The personal data we collect
Data collected will include your doctor’s initial referral letter, any correspondence from Mr Ward to your doctor or to yourself, any operation records and any accounts involved.
Medico-legal clients seeing Mr Ward may have GP and Hospital records held initially for the purpose of preparing reports and amendments thereof.
Aside from medical records, data held includes names, addresses and phone numbers of patients seen by Mr Ward.
How do we use your personal data
Your personal data is used to facilitate your ongoing care. Minimum recommendations as to how long data should be kept depends upon patients’ ages. Adult patients’ data will be collected for a period of at least 8 years beginning on the date of the last entry in the patient records.
Records that are no longer required will be destroyed and disposed of in a confidential manner.
Peter Ward acts as the data controller for Dorset Hip Clinic. Data can be accessed by him and by Marie Barton, his private medical secretary.
Data will only be shared with the patient and their General Practitioner.
No data will be made available for research or to any other parties other than that required to arrange hospital admission or follow-up.
Medico-legal data will only be shared with the instructing solicitor or party that requests medical reports.
How do we keep your personal data secure
Personal data is stored on an encrypted secure database. Back-up copies for the database are filed and locked securely. Any hard copy of data will be stored in the Dorset Hip Clinic office, locked and secured.
Any breach of data protection which poses a high risk to patients will be notified to the Information Commissioner’s Office (ICO) within 72 hours of the breach being identified as well as any patients being notified.
Your rights with respect to your data
- You have the right to request a copy of the personal data that is held by Dorset Hip Clinic.
- You have the right to request that we correct any personal data that may be inaccurate.
- You have the right to request that we delete or stop holding your personal data other than any accounting requirements.
If you wish to exercise any of these rights please contact me via firstname.lastname@example.org.
For security reasons we request that you provide proof of your identity and/or additional information which will help us respond to your request.