Privacy Notice for Patients (2022)

Please click here for audio version.

Who are we:

Pioneer specialise in the provision of wound healing & lymphoedema services.  Using an evidence-based systematic approach to chronic wound healing, Pioneer provides speciality wound care and lymphoedema services to both NHS and private patients.

How we use your information:

The purpose of this leaflet is to tell you how Pioneer collects and processes information about you in accordance with the Data Protection Act 2018 and the provisions of UK GDPR. This is sometimes known as a Privacy Notice. It tells you:

  • about our commitment to meet the requirements of the Data Protection Act 2018 and the provisions of UK GDPR
  • why we collect information about you
  • what information we collect about you
  • in what format your information is held
  • the legal basis for collecting information about you
  • how your information is used
  • how we keep your information safe
  • when we might share information about you
  • your rights
  • how this affects you

About the Data Protection Act 2018 and UK GDPR:

The Data Protection Act (2018) brings the European General Data Protection Regulation (EU GDPR) in to UK law. References to the Data Protection Act 2018 include provisions of the UK GDPR. Pioneer must ensure data protection standards within the company meet the regulatory obligations of the Act.

Our commitment to meet the requirements of the Data Protection Act 2018 and the provisions of UK GDPR includes:

  • meeting the guidelines for the collection and processing of personal identifiable information, your information
  • undertaking regular reviews of our Data Protection Impact Assessment
  • keeping your information safe
  • fully respecting your rights

Why we collect information about you:

We aim to provide you with the highest quality of health care. To do this we must keep records about you, your health and the care we have provided or plan to provide to you.

To facilitate the acquisition of wound care products, supplies or treatments, in support of your care.

To meet our obligations to you under Health & Safety Legislation.

We process some of your information for statistical purposes and in these instances, we take strict measures to ensure that you cannot be identified. Examples of this include contractual reporting, business / service development.

We collect and process your information so that we can be paid for the care that we provide to you.

We collect and process your information so that we can communicate with you, to send you appointment reminders.

With your express consent we may retain your contact details if you have attended training courses held by Pioneer. This is for the purpose of updating information and inviting you to attend subsequent course updates.

We may utilise your information for the training and education of other healthcare professionals to enhance their knowledge and skills. We take care to hide your identity when using your information in this way.

We collect and process surveillance camera photographic data to help us keep you and your information safe.

What information we collect about you:

  • basic details about you, such as name, address, date of birth, mobile/home telephone numbers and email address (if provided)
  • details relating to ethnic origin, cultural / religious beliefs
  • details of allergies, special needs, hosiery measurements
  • contact we have had with you such as appointments and home visits
  • notes and reports about your health, physical and mental condition
  • details and records about your treatment and care
  • results of investigations such as x-rays and laboratory test results
  • relevant information from people who care for you and know you well, such as healthcare professionals and relatives
  • accident, incident reporting
  • surveillance camera photographic data

In what format your information is held:

  • paper
  • computer including, electronic patient records, text reminders via diary system
  • Smart Survey including questionnaires, audits, surveys
  • photographs, including printed and digital
  • anonymised database derived by combining data sets
  • encrypted surveillance camera photographic data

The legal basis for collecting and processing information about you includes:

Necessary for Contract: the processing of your information is necessary for the Patient Contract that we hold directly with you as a private patient or our NHS Contract, as commissioned by the Clinical Commissioning Group, of the healthcare professional who referred you to our service

Public Interest: to support education and training for local / national healthcare professionals, via journals, publications and education/training events, we may process your information, to present it in a format that is anonymised so that you cannot be identified

Legitimate Interests: we may process your information to anonymise it, to use for improving services, service planning and business development. You will not be identified where your information is anonymised. We manage your information to allow us to charge for the care that we provide to you. We use your information to communicate with you about your booked appointments. The use of surveillance cameras supports the well-being of visitors to our Eastbourne clinic, supports our efforts to keep your information secure whilst helping us to maintain business continuity.

Legal Obligations: we collect and process your information to meet our legal obligations for records management, including archiving your information, held in your patient record. We collect and process your information to meet our legal obligations to Health & Safety Legislation

How your information is used:

  • to provide a good basis for any treatment or advisory services we provide to you
  • to make sure your treatment is safe and effective and the advice we provide is appropriate and relevant to you
  • to work effectively with others providing you with treatment or advice
  • to facilitate the acquisition of wound care products, supplies or treatments in support of your care
  • to facilitate text appointment reminders being sent to your personal mobile phone
  • to charge for the care provided to you
  • to properly investigate your concerns if you raise a complaint
  • to provide feedback to improve the services we offer
  • to invite you to relevant training courses relevant to courses you have previously attended with us
  • to provide anonymised statistics in support of business development and service improvements
  • to provide anonymised information to support reporting for NHS Contracts, including for the purpose of charging for our service
  • to provide information to regulatory authorities, including Care Quality Commission; https://www.cqc.org.uk/about-us/our-policies/privacy-statement
  • to support internal audits as required by regulatory authorities
  • to ensure we meet legal obligations in relation to records management
  • in the event of an incident within a 3rd party premises, (such as a satellite clinic), we may require to share your information with a 3rd party to ensure we meet legal obligations in relation to Health & Safety legislation during combined investigations
  • to support local / national training and education of other healthcare professionals
  • to assist law enforcement to deal with criminal activities 

