Data Privacy Notice
Alexin Healthcare CIC
Your personal data – what is it?
Personal data relates to an individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
Who are we?
Alexin Healthcare CIC is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.
How do we process your personal data?
Alexin Healthcare CIC complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes: -
- To enable us to provide a service to our member practices
- To administer membership records;
- To raise the profile of the federation;
- To manage our employees;
- To maintain our own accounts and records (including shareholder records);
- To inform you of news, events, contracts and services run by Alexin Healthcare CIC;
What is the legal basis for processing your personal data?
Explicit consent of the data subject so that we can keep you informed about news, events, contracts and services.
Processing is necessary for carrying out legal obligations in relation employment, shareholder records, or a collective agreement.
Processing is carried out by a not-for-profit organisation: -
- the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes); and
- the processing relates only to employees or former employees (or those who have regular contact with it in connection with those purposes); and
- there is no disclosure to a third party without consent
How do we maintain the confidentiality of your records?
We are committed to protecting your privacy and will only use information collected lawfully in accordance with:
- Data Protection Act 1998 and General Data Protection Regulation 2016
- Human Rights Act 1998
- Common Law Duty of Confidentiality
- Health and Social Care Act 2012
- NHS Codes of Confidentiality, Information Security and Records Management
- Information: To Share or Not to Share Review
Every member of staff who works for an NHS organisation has a legal obligation to keep information confidential.
We will only ever use or pass on information about you if others have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. life or death situations). This decision will be taken by only our designated IG Lead, Jools Roome, email@example.com
Who are our partner organisations?
We may also have to share your information, subject to strict agreements on how it will be used, with the following organisations;
- GP’s (Appendix A)
- NHS Trusts / Foundation Trusts (Appendix B)
- Southern Derbyshire, East Staffordshire & South East Staffordshire & Seisdon Clinical Commissioning Groups
- North of England Commissioning Support Unit & Midlands & Lancashire NHS Commissioning Support Unit
- Derbyshire County Council, Derby City Council & Staffordshire County Council
- Independent Contractors such as dentists, opticians, pharmacists (where applicable, non-current)
- East Midlands Ambulance Service & West Midlands Ambulance Service
- Private Sector Providers
- Voluntary Sector Providers
- Health and Social Care Information Centre (HSCIC)
- Derbyshire & Staffordshire Fire and Rescue Services
- Derbyshire & Staffordshire Police & Judicial Services
- Other ‘data processors’ which you will be informed of
You will be informed who your data will be shared with and in some cases asked for explicit consent.
We may also use external companies to process personal information, such as for archiving purposes. These companies are bound by contractual agreements to ensure information is kept confidential and secure.
Access to personal information
You have a right under the Data Protection Act 1998 to request access to view or to obtain copies of what information the company holds about you and to have it amended should it be inaccurate. In order to request this, you need to do the following:
- There may be a charge to have a printed copy of the information held about you
- We are required to respond to you within 40 days
- You will need to give adequate information (for example full name, address, date of birth, NHS number and details of your request) so that your identity can be verified, and your records located.
Change of Details
It is important that you tell the person treating you if any of your details such as your name or address have changed or if any of your details such as date of birth is incorrect in order for this to be amended. You have a responsibility to inform us of any changes so our records are accurate and up to date for you.
The Data Protection Act 1998 requires organisations to register a notification with the Information Commissioner to describe the purposes for which they process personal and sensitive information.
This information is publicly available on the Information Commissioners Office website www.ico.org.uk
The practice is registered with the Information Commissioners Office (ICO).
How do we monitor compliance with GDPR and other Data Protections Laws?
To assure that Alexin HC is compliant with GDPR and other data protection laws it will publish the Data Protection Policy (this document), with the next review set for July 2020. Alexin Healthcare will ensure there is appropriate awareness raising and training for all employees. Alexin Healthcare with its DPO will conduct an annual audit cycle of training, policies and record keeping. Alexin Healthcare will follow the advice of its DPO in regard to matters raised from these audits.
Who is the Data Protection Officer?
The practice has a designated Data Protection Officer (DPO).
