Privacy Policy

Mr Michael Gaunt MD (Dist), MA Cantab, FRCS

Consultant Patient Privacy Notice

Executive summary

  • As your treating clinician and therefore custodian of personal information relating to your medical treatment, I must only use that information in accordance with all applicable law and guidance. This Privacy Notice provides you with a detailed overview of how I will manage your data from the point at which it is gathered and onwards, and how that complies with the law.  I will use your personal information for a variety of purposes including, but not limited to, providing you with care and treatment, sharing it with other medical professionals and research/clinical audit programmes.

 

  • In addition, you have a number of rights as a data subject. You can, for instance, seek access to your medical information, object to me using your information in particular ways, request rectification of any information which is inaccurate or deletion of information which is no longer required (subject to certain exceptions).  This Privacy Notice also sets out your rights in respect of your personal information, and how to exercise them.In addition, you have a number of rights as a data subject. You can, for instance, seek access to your medical information, object to me using your information in particular ways, request rectification of any information which is inaccurate or deletion of information which is no longer required (subject to certain exceptions).  This Privacy Notice also sets out your rights in respect of your personal information, and how to exercise them.

 

  • For ease of reference, this Notice is broken into separate sections below with headings which will help you to navigate through the document.

Introduction

  • This Privacy Notice sets out details of the information that I, as a clinician responsible for your treatment (and including my medical secretaries), may collect from you and how that information may be used. Please take your time to read this Privacy Notice carefully.

About me

  • In this Privacy Notice I use “I” or “mine” or “my” to refer to me as the clinician who is using your personal information.

 

  • In the event that you have any queries, comments or concerns in respect of the manner in which I have used, or potentially will use, your personal information then you should contact me directly and I would be happy to discuss further : Telephone 01223 603478 or 01223 603479 or 01223 603480 or email me at megsecretaries@michaelgaunt.com

 

Your personal data

  • I am a Data Controller in respect of your personal information which I hold about you. This will mainly relate to your medical treatment, but will be likely to also include other information such as financial data in relation to billing.  I must comply with the data protection legislation and relevant guidance when handling your personal information, and so must any medical secretary who assists me in an administrative capacity. Your personal data may include any images taken in relation to your treatment which must not only be managed in accordance with the law, this Privacy Notice but also all applicable professional standards including guidance from the General Medical Council and British Medical Association.

 

  • I will provide your treatment from an independent provider (private hospital) and, in due course, it may be necessary for that independent provider to also process your personal data. I will do so in accordance with the law, the principles of this Privacy Notice and to the extent that it is necessary to do so.  This could be where the independent provider needs to arrange other healthcare services as part of your treatment, such as nursing or dietician advice, or support other aspects of the treatment which I provide to you.  In that case, the independent provider will become a joint Data Controller in respect of your personal information and you will be able to request a copy of their Privacy Notice which sets out how they will manage that information.

 

  • Your personal information will be handled in accordance with the principles set out within this Privacy Notice. This means that whenever I use your personal data, I will only do so as set out in this Privacy Notice. From time to time, I may process your personal information at a non-independent provider site (medical or non-medical), as may my medical secretary.

What personal information do I collect and use from patients?

  • I will use “special categories of personal information” (previously known as “sensitive personal data”) about you, such as information relating to your physical and mental health.

 

  • If you provide personal information to me about other individuals (including medical or financial information) you should inform the individual about the contents of this Privacy Notice. I will also process such information in accordance with this Privacy Notice.

 

  • In addition, you should note that in the event you amend data which I already hold about you (for instance by amending a pre-populated form) then I will update our systems to reflect the amendments. Our systems will continue to store historical data.

 

Personal information

  •  As one of my patients, the personal information I hold about you may include the following:
  1. Name
  2. Contact details, such as postal address, email address and telephone number (including mobile number)
  3. Financial information, such as insurance policy details
  4. Occupation
  5. Emergency contact details, including next of kin
  6. Background referral details

 

Special Categories Personal Information

  •  As one of my patients, I will hold information relating to your medical treatment which is known as a special category of personal data under the law, meaning that it must be handled even more sensitively. This may include the following:
  1. Details of your current or former physical or mental health, including information about any healthcare you have received from other healthcare providers such as GPs, dentists or hospitals (private and/or NHS), which may include details of clinic and hospital visits, as well as medicines administered. I will provide further details below on the manner in which I handle such information.
  2. Details of services you have received from me
  3. Details of your nationality, race and/or ethnicity
  4. Details of your religion
  5. Details of any genetic data or biometric data relating to you
  6. Data concerning your sex life and/or sexual orientation

 

  • The confidentiality of your medical information is important to me, and I make every effort to prevent unauthorised access to and use of information relating to your current or former physical and mental health (or indeed any of your personal information more generally). In doing so, I will comply with UK data protection law, including the Data Protection Act 2018 and all applicable medical confidentiality guidelines issued by professional bodies including, but not limited to, the General Medical Council and the Nursing and Midwifery Council.

 

  • From 25 May 2018, the current Data Protection Act will be replaced by the EU General Data Protection Regulation (GDPR) and a new Data Protection Act. All uses of your information will comply with the GDPR and the new Data Protection Act from that date onwards.

 

How do I collect your information?

  •  I may collect personal information from a number of different sources including, but not limited to:
  1. GPs
  2. Dentists
  3. Other hospitals, both NHS and private
  4. Mental health providers
  5. Commissioners of healthcare services
  6. Other clinicians (including their medical secretaries)

 

Directly from you

  •  Information may be collected directly from you when:
  1. You enter into a contract with me or an independent provider for the provision of healthcare services
  2. You use those services
  3. You complete enquiry forms on the independent provider website
  4. You submit a query to me including by email or by social media
  5. You correspond with me by letter, email, or telephone

 

From other healthcare organisations

  •  My patients will usually receive healthcare from other organisations, and so in order to provide you with the best treatment possible I may have to collect personal information about you from them. These may include:
  1. Medical records from your GP
  2. Medical records from other clinicians (including their medical secretaries)
  3. Medical records from your dentist
  4. Medical records from the NHS or any private healthcare organisation
  • Medical records include information about your diagnosis, clinic and hospital visits and medicines administered.