If you have any questions about this policy write to: The Roxton Practice, Pilgrim Primary Care Centre, Pelham Road, Immingham, N.E Lincolnshire, DN40 1JW
We gather and use certain information about individuals in order to provide healthcare services and to enable certain functions on this website.
We also collect information to better understand how visitors use this website and to present timely, relevant information to them.
We collect different types of information for various purposes to provide and improve our service to you.
While using our website, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Cookies and Usage Data
We do not store any personal medical data on this website. All of the information that you enter on the form is sent by email to a secure NHS mail account. Only your surgery has access to this email account. The data is then transferred to your medical notes and stored there. All data that you enter onto a form on our website is immediately deleted as soon as it is sent to your practice’s NHS mail account.
We may also collect information how the website is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking & Cookies Data
A “cookie” is a small text file that’s stored on your computer, tablet or phone when you visit a website.
Some cookies are deleted when you close down your browser. These are known as session cookies. Others remain on your device until they expire or you delete them from your cache. These are known as persistent cookies and enable us to remember things about you as a returning visitor.
- Monitor your use on our website and gather analytics to help us improve your browsing experience
- Remember your preferences to personalise your visit
- Identify whether you are signed in to our website
- Personalise our website and display information relevant to you
- Help us improve the usability of our website
Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.
Cookies on this website
|_ga||Used to distinguish users.||2 years from set/update.|
|_gat||Used to throttle request rate.||10 minutes from set/update.|
|_dc_gtm||Used to help identify the visitors by either age, gender, or interests.||10 minutes from set/update.|
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
How we use this data
Direct Care and Administrative Purposes
All health and adult social care providers are subject to the statutory duty to process information about a patient for their direct care. This would also include
• Preventive or occupational medicine,
• Medical diagnosis,
• The provision of health care or treatment,
• The provision of social care, or
• The management of health care systems or services
• Waiting list management
• Performance against national targets
• Local clinical audit
• Patient feedback and service improvement
The lawful basis for processing personal information is: 6(1)(e) ‘…for the performance of a task carried out in the public interest or in the exercise of official authority…’
The lawful basis for processing personal data is: 9(2)(h) ‘…medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems…’
Some members of society are recognised as needing protection, for example children and vulnerable adults. If a person is identified as being at risk from harm we are expected as professionals to do what we can to protect them. In addition we are bound by certain specific laws that exist to protect individuals. This is called “Safeguarding”.
Where there is a suspected or actual safeguarding issue we will share information that we hold with other relevant agencies whether or not the individual or their representative agrees. The purpose of the processing is to protect the child or vulnerable adult.
The lawful basis for processing personal information is: 6(1)(c) ‘…necessary for compliance with a legal obligation…
The lawful basis for processing personal data is: 9(2)(b) ‘…is necessary for the purposes of carrying out the obligations and exercising the specific rights of the controller or of the data subject in the field of …social protection law in so far as it is authorised by Union or Member State law..’
- This sharing is a legal and professional requirement and therefore there is no right to object.
- The data will be shared with local safeguarding services
Controlling your data
When you fill in a form or provide your details on our website, you will see one or more tick boxes allowing you to:
- Opt-in to receive communications from us by email, telephone, text message or post
- Opt-in to receive communications from our third-party partners by email, telephone, text message or post
If you have agreed that we can use your information to signpost you to other NHS services you can change your mind easily, via one of these methods:
- Send an email to firstname.lastname@example.org
- Write to us at: The Roxton Practice, Pilgrim Primary Care Centre, Pelham Road, Immingham, N.E Lincolnmailto:email@example.com, DN40 1JW
We will not sell, distribute or lease your personal information to third parties unless we have your permission.
However, there are special situations in which we may need to share access to your Personal Information without your explicit consent. For example;
- To comply with a legal obligation
- To prevent or investigate possible wrongdoing in connection with the website
- To protect the personal safety of users of the website or the public
- To protect against legal liability
You may request details of personal information which we hold about you under the Data Protection Act 2018. If you would like a copy of the information held on you please write to: The Roxton Practice, Pilgrim Primary Care Centre, Pelham Road, Immingham, N.E Lincolnshire, DN40 1JW
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We also follow stringent procedures to ensure we work with all personal data in line with the Data Protection Act 2018.
We protect your information in the following ways:
Staff are trained to understand their duty of confidentiality and their responsibilities regarding the security of patient information both on our premises and when out in the community. Staff must undertake annual mandatory training in information governance and data security awareness.
All NHS providers are required to complete an annual assessment of compliance with Data Protection and Security. Details of the assessments can be found here. https://www.dsptoolkit.nhs.uk/organisationsearch
Any member of staff being given access to national systems holding patient information will need a special access card called a smartcard, along with a username and password. Many of our local systems also require smartcard access.
We keep a record in the newer electronic record systems of anyone who has accessed a health record or added notes to it. Some of the older computer systems only record who has amended a record.
If you believe your information is being viewed inappropriately we will investigate and report our findings to you. If we find that someone has deliberately accessed records about you without permission or good reason, we will tell you and take action. This can include disciplinary action, or bringing criminal charges.
All healthcare records are stored confidentially in a secure location.
Within each NHS organisation there is a designated person named the ‘Caldicott Guardian’ whose responsibility it is to ensure that these laws are upheld.
Links from our site
Our website may contain links to other websites.
Please note that we have no control of websites outside the roxtonportal.co.uk domain. If you provide information to a website to which we link, we are not responsible for its protection and privacy.
Always be wary when submitting data to websites. Read the site’s data protection and privacy policies fully.