This policy explains how we use your personal data for our healthcare services provided at the events we cover.
This policy covers:
If you have any further questions about how we process your information, or you would like to make a data access request, please do not hesitate to get in touch by contacting our data protection officer Dataprotection@acutemedics.co.uk
Who are We?
Acute Medics Limited (Acute Medics) is a private medical provider specialising in pre-hospital event medicine.
26 Deri Avenue, Pencoed. Bridgend. CF35 6TU
How we collect personal data
When you receive treatment and/or care by a member of our staff you will be asked to provide basic information about yourself including:
Date of birth
Contact telephone number
Next of kin name and contact telephone number
Health and medical information
In addition to the above the clinician treating you will ask if you have any medical conditions and/or any medications (both prescription and over the counter) that you take on a regular basis. This is to ensure that the clinician is well informed of any conditions that may impact their assessment of you and ensure that the treatment provided is in line with best practice.
This information can only be provided by yourself (parent/guardian)
What we use your personal data for
We obtain and use your medical information because this is necessary for medical purposes, including medical treatment and the provision of healthcare or treatment. This includes the information collected through your contact with our medical team that will be recorded on a patient report form (of which you may request a copy).
Where necessary, we may need to share personal data for the purposes of crime prevention.
We will store your medical information electronically in a secure server.
All our patient report forms will be kept for 10 years following your interaction with one of our clinicians. Strict confidentiality and data security provisions will apply at all times to any such audit and access. We hold you data as we may need to review your information and, where necessary, make disclosures in compliance with reasonable requests by regulatory bodies including the Health and Care Professionals Council, MHRA, and Care Quality Commission, or as otherwise required by law or regulation.
For safety, regulatory and/or compliance purposes, we will audit your interactions with our service. Strict confidentiality and data security provisions will always apply to any such audit and access.
We may share your personal data with other health care professionals where your care needs to continue with an NHS organisation (such as a hospital or NHS Ambulance Service). This will be done with you present. Acute Medics will not share your personal data without your consent. This may include sharing information with such services for safeguarding purposes in accordance with our legal obligations.
We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of our services or the physical safety of any person.
Except as described above, we will never share your personal information with any other party without your consent.
We retain your medical records in accordance with national best practice guidance - in particular, advice provided by the Department of Health (2006) Records management: NHS code of practice, and summary guidance issued by the British Medical Association. The below is a summary of our retention procedure:
Patient Report Forms
Patient report forms retained for 10 years after death or after the patient has permanently left the country unless the patient remains in the European Union.
Clinical audit records
5 years – anonymised
DATA STORAGE, SECURITY AND TRANSFERS
We store all your personal health data on secure servers. We do not email your personal date to anyone including other members of our company. In the event that a third party requires your information for litigation purposed for example, the information will be sent via an encrypted email service or approved courier service.
You have specific rights under the GDPR and DPA to:
Withdraw that consent at any time to us processing our data. You can do this by contacting the company using the details above.
Understand and request a copy of information we hold about you.
Ask us to rectify or erase information we hold about you, subject to limitations relating to our obligation to store medical records for prescribed periods of time.
Ask us to restrict our processing of your personal data or object to our processing.
Ask for your data to be provided on a portable basis
You may also contact the Information Commissioners Office (the data protection regulator in the UK):
Information Commissioner's Office
Telephone: 0303 123 1113