Book An Appointment 
0300 303 9966

Privacy Policy

Provide Wellbeing Limited โ€“ Your Information, Your Rights

This Privacy Notice describes what information we collect and hold about you, how we use it, who can access it and your rights with regards to accessing your information.

Who are we?

From 15th March 2022, Tollgate Clinic Ltd will be known as Provide Wellbeing Ltd, part of the Provide CIC Group.

Provide Wellbeing Ltd is registered with the Information Commissionerโ€™s Office (ICO) to process personal and special categories of information under the Data Protection Act and our registration number is Z2525693.

Why we keep personal information about you

We aim to provide you with the highest quality care. To do this, we must keep records about you and the care we provide for you.

Our staff are trained to handle your information correctly and protect your privacy. We aim to maintain high standards, adopt best practice for our record keeping and regularly check and report on how we are doing.

NHS patients

We do not collect your information for direct marketing purposes unless you specifically opt-in, and your data is not sold on to any other third parties. Your information is not processed overseas.

Electronic health records are accessed by use of an NHS Smartcard which are issued to our staff under strict NHS protocols. Any access by our staff to your health records is fully audited.

Information is held for specified periods of time as set out in the Records Management Code of Practice for Health and Social Care.

Non-NHS Patients

Your information will be processed safely and securely within our secure infrastructure. Your data will be stored securely within approved systems hosted by accredited and authorised vendors within the UK. Only authorised individuals will be granted access to your information. If for any reason your data needs to be processed outside the UK/EEA we will ensure that the processing is legal and that the appropriate safeguard is put in place in accordance with the UK GDPR.

How do we collect information about you?

We collect information about you in a number of ways:

Information You Tell Us โ€“ Some of our services accept self-referrals which means that you can contact us directly to arrange an appointment and do not need to be referred by your G.P. You will be asked for certain information when you contact us to enable us to book you an appointment and to be able to provide appropriate care. You may also be asked to complete a form when you come in for your appointment so that we have relevant information to be able to help you. We may also seek your opinion on our services through our customer surveys.

Information Others Tell Us โ€“ Where you are referred to us from another health care professional, for example your GP, they will share relevant information about the care you have received from them to enable us to provide effective and safe care to you. All our NHS patient data is recorded on SystmOne which is used widely across the NHS and care organisations to maintain accurate medical records about you. You can choose which other organisations involved in your care can view your full medical record. Speak to your GP to set your choice or you can set them yourself using SystmOne. For more information please visit https://systmonline.tpp-uk.com/2/help/help.html.

The NHS Personal Demographics Service โ€“ When we register you to receive care from one of our NHS services, we receive information from the NHS Personal Demographic service. The Personal Demographics Service (PDS) is the national electronic database of NHS patient details such as name, address, date of birth and NHS Number (known as demographic information). This is to ensure that the information we hold about you is accurate and up to date and to ensure that you are entitled to receive NHS Care.

NHS Summary Care Record โ€“ To support you and provide high quality and safe health care it may very occasionally be necessary to access your NHS Summary Care Record. The NHS Summary Care Record is an electronic summary of key clinical information (including medicines, allergies and adverse reactions) sourced from your G.P Record. We will discuss this with you should the need arise to access this and will only do so this with your permission, unless another legal reason to access applies (please see below)

Cookies โ€“ Cookies are small text files placed on your computer when you use a website. They help us collect standard internet log information and visitor behaviour information during your visit to the website. Where we use non-essential cookies that may collect some of your personal information, we will ask for your consent before we use the cookies. You have a right to withdraw your consent for us to use non-essential cookies. For more details of the cookies we use please see our cookie policy.

What Information do we keep about you?

The information we hold may include:

  • Basic details, such as your name, address and next of kin.
  • Contact information such as telephone numbers and email addresses
  • Contacts we have had with you, such as clinic visits.
  • Notes and reports about your health and any treatment or care you needed.
  • Details about your treatment and care.
  • Results of tests that may have been undertaken on our behalf as part of your care (i.e. Nerve Conduction Studies, Post Vasectomy Semenology Test, Biopsies)
  • Unless you authorise us to, we donโ€™t access your health records information from other health professionals, relatives or those who care for you.
  • If you are paying us for your services, then we will take payment through a PCI compliant provider
  • Your opinions through our Customer surveys and Complaints & Compliments process if you chose to identify yourself
  • Marketing permissions (self-pay only) with your consent

We create and hold your records electronically and sometimes in hard copy where necessary. We may also hold paper records from previous contacts with you. Any records we hold about you are held securely and are only accessible to those who are involved in your care or have a legitimate need to access.

All of our staff and contractors receive appropriate and on-going training to ensure they are aware of their personal responsibilities and have contractual obligations to uphold confidentiality, enforceable through disciplinary procedures. Staff only have access to personal information where it is appropriate to their role and is strictly on a need-to-know basis.

How do we use your information?

Information collected about you to deliver your health care may also be used to assist with:

  • Making sure your care is of a high standard.
  • Using statistical information to look after the health and wellbeing of the general public and planning services to meet the needs of the population.
  • Assessing your condition against a set of risk criteria to ensure you are receiving the best possible care.
  • Helping train staff and support research.
  • Supporting the funding of your care.
  • Reporting and investigation of complaints, claims and untoward incidents.
  • Reporting events to the appropriate authorities when we are required to do so by law.
  • Improving the quality of services.
  • Sending updates on our services (with your consent).
  • Processing payments/refunds.

