Oakhaven Care privacy policy
Oakhaven is committed to maintaining the accuracy, confidentiality and security of your personal information. This Privacy Notice describes the personal information that we collect from or about you, how we use it and to whom we disclose that information.
Contents
What Personal Information Do We Collect?. 2
Where do we get information about you from?. 2
Why Do We Collect Personal Information?. 3
How Do We Use Your Personal Information?. 3
What is our legal basis for collecting your data?. 3
When Do We Share Your Personal Information?. 4
Who are our partner organisations?. 4
Can my information be used for any other reason?. 5
How your records are stored.. 5
How is Your Personal Information Protected. 5
How Long is Your Personal Information Retained?. 6
Updating Your Personal Information.. 6
Right of Access to Your Personal Information. 6
Can we use your information for marketing our products and services?. 8
Changes to this privacy notice.. 8
Who we are
Oakhaven Care. Reg No: 08409572. Registered office: Lower Pennington Lane, Lymington, Hampshire, SO41 8ZZ.
We are committed to protecting your privacy and will only use personal data that we collect in line with all applicable laws, including the General Data Protection Regulation (GDPR). In this Notice, “We”, “Us” and “Our” means Oakhaven Hospice. “You” means the service user, family member and others that the service users identifies as important to them. We are committed to maintaining the accuracy, confidentiality and security of your personal information. Data protection law provides you with a right to be informed about the processing of your personal information. This Notice describes the personal information that we collect from or about you, and how we use and to whom we disclose that information.
Where it is appropriate to the delivery of the service and in accordance with our contract with you or as required by law, we may also prescribe additional purposes and longer retention periods to those set out below.
Who is responsible?
The person responsible for the personal information about you which we collect (the “data controller”) is Oakhaven.
What Personal Information Do We Collect?
We use a combination of electronic and paper records and working practices and technology to ensure that your information is kept confidential and secure. Records which Oakhaven hold about you may include the following information.
- Your name, age, contact details and next of kin
- Details of your referrals, appointments, telephone calls, clinic visits etc.
- Records about your symptoms and concerns, illnesses, medications, treatment and care
- Results of investigations, like laboratory tests, x-rays, etc.
- Information from other health professionals, relatives or those who care for you
We may also collect, store and use the following “special categories” of more sensitive personal information:
- Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions.
Where do we get information about you from?
In additional to the information that you, your family and any carers give to us, we often obtain information from:
- The professional referring you to our service
- Records of investigations (e.g. imaging, biopsy and blood results), clinic letters and discharge summaries available electronically from local hospitals via their secure electronic information systems (e.g. SystmOne)
- Other professionals already involved in, or who can give help and advice about, your care.
Why Do We Collect Personal Information?
To support your care, health professionals maintain records about you. We take great care to ensure your information is kept securely, that it is up to date, it is accurate and used appropriately. All Oakhaven staff are fully trained to understand their legal and professional obligations to protect your information and will only look at your information if they need to. They will only look at what they need to in order to do things like arrange to visit you, give palliative care advice, provide you with care and if necessary, refer you on to other services. Your care will sometimes be discussed with colleagues within the service to ensure that your care is co-ordinated and/or to obtain further advice from other team members (e.g. doctors, occupational therapists, pharmacists, physiotherapists, psychologists, nurse specialists, dieticians, chaplains, social workers, patient equipment and transport services etc).
We record names and contacts details about your family members, carers and others that you identify as important to you in order to:
- Keep them informed of changes in your situation (unless you ask us not to)
- Involved them in planning that might affect them as well as you (e.g. if we were arranging for health or other professionals to visit you at home, or for equipment to be delivered)
- Offer support, including emotional and psychological support, if needed
- Offer bereavement support and attendance at remembrance events if you were to die
How Do We Use Your Personal Information?
We may use your personal information for the purposes described in this Policy, or for any additional purposes that we advise you of and, where your consent is required by law, where we have obtained your consent in respect of the use or disclosure of your personal information.
We may use your personal information without your knowledge or consent where we are permitted or required by law or regulatory requirements to do so.
What is our legal basis for collecting your data?
Oakhaven justifies collecting your data under the legal bases:
- Consent – we will ask for your consent when it is needed for specific medical procedures or treatments.
- Vital interests – we process your data where it is necessary to protect your life, such as in emergency medical situations.
