Privacy Notice for Products and Services
Last Updated: January 2022
Our privacy notices help you to understand what we do with your personal data, why we use it, who we share it with, how long we keep it and the rights that you have. For more information on your rights and how to exercise them, head straight to the ‘your rights’ section later in the document.
All our privacy notices will tell you the following:
- Why we can process your information
- What our reason (or purpose) is for processing your information
- Whether you must provide us with information
- Whether your information is shared to others and under what circumstances
- How long we store your information
- Whether we will transfer your information to another country
- Whether we complete any automated decision-making or profiling
- How we protect your information
- How you can get in touch
References in this document to your “employer” should be deemed to include your employer, your employer’s representative (being any person who engages us on behalf of your employer) or pension trustees, as the context requires.
When does this privacy notice apply?
This privacy notice is for clients who use our services, any of their employees who are referred to us, and for those employees who become users of our services.
Changes to this privacy notice:
We make sure that we review our privacy notice from time to time and will update it on the website when we do, so that you can check it regularly. The last updated date is shown at the beginning of the document.
Who are we?
We are Medigold Health Consultancy Limited (“we”, “our”, “us”). This includes its group company, Hampton Knight Limited and any appointed representatives, including medical practitioners acting on its behalf. We are registered with the ICO under number Z7655289.
We will be either the data “Controller” or data “Processor” of the personal data provided to us, depending on the context and service provided. This privacy notice is provided with respect to the services for which we act as a data Controller. For example, for Occupational Health Management Referral services we are a Controller because we determine the means and purposes of processing your data, whereas for Alcohol and Drug Collection services (save for where one of our clinicians interprets the results and provides a report), we process your data as a Processor and your employer is the data Controller.
What is our purpose and lawful basis?
We have contracts with our clients that means that we have a responsibility to look after the occupational health and wellbeing of their workforces and advise them on health matters. Our purpose for processing your information is to ensure that we can let employers know that their employees are fit to do their jobs, are compliant with Health and Safety Law, can make ill-health retirement and pensions decisions, and that they have done everything that they need to do to ensure the wellbeing of their employees. To do this we need to process and record information relating to you. The lawful basis that we rely on is Article 6 (1 (f) (“Legitimate Interests”)and the special category condition is Article 9 (2) (h) (“Health – including occupational medicine”) of the UK GDPR. We have a legitimate interest in processing your personal data because we are required to do so in order to provide our services. The specific condition we meet to process your special category data is processing “necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services”.
If you provide us with any information about reasonable adjustments you require when attending an appointment with us, under the Equality Act 2010, the lawful basis we rely on for processing this information is Article 6 (1) (c) of UK GDPR to comply with our legal obligations under the Act.
The information we collect and how we use it
We collect and use the information that you and your employer provide to us directly. For example, when a referral is made to us from your employer it may include personal information such as your full name, title, date of birth, address, contact telephone numbers, work, or personal email addresses, employment information (such as role and work history) and employee number.
When we use this information
We use this information for the following reasons:
To arrange and book appointments
To send you reminders about your appointment
To contact you if we need to re-arrange an appointment
To contact you to arrange any reasonable adjustments you may need to attend an appointment
To contact you for a face-to-face, telephone or video appointment
To verify that we are speaking to the correct person
To contact you for feedback about your appointment
To contact you following any query you may have about your appointment or records
We also collect and process sensitive information about you. This includes information about your health and forms part of your occupational health record. This information can relate to both your physical and mental health. It may include past and current medical history, medication that you may be taking or have taken, as well as past and current occupational health records. We may also collect other personal and sensitive data, but only where absolutely necessary. For example, if there is a clinical reason to do so, you may be asked to state your ethnicity, and occupational health records may require information about family history or lifestyle.
We may also request and collect information from your GP, consultant, or other healthcare professionals. These may be sent directly from your employer, if you have shared this information with them, or you may prefer to share these directly with us. We may also request these directly from relevant healthcare professionals. These will be processed as part of your occupational health record.