How we keep your information safe: 

  • by providing Information Governance Awareness Training annually for all of our staff
  • by ensuring robust Information Governance Security measures are in place
  • we undertake regular Information Governance Security Audits
  • we undertake annual Information Governance Compliance Audit / Training
  • we adhere to the legislation including the Human Rights Act (1998) and the Common Law Duty of Confidentiality
  • adherence to the Data Security & Protection Toolkit, formerly Information Governance Toolkit
  • by committing to Data Quality supported through training and annual audits
  • through our commitment to the Records Management Policy
  • by encrypting our surveillance camera photographic data

When we might share information about you:

Your information is kept secure and only shared on a ‘need to know’ basis. Limited and proportional sharing may occur with:

  • healthcare professionals (such as doctors, nurses, pharmacists, physiotherapists and occupational therapists, for example)
  • 3rd party premises management for non Pioneer managed sites
  • suppliers of wound dressings, hosiery, treatments
  • administrative support staff, including accountants
  • healthcare students in training
  • pathology and radiology staff involved in the analysis and reporting of diagnostic tests
  • staff conducting local clinical audits to evaluate the care provided to you
  • authorised personnel from visiting regulatory authorities, including the Care Quality Commission, The Health & Safety Executive
  • Insurance Company(s) associated with company benefits, employers and public liability insurance, medical malpractice cover

We may also share your information with your consent and subject to strict sharing protocols about how it will be used, with:

  • social services
  • education services
  • local authorities
  • voluntary sector providers

We may also share your information with your consent with others that need to use records about you to:

  • check the quality of treatment or advice we have given you
  • protect the health of the general public
  • manage the health service
  • help investigate any concerns or complaints you or your family have about your health care

Pioneer WHLC Ltd Website:

  • We use reasonable, organisational, technical and administrative measures to protect personal information under our control. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
  • Our website may include links to third-party websites. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Cookies:

You can view our full cookies policy at https://www.pioneer-whlc.org/cookies-policy 

When we might share information about you:

Your information is kept secure and only shared on a ‘need to know’ basis. Limited and proportional sharing may occur with:

  • healthcare professionals (such as doctors, nurses, pharmacists, physiotherapists and occupational therapists, for example)
  • 3rd party premises management for non Pioneer managed sites
  • suppliers of wound dressings, hosiery, treatments
  • administrative support staff, including accountants
  • healthcare students in training
  • pathology and radiology staff involved in the analysis and reporting of diagnostic tests
  • staff conducting local clinical audits to evaluate the care provided to you
  • authorised personnel from visiting regulatory authorities, including the Care Quality Commission, The Health & Safety Executive
  • Insurance Company(s) associated with company benefits, employers and public liability insurance, medical malpractice cover

We may also share your information with your consent and subject to strict sharing protocols about how it will be used, with:

  • social services
  • education services
  • local authorities
  • voluntary sector providers

We may also share your information with your consent with others that need to use records about you to:

  • check the quality of treatment or advice we have given you
  • protect the health of the general public
  • manage the health service
  • help investigate any concerns or complaints you or your family have about your health care

There may be times when we need to share your information without your consent, for example:

  • where there is a risk of harm to you or other people
  • where we believe that the reasons for sharing are so important that they override our obligation of confidentiality (for example, to support the investigation and prosecution of offenders or to prevent serious crime)
  • where we have been instructed to do so by a Court
  • where we are legally required to do so
  • to control infectious diseases such as meningitis, tuberculosis (TB) or measles
  • if you are subject to the Mental Health Act (1983), there are circumstances in which your 'nearest relative' must receive information even if you object

The national data opt-out is a service that enables the public to register to opt out of their confidential patient information being used for purposes beyond their individual care and treatment; patients can change their national data opt-out choice at any time.

To find out more visit: https://www.pioneer-whlc.org to view the National Data Opt-out Statement or https://www.nhs.uk/your-nhs-data-matters/

Your rights:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

We are bound both by law and a strict code of confidentiality. In accordance with NHS guidance, Pioneer has appointed a Caldicott Guardian; a senior member of staff responsible for protecting the confidentiality of patient and service user information and enabling appropriate information sharing.

In addition, we have appointed a Data Protection Officer (DPO) who is responsible for ensuring Pioneer adheres to the Data Protection Act 2018 (UK GDPR).  The DPO ensures that we are registered with the Information Commissioner’s Office (ICO).

Our ICO Registration Reference is ZA101854

How does this affect you:

You can be confident that we are adhering to the regulations and laws that apply to us about how we manage your information. You should know that anyone who receives your information from us also has a legal duty to keep it confidential.

If you wish to discuss the management of your information, discuss your rights under the Data Protection Act 2018 and the provisions of UK GDPR or would like to view the Pioneer Data Protection Impact Assessment then please contact the Governance Officer:

Ishbel Forrester

Governance Officer
Pioneer Wound Healing
& Lymphoedema Centres
Wish Tower House
1c Edward Road
Eastbourne
East Sussex BN23 8AS

Telephone: 01323 735588