- Legal obligation – we process your data where required to comply with a legal duty, such as reporting certain health conditions, safeguarding requirements, or regulatory obligations.
- Legitimate interests – our staff may require access to certain information to perform their roles effectively, if this does not override your rights and freedoms.
When Do We Share Your Personal Information?
We will only use or pass on information about you to other health professionals to support your care. If we feel that it is in your best interests to share your information with someone else e.g. Social Care or a Voluntary Organisation that could support you, we will ask your permission to do so. Everyone who has access to your information is required by Law to keep it confidential. We will not disclose your information to anyone else without your permission unless in exceptional circumstances e.g.:
- safety was at risk (e.g. risk of suicide, concern for the safety of a child, yourself or another adult etc) or if we were required to share information by law (e.g. a notifiable infectious disease, a court order etc)
- you were unable to give permission (e.g. unconscious or disorientated). We would then make a best interests decision based on any wishes or views you had previously given us, and the views of any family, carers or others you’d identified as important to you (unless you had previous directed us not to discuss you care with them)
- if required by regulators (e.g. the Care Quality Commission, the Controlled Drugs Local Intelligence Network, the Medicines and Healthcare Regulatory Authority etc)
You have the choice to share or not to share
You can ask for all or some of your information not to be shared outside of Oakhaven. If you decide not to share at all this will not affect your entitlement to care. However, it may result in the delivery of your care being less efficient, timely or safe as other health professionals will not see your full medical history. If you have any concerns about how your information is shared or held, please discuss with a member of Oakhaven staff.
Who are our partner organisations?
We may also have to share your information, subject to strict agreements on how it will be used, with the following organisations:
- Your GP practice
- NHS Trusts / Foundation Trusts (e.g. local hospitals, ambulance trusts, out of hours services such as 111)
- Clinical Commissioning Groups
- Social Care Services
- NHS Commissioning Support Units
- Independent Contractors such as dentists, opticians, pharmacists
- Private Sector Providers (e.g. oxygen suppliers, wheelchair providers)
- Voluntary Sector Providers
- Health and Social Care Information Centre (HSCIC)
- Local Authorities
- Education Services
- Emergency Services
- Other ‘data processors’ which you will be informed of
You will be informed who your data will be shared with and in some cases asked for explicit consent for this happen when this is required.
Can my information be used for any other reason?
Oakhaven participates and contributes to efforts by the NHS to use your information in an anonymous and safe way to:
- protect the health of the public
- help us anticipate, plan and provide care
- audit, review, monitor and evaluate the quality of services provided
- share best practice with other services and professionals through medical literature and educational events1
Information used for these purposes will not identify you but if you would like further details about this, or if you do not want us to use your information in this way, please contact the Oakhaven Data Protection Officer.
How your records are stored
Oakhaven uses an electronic records programme called Access which is where most of your information is stored. We also hold a small amount of information on paper (e.g. medication prescriptions, summaries of care and wishes to use in the event of an electrical failure etc). Because of this, we can share information electronically and securely about your care to support you more effectively.
How is Your Personal Information Protected?
We endeavour to maintain physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal information in question. These safeguards are designed to protect your personal information from loss and unauthorised access, copying, use, modification or disclosure.
Your personal information will not normally be processed outside the European Economic Area. Where it is necessary or desirable to do so, we will seek your prior consent, and we will take steps to ensure that suitable safeguards apply.
We never use clinical data for educational or research purposes without encrypting or anonymising and rest assured no recognisable personal information is released.
How Long is Your Personal Information Retained?
Except as otherwise permitted or required by applicable law or regulatory requirements, we will retain your personal information only for as long as we believe is necessary to fulfil the purposes for which the personal information was collected (including, for the purpose of meeting any legal, accounting or other reporting requirements or obligations). As a minimum, records are retained for a period of 6 years after your last package of care from Oakhaven Care.
Updating Your Personal Information
It is important that the information contained in our records is both accurate and current. If your personal information happens to change during your relationship with us, please keep us informed of such changes.
You have a right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed. In some circumstances we may decide to update our record of your personal information by appending additional text without deleting the original record. We would advise that you raise any changes with us as soon as they occur so that the data we keep about you is kept up to date.
Right of Access to Your Personal Information
You can ask to see the personal information that we hold about you. If you want to review, verify or correct your personal information, please contact Oakhaven. Please note that any such communication may be required in writing.