When we use this information
It will depend on the nature of the service we are providing when we use this health information, but it may include:
- To determine your fitness to work
- To provide information about your fitness to work back to your employer
- To assess if you need any reasonable adjustments or support in the workplace due to a health condition
- To assess whether any risks in your workplace may have an adverse impact on your health
- To advise your employer on pensions and ill-health retirement matters
- To administer medications or vaccinations
- To analyse diagnostic results and/or medication and interpret them for your employer (for example for alcohol and drug testing services or biological monitoring services)
We will only use aggregated, anonymised data to inform our management reporting and improve and develop the service that we provide.
We also provide our clients with data analysis about their workforce so that they can identify key themes and trends. We will only use fully anonymised data which means that it is impossible to identify any individual from the information.
We may also need to verify that you are who you say you are if you request information from us in accordance with your rights. To do this we will ask you to supply two pieces of identity evidence such as a birth certificate and driving licence. This information will only ever be used to verify your identity.
The information we share and why
Under the English common law of confidentiality, we are required to share information with your employer with your consent, but we will always ask you if you want to see the report before we send it. (N.B. This is not to be confused with the legal basis under UK GDPR, which is expressly not consent but is legitimate interests (see above).) If you decide that you want to see a report first rather than at the same time as your employer, you have the right to do so. When we provide the report to your employer it is not your full occupational health record but will include relevant facts and opinion as to whether you are medically fit to do a particular task or job, whether you have a condition which may affect your role and/or whether any adjustments are recommended. If you choose not to allow your employer to see the report, they will have to make a decision based on the information that they have.
Some of our contracts may also require us to transfer information to other specialist clinical services who work in partnership with us, such as laboratory services and therapy services. They may require your personal information to process blood tests or supply treatment to you.
We may be required, in some circumstances, to share information with HSE/DVLA/PHE or other relevant public bodies. We will only do so where we are required to by law or if it is in the public interest.
Our clinicians may share information provided with their colleagues to ensure a high quality of service is provided. They may also need to share information where serious safeguarding concerns are raised, and we have a strong Safeguarding Policy in place to ensure that the right practices are followed.
We share information with a third party to support and host some of our UK based systems, including our database, website, and telephone system. We also use third party expertise for the electronic scanning of medical records and storage of archived paper records. We have contracts in place with all suppliers that help us to ensure the security and privacy of your personal information in accordance with UK GDPR and they may not use your information for any other purpose. All our third parties are bound by the same strict codes of conduct and confidentiality and have restricted access to occupational health information. We are ISO 27001 certified.
We will never use personal data that you have shared with us for occupational health purposes for marketing purposes.
In circumstances where your employer changes provider, we may share your records with the incoming provider. In such circumstances we will ask your employer to inform you that this is going to happen. Once the records are transferred, they will become the responsibility of the incoming provider as data Controller.
How long do we store your information?
How long we store your information will depend on the type of record that we have been processing.
Your occupational health records are processed for the duration of our contract with your employer and for a further six years after you have left their employment. After this time, if we have permission from your employer, then your occupational health record will be securely deleted.
Under Health and Safety law, there is a requirement to keep Health Surveillance records for forty years. These records will be stored separately on our system and will be kept for forty years. Where records have been transferred from a previous provider and it is not possible to tell whether the records are Occupational Health records or Health Surveillance records, the longer retention period will be applied.
If our contract ends with your employer, we will stop processing your information and all personal data and health records will be transferred to your employer’s next occupational health provider (please see above).
Recordings that have not formed part of an Occupational Health record and are used for training and monitoring purposes are stored on a restricted network and retained for 120 days before they are securely deleted. Any phone calls that are not made on the Medigold Health phone network are not recorded.
Information that is processed about you, but that does not form part of your Occupational Health record, such as internal email communications may be securely deleted as part of our in-house ‘housekeeping’ procedure to ensure that we do not retain your data unnecessarily.
Where do we process your information?
We process your information within the UK, we do not send or store any personal data outside of the United Kingdom (unless your employer is based in or has an office outside of the United Kingdom and we are required to send information to them in order to fulfil our contract – in such circumstances we will only do so in accordance with UK GDPR and the Data Protection Act 2018).
How do we protect your information?
