Our priority is your health

CARING FOR THE LOCAL COMMUNITY SINCE 1994
TALK TO US TODAY

The Southern Independent Medical Practice’s privacy and security statement

What is privacy?

Privacy is the confidentiality of your personal information and it is of paramount concern to the Southern Independent Medical Practice. We are registered with the Information Commissioner as required under the data protection laws in the United Kingdom and are committed to compliance with Data Protection legislation, Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 (UK Regulations), medical confidentiality and NHS Information Governance guidelines.

Why do we have a privacy policy?

We have developed this policy because we want you to feel confident about the privacy and security of your personal information.

This privacy policy explains how the Southern Independent Medical Practice uses any personal information we collect about you, and your rights in relation to that information.

The Southern Independent Medical Practice makes every effort to prevent unauthorised access to your personal information, complies with medical confidentiality and its obligations under the General Data Protection Regulation and Data Protection Act 2018(the “Act”).

Please read this privacy policy carefully. By visiting (the “Site”), you indicate your agreement for the Southern Independent Medical Practice to use your personal information as set out in this privacy policy.

When we refer to “we”, “our”, “Southern Independent Medical Practice” or “SIMP” in this policy, we are referring to the Southern Independent Medical Practice Limited, whose registered office is at 35 Chequers Court, Brown Street, Salisbury, Wiltshire SP1 2AS. For the purpose of the Act, the Southern Independent Medical Practice is the “data controller”.

When we refer to “personal information” in this policy, we mean information that identifies you as an individual, or is capable of doing so. Accordingly, we may hold and use information about you in your capacity as a customer, a patient, or in any other capacity, for example, as a visitor to the Site.

Why do we use your data?

We use information about you for the purpose of providing you with our healthcare services. We use your sensitive data: As a patient, we will use information about your health, racial and ethnic origin, sexual orientation and religion.

Sharing data:

We may share your data with third parties, including other healthcare providers who may contribute to your care, your GP, statutory bodies concerned with the regulation of your care, and other agencies who may be involved in your care.

Security:

We respect the security of your data and treat it in accordance with the law.
This statement applies to all our patients and any prospective patients.

What personal information do we collect and when?

We may collect and process the following personal data about you:

Information you give us. You may give us information about you by filling in forms on the Site or by corresponding with us by phone, email or otherwise. This includes information you provide when you enquire about any of our services, submit a referral online, or report a problem with the Site. The information you give us may include your name, address, email address and/or phone number. It may also include sensitive personal data (such as information about your health), but only where you have explicitly consented to the terms of this policy.

Information we collect about you. With regard to each of your visits to the Site, we may automatically collect the following information:
• technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
• information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from the Site; services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call us.

How do we use your information?

We use information held about you in the following ways:

Information you give to us.

We may use this information:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
  • to provide you with information about other services we offer that are similar to those that you have already purchased or enquired about;
  • to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (email) with information about goods and services similar to those that were the subject of a previous sale. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data;
  • to notify you about changes to our service;
  • to ensure that content from the Site is presented in the most effective manner for you and for your computer.

Information we collect about you.

We will use this information:

  • to administer and improve the Site;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • as part of our efforts to keep the Site safe and secure;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
    Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Disclosure of your Information

We may share your personal information as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:

  • analytics and search engine providers that assist us in the improvement and optimisation of the Site;
  • if the Southern Independent Medical Practice or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
  • advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;
  • in the usual course of our business, we may use third parties to process your personal information on our behalf. Where a third-party data processor is used, we will ensure that they operate under subject to contractual restrictions with regard to confidentiality and security in addition to obligations imposed by data protection legislation.

How do we protect your personal information?

We take appropriate organisational and technical security measures to protect the data that we hold against unauthorised disclosure or unlawful processing.

We use a secure server to store the information you give us when you register, enquire or submit a referral online (including your password).

Other information which you submit online may not be subject to the same protection and you do so at your own risk.

Why are we collecting your information?

We ask for information about you so that we can make sure we provide you with the best health care and service as our patient.

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to provide you with the service you require, but we will notify you if this is the case at the time.