When requesting access to your personal information, please note that we may request specific information from you to enable us to confirm your identity and right to access, as well as to search for and provide you with the personal information that we hold about you.
You have the right to access the personal information we hold about you. In most cases, we will provide this information upon request. However, in limited circumstances, applicable law or regulatory requirements may allow or require us to withhold certain information. This may include:
- Personal information that has been destroyed, erased, or anonymised in line with our record retention policies
- Information where disclosure is restricted by legal or regulatory obligations
If we are unable to provide full access to your personal information, we will explain the reasons for this wherever possible, subject to any legal or regulatory restrictions.
Your other legal rights
Data protection legislation also provides you with certain other rights. These are not always absolute rights and must be considered in the wider scope of the legislation. These rights are:
| Right of access and of data portability. | You have the right of access to information we hold about or concerning you and/or to have it transferred to another data controller in some circumstances. If you would like to exercise this right, you should contact our Data Protection Officer. |
| Right of rectification or erasure. | If you feel that any data that we hold about you is inaccurate you have the right to ask us to correct or rectify it. You also have a right to ask us to erase information about you where you can demonstrate that the data we hold is no longer needed by us, or if you withdraw the consent upon which our processing is based, or if you feel that we are unlawfully processing your data. Your right of rectification and erasure extends to anyone we have disclosed your personal information to, and we will/shall take all reasonable steps to inform those with whom we have shared your data about your request for erasure. |
| Right to restriction of processing. | You have a right to request that we refrain from processing your data where you contest its accuracy, or the processing is unlawful and you have opposed its erasure, or where we don’t need to hold your data anymore but you need us to in order to establish, exercise or defend any legal claims, or we are in dispute about the legality of our processing your personal data. |
| Right to object. | You have a right to object to our processing of your personal data where the basis of the processing is our legitimate interests including but not limited to direct marketing and profiling. |
| Right to Withdraw Consent. | You have the right to withdraw your consent for the processing of your personal data where the processing is based on consent. To withdraw consent please select the unsubscribe option in the most recent electronic marketing communication you have received or alternatively you can write to us at dataprotection@oakhavenhospice.co.uk |
| Right of Complaint. | You also have a right to lodge a complaint about any aspect of how we are handling your data with the UK’s Information Commissioner’s Office who can be contacted at www.ico.org.uk. |
Monitoring
Some of our premises are equipped with CCTV. Where in use, CCTV cameras are there for the protection of visitors and employees, and to protect against theft, vandalism and damage to goods and property on the premises. Generally, recorded images are routinely destroyed after 30 days and are not shared with third parties unless there is suspicion of a crime, in which case they may be turned over to the police or other appropriate government agency or authority.
This section is not meant to suggest that individuals will be monitored or their actions subject to constant surveillance. It is meant to bring to your attention the fact that such monitoring may occur.
Website
When you use our website, we use tools like Google Analytics to collect information such as your IP address, the browser you use (e.g. Internet Explorer, Firefox etc.), domain names, the time of day you accessed the website and referring Website addresses. This information helps improve our online services, ensures security and helps protect against fraud. It also assists with diagnosing online problems with our website. We also use cookies to give us more understanding of how people use our website.
Details on how you can manage your cookie settings can be found at: Cookie policy - Oakhaven
Can we use your information for marketing our products and services?
We may send you email newsletters if you opt-in to receive such correspondence. We may also send you details of new services but only if it is within our legitimate interest to do so. We will always let you know that you can opt out from receiving marketing material and you can let us know at any time if you no longer wish to receive direct marketing offers from us. You can do so by emailing us at fundraising@oakhavenhospice.co.uk.
Who to contact:
Oakhaven Care has the responsibility to ensure that your personal data is protected. If you have any complaints or concerns, we advise that you contact us initially before raising this with the ICO.
We recommend that you contact the data protection officer below:
Name of Person: Donna Wilkins, Data Protection Officer
email address: dataprotection@oakhavenhospice.co.uk
Contact number: 01590 613030
Contact address: Oakhaven Hospice, Lower Pennington Lane, Lymington, SO41 8ZZ
If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance.
Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/ or call 0303 123 1113.
Changes to this privacy notice
Rules and regulations around data can change – and therefore our privacy notice will change too. So, it’s worth visiting this page from time to time to check for updates. At the bottom of this privacy notice we tell you when it was last updated.
