We respect your right with regards to data privacy and data protection when you communicate (online or offline) with us through our website, social media, text messages and offline programs or events. To ensure that we process your personal data fairly and lawfully we are required to inform you: · Why we need your data · How it will be used and · Who it will be shared with This information also explains what rights you have to control how we use your information. The law determines how organisations can use personal information. The key laws are: the Data Protection Act 1998 (DPA), the Human Rights Act 1998 (HRA), relevant health service legislation, and the common law duty of confidentiality. Within these pages we describe instances where the Independent Midwife is the “Data Controller”, for the purposes of the Data Protection Act 1998, and where we direct or commission the processing of client data to help deliver better healthcare, or to assist the management of healthcare services. Independent Midwives recognise the importance of protecting personal and confidential information in all that we do. In the first instance, you should contact me via the website Mindful Midwifery, is a ‘data controller’ under the DPA. We have notified the Information Commissioner that we process personal data and the details are publicly available from the:- Information Commissioner’s Office Wycliffe House Water Lane, Wilmslow SK9 5AF ico.org.uk Please contact me if you have any questions about our privacy notice or information we hold about you: via the website. What information do we collect? Find out what information we collect about you, what types of personal data we handle and what we do with that information. What information do we collect about you? We only collect and use your information for a lawful purposes. These purposes include: · Accounting and Auditing · Accounts and records · Advertising, marketing & public relations · Consultancy and Advisory services · Crime prevention and prosecution of offenders · Education · Health administration and services · Information and databank administration · Research · Sharing and matching of personal information for national fraud initiative · Staff administration
What types of personal data do we handle? We process personal information to enable us to support the provision of healthcare services to clients, maintain our own accounts and records, promote our services, and to support and manage our employees. The types of personal information we use include: · personal details such as names, addresses, telephone numbers · family details for example next of kin details · employment details, for example for those that work for us either directly or are commissioned by us to provide a service · financial details, where we provide payment for services or access to funds for individual patients
· services, for example details of the services access or offered by providers · lifestyle and social circumstances · details held in the patient’s record, where we hold or manage the patient’s record We also process sensitive classes of information that may include: · racial and ethnic origin · offences (including alleged offences), criminal proceedings, outcomes and sentences · religious or similar beliefs · Complaints, accidents, and incident details · This information will generally relate to our staff, covered by the Privacy Notice for Staff, or for those health care professionals we manage. In terms of patient information, information may include: · physical or mental health details · sexual life How will we store your information? We may keep your information in written form or on a computer. These records are kept secure at our business addresses. Sharing your information There are a number of reasons why we share information. This can be due to: · Our obligations to comply with current legislation · Our duty to comply with a Court Order · You have consented to disclosure
Retaining information We will only retain information for as long as necessary. Records are maintained in line with the NHS retention schedule which determines the length of time records should be kept. We will also maintain contact information on mobile devices for as long as is required so that you may contact us in the future. If you do not wish this to be retained please let us know and we will delete the contact information upon discharge. Security of your information We take our duty to protect your personal information and confidentiality seriously. We are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper. Independent Midwives are subject to the NMC Confidentiality Code of Conduct, we are all required to protect your information, and inform you of how your information will be used. This includes, in most circumstances, allowing you to decide if and how your information can be shared. We abide by this practice in all aspects of work including our independent practice. How to access your information The Data Protection Act 1998 gives you the right to see the information that the Independent Midwife holds about you and why. Find out how to access information about you. How to access your personal information The Data Protection Act 1998 gives you the right to see the information that the Independent Midwife holds about you and why. Requests must be made in writing and you will need to provide: · adequate information [for example full name, address, date of birth, NHS number, etc.] so that your identity can be verified and your information located. · an indication of what information you are requesting to enable us to locate this in an efficient manner. A request for information from a health record has to be made with the appropriate data controller, this will be the independent midwife in charge of your care. Details on contacting us are on the Contact Us Page We aim to comply with requests for access to personal data as quickly as possible. We will ensure that we deal with requests within 40 days of receipt unless there is a reason for delay that is justifiable under the Data Protection Act. We want to make sure that your personal information is accurate and up to date. If you think any information is inaccurate or incorrect then please let us know promptly and we will ensure the records are amended. Some other verification may be requested to change the data record to ensure it is accurate.