Types of personal information we use

We are collecting information about you which is relevant to the care we provide to you. This includes:

  • personal details (such as name, date of birth, gender, marital status, national insurance number, occupation);
  • contact details (such as your address, personal telephone numbers and personal email address);
  • financial information (such as your bank account details);
  • information about your next of kin (for the purpose of emergency contact details);
  • information about other healthcare providers (such as your NHS GP and practice details);
  • video and photographs of you (such as CCTV footage, photographs for security purposes, etc):

Special categories of personal data

Some of the information which we collect about you may be “special categories of personal data”. Special categories of data require a greater level of protection. The special categories of personal data about you which we may collect include:

  • information about your racial or ethnic origin;
  • information about your religious beliefs;
  • information about your sex life and sexual orientation;

Healthcare information, including:

  • any disabilities or special requirements which you may have;
  • medical records relating to your treatment by us;
  • your medical history; and
  • records required by care regulators.

Source of your personal information

The above information which we collect about you will be obtained through a variety of sources which include:

  • from you directly both prior to and during the course of your treatment by us;
  • from your friends and relatives who provide us with information about you;
  • from your employer (if they have been involved in directing you to us); and
  • from other healthcare professionals and officers in the local authority/ social services department.

How and why we use your personal data

In accordance with the data protection laws, we need a “lawful basis” for collecting and using information about you for any purpose.

We have set out below the different purposes for which we collect and use your personal data, along with the lawful bases on which we will rely.

Why we use your information

1. To provide healthcare and related services:

To provide you with safe, appropriate and personalised care as one of our patients and ensure that we meet your individual requirements.

2. Finance:

Administering payments for your treatment by us.

3. Administration:

Administrative matters which are necessary for the day-to-day functioning of our organisation. This may occasionally include the prevention, detection and investigation of fraud and corruption.

4. Analysis and monitoring:

Analysing the quality of care delivered to our patients as part of our continuing service improvement.

5. Complaints:

Handling any complaints made, concerns raised.

6. Safeguarding and regulation:

We use your personal data for the purpose of safeguarding and regulation of health care.

7. Communication:

We will need to use your personal information to communicate with you before, during and after your treatment. For example, when you telephone us, we may record those calls for monitoring and training purposes.

8. Marketing:

We will use your personal information to notify you of details of our products and services which we think will be of benefit or interest to you.

9. Improving our services:

We may ask you to voluntarily complete patient surveys to help us improve the services which we provide to you.

10. Security:

We may need to capture images of you as part of our security processes such as use of CCTV footage.

Our lawful basis for using your information

It is necessary

  • to perform our contract with you.
  • to meet legal / regulatory obligations.
  • for our legitimate interests (where they are not overridden by your rights).
  • for the protection of your vital interests.
  • for us to provide you with health care.*

It is necessary

  • for our legitimate interests (where they are not overridden by your rights).
  • to perform our contract with you.

It is necessary

  • to perform our contract with you.
  • to meet legal / regulatory obligations.
  • for our legitimate interests (where they are not overridden by your rights).
  • for reasons of substantial public interest.
  • for us to provide you with health care.*

It is necessary

  • to perform our contract with you.
  • for our legitimate interests (where they are not overridden by your rights).
  • to meet legal / regulatory obligations.
  • for us to provide you with health care.*

It is necessary

  • to perform our contract with you.
  • for our legitimate interests (where they are not overridden by your rights).
  • to meet legal / regulatory obligations.
  • for us to provide you with health care.*

It is necessary

  • to perform our contract with you.
  • to meet legal / regulatory obligations.
  • for our legitimate interests (where they are not overridden by your rights).
  • to provide you with health care.*

It is necessary

  • to perform our contract with you.
  • for our legitimate interests (where they are not overridden by your rights).

It is necessary

  • for our legitimate interests (where they are not overridden by your rights).
  • We rely on your explicit consent for us to use your personal data.*

It is necessary

  • for our legitimate interests (where they are not overridden by your rights).
  • for the management of health and social care services.*

Complying with data protection law

We will comply with data protection law when using your personal information. At the heart of data protection laws are the “data protection principles” which say that the personal information we hold about you must be:

  • used lawfully, fairly and in a transparent way;
  • collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  • relevant to the purposes we have told you about and limited only to those purposes;
  • accurate and kept up to date;
  • kept only as long as necessary for the purposes we have told you about; and
  • kept securely

Sharing your information

We will share your personal information with third parties where we have a lawful basis for doing so.

