top of page

Privacy Policy

1 Introduction

1.1 Policy statement 

This Privacy Notice explains how Stamford Women’s Health collects, uses, and protects your personal information. We are committed to ensuring that your privacy is protected.

 

1.2 Status 

Stamford Women’s Health aims to design and implement policies and procedures that meet the diverse needs of our service and workforce, ensuring that none are placed at a disadvantage over others, in accordance with the Equality Act 2010. Consideration has been given to the impact this policy might have in regard to the individual protected characteristics of those to whom it applies. 

This document and any procedures contained within it are non-contractual and may be modified or withdrawn at any time. For the avoidance of doubt, it does not form part of your contract of employment. 

1.3 Training and support 

Stamford Women’s Health will provide guidance and support to help those to whom it applies to understand their rights and responsibilities under this policy. Additional support will be provided to managers and supervisors to enable them to deal more effectively with matters arising from this policy. 

2 Scope 

2.1 Who it applies to 

This document applies to all employees and partners Stamford Women’s Health. Other individuals performing functions in relation to Stamford Women’s Health, such as agency workers, and contractors, are encouraged to use it. 

2.2 Why and how it applies to them 

Everyone should be aware of the privacy notice and be able to advise clients, their relatives and carers what information is collected, how that information may be used and with whom Stamford Women’s Health will share that information. 

The first principle of data protection is that personal data must be processed fairly and lawfully. Being transparent and providing accessible information to clients about how their personal data is used is a key element of the General Data Protection Regulation. 

3 Definition of terms 

3.1 Privacy notice 

A statement that discloses some or all of the ways in which Stamford Women’s Health gathers, uses, discloses and manages a client’s data. It fulfils a legal requirement to protect a client’s privacy. 

3.2 Data Protection Act 2018 (DPA18)1 

The Data Protection Act (DPA18) will ensure continuity by putting in place the same data protection regime in UK law pre- and post-Brexit. 

3.3 Information Commissioner’s Office (ICO)2 

The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. 

3.4 UK General Data Protection Regulation (GDPR) 

The background to the UK GDPR was that in May 2018, GDPR replaced the Data Protection Directive 95/46/EC and was designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way in which organisations across the region approach data privacy. 

Post-Brexit, in January 2021, the GDPR became formally known as UK GDPR and was incorporated within the Data Protection Act 2018 (DPA18) at Chapter 2. 

In accordance with the UK GDPR, Stamford Women’s Health will ensure that information provided to subjects about how their data is processed will be: 

  • concise, transparent, intelligible, and easily accessible, 

  • written in clear and plain language, particularly if addressed to a child, and 

  • free of charge. 

DPA18 will ensure continuity by putting in place the same data protection regime in UK law pre- and post-Brexit. 

3.5 Data controller 

The entity that determines the purposes, conditions, and means of the processing of personal data. 

3.6 Data subject 

A natural person whose personal data is processed by a controller or processor.

4 Compliance with regulations

4.1 GDPR 

In accordance with the GDPR, Stamford Women’s Health will ensure that information provided to subjects about how their data is processed will be: 

  • concise, transparent, intelligible, and easily accessible, 

  • written in clear and plain language, particularly if addressed to a child, and 

  • free of charge. 

4.2 Article 5 compliance 

In accordance with Article 5 of the GDPR, Stamford Women’s Health will ensure that any personal data is: 

  • • processed lawfully, fairly and in a transparent manner in relation to the data subject, 

  • • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes, 

  • • adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed, 

  • • accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased, or rectified without delay, 

  • • kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed, and 

  • • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures. 

Article 5 also stipulates that the controller shall be responsible for, and be able to demonstrate compliance with, the above. 

4.3 Communicating privacy information 

At Stamford Women’s Health, the privacy notice is displayed on our website and in writing during client registration. We will: 

  • inform clients how their data will be used and for what purpose, and 

  • allow clients to opt out of sharing their data, should they so wish. 

4.4 What data will be collected? 

At Stamford Women’s Health, the following data will be collected: 

  • client details (name, date of birth, NHS number), 

  • address and NOK information, 

  • medical notes (paper and electronic), 

  • details of treatment and care, including medications, 

  • results of tests (pathology, X-ray, etc.), and 

  • any other pertinent information. 

4.5 How we use the information 

We require this information to understand your needs and provide you with better service, and in particular, for the following reasons: 

  • Internal record keeping. 

  • We may use the information to improve our products and services. 

  • We may periodically send promotional emails about new products, special offers, or other information which we think you may find interesting using the email address which you have provided. 

  • From time to time, we may also use your information to contact you for market research purposes. 

4.6 Security 

We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online. 

4.7 Controlling your personal information 

You may choose to restrict the collection or use of your personal information by contacting us. We will not sell, distribute, or lease your personal information to third parties unless we have your permission or are required by law to do so. 

4.8 Your rights 

You have the right to access, correct, or delete your personal information. If you would like a copy of the information held on you, please contact us. 

4.9 Privacy notice checklists 

The ICO has provided a privacy notice checklist which can be used to support the writing of Stamford Women’s Health’s privacy notice. The checklist can be found by following this link. 

4.10 Privacy notice template 

A privacy notice template can be found at Annex A. 

5 Summary 

It is the responsibility of all staff at Stamford Women’s Health to ensure that clients understand what information is held about them and how this information may be used. Furthermore, Stamford Women’s Health must adhere to the DPA18 and the GDPR to ensure compliance with extant legal rules and legislative acts. 

Annex A – Stamford Women’s Health privacy notice 

Stamford Women’s Health has a legal duty to explain how we use any personal information we collect about you, as a registered client, at Stamford Women’s Health. Staff at Stamford Women’s Health maintain records about your health and the treatment you receive in electronic and paper format. 

What information do we collect about you? 

We will collect information such as personal details, including name, address, next of kin, records of appointments, visits, telephone calls, your health records, treatment and medications, test results, X-rays, etc. and any other relevant information to enable us to deliver effective medical care. 

How we will use your information 

Your data is collected for the purpose of providing direct client care; however, we can disclose this information if it is required by law, if you give consent or if it is justified in the public interest. 

Maintaining confidentiality and accessing your records 

We are committed to maintaining confidentiality and protecting the information we hold about you. We adhere to the General Data Protection Regulation (GDPR) as well as guidance issued by the Information Commissioner’s Office (ICO). You have a right to access the information we hold about you, and if you would like to access this information, you will need to complete a Subject Access Request (SAR). Please ask at reception for a SAR form and you will be given further information. Furthermore, should you identify any inaccuracies, you have a right to have the inaccurate data corrected. 

Retention periods 

Healthcare records will be retained for 10 years after death or, if a client emigrates, for 10 years after the date of emigration. 

What to do if you have any questions 

Should you have any questions about our privacy policy or the information we hold about you, you can contact Stamford Women’s Health’s data controller (Dr Katherine Cowie) via email at contact@thewomenshealthgp.co.uk

Complaints 

In the unlikely event that you are unhappy with any element of our data-processing methods, you have the right to lodge a complaint with the ICO. For further details, visit ico.org.uk and select “Raising a concern”. 

Changes to our privacy policy 

We regularly review our privacy policy and any updates will be published on our website, in our newsletter and on posters to reflect the changes. 



 

Stamford Women’s Health Ltd t/as Stamford Women’s Health Registered Office: 66 High St, Ketton, Rutland, PE9 3TE Director(s) :Dr Katherine Cowie Registered in England & Wales .Company Registration Number 15427707

bottom of page