GPs), NHS ambulance services etc. should the patient provide consent.

In such cases, the shared data must always identify the patient for safety reasons.
For the benefit of the patient, Menopause Care may also need to share patient health information with other private organisations.

However, Menopause Care will not disclose confidential health information to third parties without the patient’s explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk or where the law requires disclosure.

Menopause Care may also be asked to share basic information about patients, such as names and addresses, which does not include sensitive health information.

Generally, Menopause Care would do this where it is necessary to assist an organisation to carry out its statutory duties.

As it may not be practical in such circumstances to obtain patients’ explicit consent, Menopause Care is informing its patients through this notice, which is referred to as a Fair Processing Notice, under the General Data Protection Regulation 2018.

Where patient information is shared with other organisations, or for reasons other than direct patient care, it is good practice for an information sharing agreement to be drawn up to ensure that information is shared in a way that complies with all relevant legislation.

How long health records are formed, maintained and retained

All patient records are maintained digitally on a cloud-based Patient Management System. Each user of the system has an individual login.

If any member of staff leaves then Menopause Care will disable the login.

What kind of information Menopause Care holds about patients
Identity details – name, date of birth,
Contact details – address, telephone, email address
Next of kin – the contact details of a close relative or friend
Details of any outpatient appointments and/or GP appointments
Results of any scans, X-rays and pathology tests
Details of any diagnosis and treatment given
Information about any allergies and health conditions

By providing Menopause Care with their contact details, patients are agreeing to Menopause Care using those channels to communicate with them about their healthcare, i.e. by letter (postal address), by voice-mail or voice-message (telephone or mobile number), by text message (mobile number) or by email (email address).

Refusing or withdrawing consent

The possible consequences of refusing consent will be fully explained to the patient at the time, and could include delays in receiving care.

In those instances where the legal basis for sharing of confidential personal information relies on the patient’s explicit or implied consent, then the patient has the right at any time to refuse their consent to the information sharing, or to withdraw their consent previously given.

In instances where the legal basis for sharing information relies on a statutory duty/power, then the patient cannot refuse or withdraw consent for the disclosure.

Patients have the right to access personal information about them held by Menopause Care, either to view the information in person, or to be provided with a copy.

Patient wanting to access their health records should request via e-mail info@menopausecare.co.uk

Direct Communication

All patient are asked to complete a registration form to confirm existing details. By completing this form, Menopause Care will assume that you wish to hear from them regarding news and clinic updates. Should you no longer wish to hear from them there is an unsubscribe button on the email.
Any e-mails sent will be blind copied .
All e-mail addresses are held by a secure cloud based online company.

How patient records are kept confidential

All Menopause Care staff sign a Confidentiality Agreement.

Information provided in confidence will only be used for the purposes advised and consented to by the patient, except in circumstances where the law requires or allows Menopause Care to act otherwise.

Under the Confidentiality Agreement, all staff working for Menopause Care are required to protect patient information, to keep patients informed of how their information will be used, and to allow patients to decide about how their information can be shared.

How patient records are shared

Menopause Care shares patient information with a range of organisations or individuals for a variety of lawful purposes, including:

Disclosure to GPs, Consultants and healthcare practitioners for the purposes of providing direct care and treatment to the patient, including administration, investigation and test results; There is the option to opt out of sharing information with the GP at registration.
Communication with medical insurance companies to assist in the processing of insurance claims
Communication with a company we engage to invoice medical insurance companies for reimbursement or to receive payments via.
Disclosure to bodies with statutory investigative powers – e.g. the Care Quality Commission, the GMC, the Audit Commission, the Health Service Ombudsman;
Disclosure to solicitors, to the police, to the Courts (including a Coroner’s Court), and to tribunals and enquiries;

Confidential patient-identifiable information is only shared with other organisations where there is a legal basis for it as follows:

When there is a Court Order or a statutory duty to share patient data;
When there is a statutory power to share patient data;
When the patient has given his/her explicit consent to the sharing;

Patients who have a concern about any aspect of their care or treatment, or about the way their records have been managed, should contact Menopause Care.

Additionally, patients have the right to complain to the Information Commissioner if they should ever be dissatisfied with the way Menopause Care has handled or shared their personal information:

The Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 or 01625 545745
Information Commissioner’s Office website (www.ico.org.uk)

If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

Menopause Care is registered with the Information Commissioner’s Office as a Data Controller reference ZA554223 , as required by the Data Protection Act 1998.

We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at info@menopausecare.co.uk

Personal data is information that relates to a living individual who can be identified from that data.

Menopause Care holds personal data about patients for the purposes of providing them with appropriate care and treatment.

Menopause Care keeps records about the health care and treatment provided to patients.

This helps to ensure that patients receive the best possible care.

It helps patients because:

Accurate, up-to-date information is important for providing the right care;

In such cases, the shared data must always identify the patient for safety reasons.

For the benefit of the patient, Menopause Care may also need to share patient health information with other private organisations.

Menopause Care may also be asked to share basic information about patients, such as names and addresses, which does not include sensitive health information.

Generally, Menopause Care would do this where it is necessary to assist an organisation to carry out its statutory duties.

As it may not be practicable in such circumstances to obtain patients’ explicit consent, Menopause Care is informing its patients through this notice, which is referred to as a Fair Processing Notice, under the General Data Protection Regulation 2018.

When the patient has implicitly consented to the sharing for direct care purposes;

Refusing or withdrawing consent

The possible consequences of refusing consent will be fully explained to the patient at the time, and could include delays in receiving care.

In instances where the legal basis for sharing information relies on a statutory duty/power, then the patient cannot refuse or withdraw consent for the disclosure.

Menopause Care is registered with the Information Commissioner’s Office as a Data Controller reference ZA554223 , as required by the Data Protection Act 1998.

Patients have the right to access personal information about them held by Menopause Care, either to view the information in person, or to be provided with a copy.

Patient wanting to access their health records should request via e-mail info@menopausecare.co.uk

What kind of information Menopause Care holds about patients

Identity details – name, date of birth,
Contact details – address, telephone, email address
Next of kin – the contact details of a close relative or friend
Details of any outpatient appointments and/or GP appointments
Results of any scans, X-rays and pathology tests
Details of any diagnosis and treatment given
Information about any allergies and health conditions

Direct Marketing

Any e-mails sent will be blind copied .

All e-mail addresses are held by a secure cloud based online company.

How patient records are kept confidential

Everyone working for Menopause Care has to sign a Confidentiality Agreement.

How patient records are shared

Menopause Care shares patient information with a range of organisations or individuals for a variety of lawful purposes, including:

Disclosure to GPs, Consultants and healthcare practitioners for the purposes of providing direct care and treatment to the patient, including administration; There is the option to opt out of sharing information with the GP at registration.
Communication with medical insurance companies to assist in the processing of insurance claims
Communication with a company we engage to invoice medical insurance companies for reimbursement.
Disclosure to bodies with statutory investigative powers – e.g. the Care Quality Commission, the GMC, the Audit Commission, the Health Service Ombudsman;
Disclosure to solicitors, to the police, to the Courts (including a Coroner’s Court), and to tribunals and enquiries;

Confidential patient-identifiable information is only shared with other organisations where there is a legal basis for it as follows:

When there is a Court Order or a statutory duty to share patient data;
When there is a statutory power to share patient data;
When the patient has given his/her explicit consent to the sharing;