The types of organisations with whom we share your personal data are as follows:

  • Healthcare providers (NHS and private) and multi-disciplinary teams: Where it is lawful and necessary to do so, we will share information about you with other medical service providers involved directly with your care including laboratory services, imaging centre or specialists to whom you have requested a referral.
  • Your employer: We may tell your employer you have attended an appointment. We will not share any personally identifiable data or medical details without your explicit consent to do so.
  • Regulators / safeguarding authorities / commissioners: We also share your personal data with these public bodies where we are required to do so by law.
  • The police and other law enforcement agencies: In limited circumstances, we may be required to share your personal data with the police if required for the purposes of criminal investigations and law enforcement.
  • IT service providers: We may use external IT providers who may have access to your personal data from time to time as is necessary to perform their services.
  • Attorneys: Where it is lawful to do so, we may share your personal information with any individual who has authority to act on your behalf, such as those granted power of attorney.
  • Next of kin: we may share your personal information with your next of kin (if we are aware of their contact details) in an emergency.
    We will only share your personal data with your regular NHS GP where we have your explicit consent.

Transferring information outside the EU

We (or third parties acting on our behalf) may store or process information that we collect about you in countries outside the European Economic Area (“EEA“). Where we make a transfer of your personal information outside of the EEA we will take the required steps to ensure that your personal information is protected.

To the extent that it is necessary to do so, Southern Independent Medical Practice may transfer your personal data outside of the EEA to the United States to the following specific types of third party:

  • International medical assistance providers
  • Overseas insurers who refer patients to us

We will only do so to the extent that it is relevant and necessary. The United States and the EEA have in place a framework, known as Privacy Shield, to facilitate compliance with data protection obligations when transferring personal data. Privacy Shield has been assessed by the EU Commission and deemed to provide adequate protection to personal data.

If you would like further information regarding the steps we take to safeguard your personal information, please contact the data controller.

We have listed above the current common transfers of personal data outside of the EEA but it may be necessary, in future, to transfer such data for other purposes.  If this happens then we will update this Privacy Statement.

Can we use your information for any other purpose?

We typically will only use your personal information for the purposes for which we collect it. It is possible that we will use your information for other purposes as long as those other purposes are compatible with those set out in this policy. If we intend to do so, we will provide you with information relating to that other purpose before using it for the new purpose.

We may also use your personal information for other purposes where such use is required or permitted by law.

Storing your information and deleting it

We will only retain your personal information for as long as necessary to fulfil the purposes for which we have collected it or to fulfil another lawful purpose.  When we no longer have a lawful purpose for holding your data, we will securely destroy your personal information in accordance with our data retention policy. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us at info@independentdoctor.co.uk.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your rights

Under data protection law you have certain rights in relation to the personal information that we hold about you. These include rights to know what information we hold about you and how it is used. You may exercise these rights at any time by contacting us using the details set out above at the top of the page.

There will not usually be a charge for handling a request to exercise your rights.

If we cannot comply with your request to exercise your rights, we will provide evidence of how we came to our decision.

If you make a request, or your request is manifestly unfounded or excessive, then we can refuse to respond.

Your rights include:

The right to access your personal information
This is commonly known as a ‘data subject access request’.  This enables you to receive a copy of the personal information we hold about you and to check that we are processing it lawfully.

The right to rectification
We take reasonable steps to ensure that the information we hold about you is accurate and complete. However, if you do not believe this is the case, you can ask us to update or amend it.

The right to erasure (also known as the right to be forgotten)
This enables you to ask us to delete or remove personal information where there is no good reason for us to continuing to process it.  You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.  See ‘The right to restrict processing’.

The right to restrict processing
This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish the accuracy or the reason for processing it.

The right to data portability
In some circumstances, we must transfer personal information that you have provided to us to you or (if this is technically feasible another individual/ organisation of your choice. The information must be transferred in an electronic format.

The right to object

You can ask us to stop sending you marketing messages at any time and we must comply with your request. You can do this by contacting the DPO.

Rights in relation to automated decision making and profiling

You will not be subject to decisions that will have a significant impact on you based solely on automated decision making.

The right to withdraw consent
In the limited circumstances where we are relying on your consent as our lawful basis to process your data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.  To withdraw your consent, please contact our data controller.  Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes your originally agreed to, unless we have another legitimate basis for doing so in law.