If your treatment is being funded by the NHS then the legal basis for the processing of data for these purposes is that as a provider of NHS care we have a public duty to care for our patients, as guided by the Department of Health and Data Protection law says it is appropriate to do so for health and social care treatment of patients, and the management of health or social care systems and services.

There may also be situations where we are under a duty to share your information. We are required by law to report certain information to the appropriate authorities. Occasions when we must pass on information include: Notification of new births, infectious diseases that may endanger others, such as meningitis and measles (but not HIV/AIDS), where a formal court order has been issued and sharing with the Care Quality Commission (CQC) to inspect the quality and safety of the care that we provide. We may also have to share your information when it is absolutely necessary for the prevention or detection of crime or prosecution of offenders or where there are serious risks to the public or our staff.

If you are funding your own treatment then the legal basis may primarily be that the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.

If we send you marketing communications then the legal basis is consent. If you no longer wish to receive marketing updates from us, please contact us by email to provide.wellbeing@nhs.net, with unsubscribe as the email subject.

Who can see your information?

Your information is only accessible to those involved in your care (clinical staff) or administration. Administrative staff include receptionists who check patients in for clinics and staff who assist with the administration of our clinics/ services (for example typing up letters and reports). These members of staff are bound by the same rules of confidentiality as our clinical staff.

Organisations that we may share information with:

  • General Practitioners
  • NHS Hospitals & Clinics
  • Also, Subject to Strict Protocols : Education Services, Local Authority Services, Private Sector Providers, Childrenโ€™s Centreโ€™s, Commissioners of our Services, the Department of Health, the Family Health Service Authority (FHSA) and the Health Protection Agency
  • Organisations who supply us with services (tests) that may have been undertaken on our behalf as part of your care (i.e. Nerve Conduction Studies, Post Vasectomy Semenology Test, Biopsies)
  • Organisations who provide us with services that help support the care we provide, for example providers of information systems and necessary business applications. Information shared in these instances will be limited to the minimum data necessary to fulfil the service provided and strict access controls will be put in place.
  • Third parties to whom we may choose to sell, transfer or merge parts of our organisation or assets. If a change of ownership happens to our organisation or to a service contract then we may share or transfer your personal data to the new owners or service provider who are obliged to process your data with the same level of protection set out in this privacy notice.

We will only share information with those who have a legitimate right to know.

How long do we keep your data?

NHS Patients;- Information is held for specified periods of time as set out in the Records Management Code of Practice for Health and Social Care.

Self Pay Patients:- we only keep your data for as long as we need to use it. This will depend on the service we are providing. There may also be legal requirements to retain your data for a certain length of time.

Your Rights

If we need to use your personal information for any reasons beyond those stated above, we will discuss this with you and ask for your permission to do so where you will have the option to agree or disagree. This is known as explicit consent. Data Protection laws gives individuals rights in respect of the personal information that we hold about you. These are:

To ask for access to your information

To ask for your information to be corrected if it is inaccurate or incomplete.

To ask for your information to be deleted or erased. Please note that this does not apply to your health or care record, or where we process information for public health or scientific research purposes.

To ask us to restrict the use of your information in some circumstances.

To request your personal information to be transferred to other providers on certain occasions.

Object to the use of your personal information: In certain circumstances you may also have the right to โ€˜objectโ€™ to the processing (e.g. sharing) of your information where the sharing would be for a purpose beyond your care and treatment (e.g. as part of a local/regional data sharing initiative). You can also stop your personal information from being used for research and planning via the opt-out initiative. This โ€˜Data Opt-outโ€™ initiative, developed by Dame Caldicott, commenced in May 2018 and all Health and Care organisations must comply by 30th September 2021. Further information can be found on the following website: https://digital.nhs.uk/national-data-opt-out.

All requests for any of the above should be made to the Data Protection Lead.

  • by telephone on 0300 3039966
  • by email: provide.wellbeing@nhs.net
  • or in writing 145 London Road, Stanway, Colchester, Essex, CO3 8NZ

Should you wish to lodge a complaint about the use of your information, please contact our General Manager

  • by telephone on 0300 3039966
  • by email: provide.wellbeing@nhs.net
  • or in writing 145 London Road, Stanway, Colchester, Essex, CO3 8NZ

You may also contact our Group Data Protection Officer, John Adegoke

  • by email: john.adegoke@nhs.net
  • or in writing: Provide CIC, 900 The Crescent, Colchester Business Park, Colchester, Essex C04 9YQ

If you are still unhappy with the outcome of your enquiry you can write to: The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF โ€“ Telephone: 0303 123 1113 or 01625 545700

This policy was last reviewed on 25 May 2022

Who we are

Our website address is: https://provideasd.wpengine.com.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitorโ€™s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

SPEAK TO US TODAY
0300 303 9966
to talk to one of our team about booking up an appointment.
Book An Appointment
Start your journey towards further support.
Get in touch with one of our dedicated team.
Get In Touch
Registered address: 900 The Crescent, Colchester Business Park, Colchester, Essex, CO4 9YQ. Registered in England and Wales No. 05843096.
Provide Wellbeing Limited. 2023. All rights reserved.
A Mackman Group collaboration - market research by Mackman Research | website design by Mackman
Resource Centre