The DPO has an expert knowledge of data protection law and they monitor compliance of the practice with data protection regulations. However, responsibility for compliance remains with the data controller and data processor.
They are able to act independently to assure compliance. The DPO reports to the highest level of management in Alexin Healthcare, the Board. They will co-operate with national supervisory authorities such as the ICO.
The DPO for Alexin Healthcare CIC is Orlando Hampton and his email address is: firstname.lastname@example.org
Should you have any concerns about how your information is managed by the Practice please contact the Head of Operations at the following address:
4th Floor, Laurie House, Colyear Street, Derby, DE1 1LJ
If you are not able to reach a satisfactory resolution with the Head of Operations, you can raise your complaint to the DPO for further review and consideration.
If you remain unhappy following this process by Alexin, you can then complain to the Information Commissioners Office (ICO). www.ico.org.uk, email@example.com, telephone: 0303 123 1113 (local rate) or 01625 545 745
Appendix A – GP Practices
Abbots Bromley Surgery
Aldergate Medical Practice
All Saints Surgery
Alvaston Medical Centre
Appletree Medical Centre
Arthur Medical Centre
Ashbourne Medical Practice
Balance Street Health Centre
Barton Family Practice
Brailsford Medical Practice
Brook Medical Centre
Brooklyn Medical Centre
Carlton Street Surgery
Chapel Street Medical Centre
Chellaston & Melbourne Medical Centre
Crich Medical Practice
Crown Medical Practice
Darwin Medical Practice
Derby Family Medical Centre
Derwent Medical Centre
Derwent Valley Medical Centre
Dove River Practice
Dr Khare's Surgery
Dr Vijie's Surgery
Friar Gate Surgery
Gordon Street Surgery
Gresleydale Healthcare Centre
Hannage Brook Medical Centre
Haven Medical Practice
Heartwood Medical Practice
Heathview Medical Centre
Ivy Grove Surgery
Jessop Medical Practice
Kelvingrove Medical Practice
Langton Medical Group
Laurel House Surgery
Lister House Chellaston
Lister House Surgery
Macklin Street Surgery
Mickleover Medical Centre
Mill View Surgery
North Gate Surgery
Overdale Medical Practice
Park Farm Medical Centre
Park Lane Surgery
Park Medical Practice
Peartree Medical Centre
Peel Croft Surgery
Peel Medical Practice
Salters Meadow Health Centre
Somercotes Medical Centre
Stapenhill Medical Centre
Trent Meadows Medical Practice
Tri-links Medical Practice
Vernon Street Medical Centre
Wellbrook Medical Centre
West Hallam Medical Centre
Wetmore Road Surgery
Whitemoor Medical Centre
Winshill Medical Centre
Yoxall Health Centre
Appendix B – NHS Trusts
University Hospitals of Derby & Burton
Samuel Johnson Community Hospital
Sir Robert Peel Hospital
The content of this website is the copyright of Alexin Healthcare unless stated otherwise. You may only download material for your personal use, private study, research or in-house use. You must not copy, distribute or publish any material from this website unless formal permission is obtained from the copyright holder.
**The following images on this site (Poppies- IMG_0537, Windmill - IMG_1486, Woodland -116, University stairs - DSCN0072, Bicycles - DCFS2908, Wellies - DSCF6003, TreeIMG_4859) are the copyright of Samantha Brickman and may not be copied or used for any purposes, commercial or otherwise, without her permission.
For more details on her work please contact Jools at firstname.lastname@example.org who will pass on your comments and emails.
While we have tried to compile accurate information on this site - and to keep it updated we cannot guarantee that it is 100% complete or correct.
The information provided on this site does not constitute professional advice and is subject to change.
Links from this website are only provided for your information and convenience.
We cannot accept responsibility for the linked sites available through www.alexinhealthcare.co.uk or the information found on them. A link does not imply we endorse a particular site. Neither does not linking a site imply lack of endorsement.
We cannot guarantee uninterrupted access to this website, or the sites it links to. We cannot accept responsibility for any damages, which arise from the loss of use of this information.