The right to complain to the Information Commissioner’s Office
You can complain to the Information Commissioner’s Office if you are unhappy with the way that we have dealt with a request from you to exercise any of these rights, or if you think we have not complied with our legal obligations.

More information can be found on the Information Commissioner’s Office website: https://ico.org.uk/

Making a complaint will not affect any other legal rights or remedies that you have.

Will I receive marketing information?

We will only send you marketing information where you have provided your consent to receive it. This may include information about products and services provided by the Southern Independent Medical Practice which may be of interest to you.

You have the right to stop us from contacting you for marketing purposes or giving your information to other members of the Southern Independent Medical Practice Group.

If you no longer wish to receive web-based marketing information, you can unsubscribe by clicking on the link within the email that has been sent to you. By clicking on this unsubscribe link it will update our contacts lists to ensure that we do not contact you again.

If you no longer wish to receive non-web-based marketing information, please contact the Southern Independent Medical Practice.

Telephone call monitoring

Please contact us if you have any questions about our privacy policy:

  • by email: info@independentdoctor.co.uk
  • or write to us at: The Southern Independent Medical Practice, 5 Wyndham Road, Salisbury, Wiltshire, SP1 3AA.

Telephone Calls
For the purposes of training and continually improving our services, calls to/from the Southern Independent Medical Practice may be monitored or recorded

This privacy policy is regularly reviewed.

This privacy policy should be read in conjunction with the Southern Independent Medical Practice website Terms and Conditions.

What are cookies?

The Site uses cookies to distinguish you from other users of our website.  A “cookie” is a small amount of data which often includes a unique identifier that is sent to your computer, tablet or mobile phone (referred to here as a “device“) browser from a website’s computer and is stored on your device’s hard drive, mobile or other device.

There are different types of cookies which are used to do different things, such as allowing you to navigate between pages on a website efficiently, remembering your preferences on a certain web pages or improving your overall experience. Other cookies can provide you with advertising which is more tailored to your interests or measure the number of site visits and the most popular pages users visit.

How to disable cookies
Most web browsers automatically accept cookies, but you can disable this function by changing your browser settings if you so wish. To find out more about cookies, including what they are, how to control them or how to delete them, please visit www.aboutcookies.org.

What cookies does the Southern Independent Medical Practice website use?

Below is a list of the different types of cookies used across the Site, and a description of what they are used for.

First Party Cookies
First Party Cookies are cookies which the Southern Independent Medical Practice uses. The Southern Independent Medical Practice also uses cookies linked to Google Analytics but these are not traced to personal identifiable data and are non-intrusive.

Third Party cookies
The Site contains links to other third party websites. This means that when you click on the links to those websites you may be agreeing to the use of cookies from their websites. Southern Independent Medical Practice has identified the following third party cookies.

Cookies
DoubleClick
Purpose
Used for certain Google Ad services, user data is anonymous.
Additional information
View the Google privacy policy

Cookies
Google maps
Purpose
Cookies are stored when a user accesses a page with Google maps embedded on it.
Additional information
View the Google privacy policy

Cookies
Google Analytics  
Purpose
Non-specific website usage information is collected using Google Analytics and cookies. By using web analytics we can understand how our users arrive at the Site, what they do whilst they are on the website, what information they look at whilst on the website, etc. The data collected is anonymous.
Additional information
Visit the Google Analytics website

Are third party websites covered by this policy?

The Site, from time to time, may contain links to other websites. This policy only applies to the Site, so when you visit external websites please read their privacy policies carefully. The Southern Independent Medical Practice accepts no responsibility for external websites.

We may occasionally offer products or services from external companies. These organisations may also allocate cookies to your PC. The types of cookies they use and how they use this information will be governed by their privacy policies.

How do you find out about changes to our privacy policy?

We keep our privacy policy under regular review and we will place any updates on this webpage.

We may change the content or services found on the Site at any time without notice, and consequently our privacy policy may change at any time in the future. Your continued access to or use of the website will mean that you agree to the changes.

Whom do I contact if I have a question about your privacy policy?

Please contact us if you have any questions about our privacy policy:

  • by email: info@independentdoctor.co.uk
  • or write to us at: The Southern Independent Medical Practice, 5 Wyndham Road, Salisbury, Wiltshire, SP1 3AA.

This privacy policy was last updated on 25 May 2018.
This privacy policy should be read in conjunction with the Southern Independent Medical Practice website Terms and Conditions.