We design our systems with your security and privacy in mind. We have an ‘in-house’ IT department who are responsible for the security of the systems which hold your information. All information is held on our secure system which is compliant with Cyber Essentials standards for security and subject to annual penetration testing. We work to protect the security of your personal information during any communications with you using secure communication methods and secure software procedures. We maintain physical, electronic, and procedural safeguards in connection with storage and disclosure of your personal information. Our security procedures mean that we may ask you to verify your identity before we disclose personal information to you.
Access to any of your personal data held on our systems is restricted to nominated employees within Medigold Health who are required to have access to your information to provide our service. Those employees can only access your information using our secure IT network. Our employees are following a strong Password Policy and have regular training on Data Protection.
Where information is shared with a third party, such as a laboratory to process test results, we have data sharing agreements in place, and only those authorised to process your data will be permitted to do so for the purpose of the processing.
We use anti-virus and anti-malware software to reduce the risk of any malicious computer virus or cyber attack on our systems. We also have a process in place to ensure that all security software updates are applied as soon as they are released.
We also ensure that your information is encrypted when it is being moved. For example, when we share a report with you, or when your employer needs to view the report, they log into our secure portal to access it when it is ready. It is only the report that is stored on the portal for your employer to view, your Occupational Health record is kept securely on our system and visible only to us.
UK GDPR gives you certain rights when it comes to your personal data. However, as we are processing your information for the purpose of Occupational Health not all these rights will apply. The list below details your rights under UK GDPR.
- Right of access – this means that you have the right to request a copy of the personal data held about you.
This right applies to information that relates to you and identifies you and we have 30 days to respond once we can verify your identity.
- Right to rectification – if you think that any of your personal information that we hold is inaccurate or incomplete you can request it to be updated. We may ask you for evidence to show that it is inaccurate.
This right is often applied where we hold an incorrect email address or telephone number. It only applies where there are factual inaccuracies in your information, and you cannot alter the opinion of a clinical professional. Where documents are rectified and they are medical records, it may be appropriate for us to retain the original version and append the corrected version.
- Right to erasure – this is also known as the right to be forgotten. You can request that your personal data is erased, however, this right is not absolute.
As we process your information for the purpose of Occupational Health, we cannot erase these records. You can, however, request that we erase personal information such as an email address, if we are still able to identify your Occupational Health record.
- Right to restrict processing – when you have contested the accuracy of your personal data your right to restrict processing will be automatically implemented. That means we will hold your personal data on file, but we will not process it.
- Right to data portability – you have the right to ask us to electronically move, copy or transfer your personal information in a machine-readable format.
- Right to object – you have the right to object to the processing of your personal data at any time. This right only applies in certain circumstances.
- Right to withdraw consent –As we process your information for the purpose of Occupational Health, we have a legitimate reason to process your information and do not rely on consent. However, if we have previously informed you that we have relied on consent as a legal basis to process your information (please note this is different to common law consent), you are reminded that you can withdraw your consent at any time.
If you wish to exercise any of your rights, please contact us at firstname.lastname@example.org
We will ask for information to verify your identity, so that we make sure we protect your information. The lawful basis that we rely on is Article 6 (1) (c) of the UK GDPR, which relates to our legal obligation to comply with the law. We will only keep verification information for as long as it is necessary to process your request.
Common law of confidentiality and consent
Health professionals have a duty to comply with the common law of confidentiality which means that you have a right to withdraw your consent for us to share information about your health to your employer (this is separate from and distinct to your rights under UK GDPR). If you choose to do this, we must notify your employer who may need to make decisions without the benefit of impartial Occupational Health advice. If your job involves a requirement for routine fitness to work medicals or health surveillance screening, then your employer may have to stop you from doing your job.
Data Protection Officer contact details and your right to complain
We work to the highest standards when it comes to processing your personal information. If you have any questions about your personal information, or how we use it, you can contact our Data Protection Officer, Isobel Watkins at email@example.com, or by writing to us at our registered office at Medigold House, Queensbridge, Northampton, NN4 7BF.
We encourage you to contact us if you have any concerns about how we use your personal information, however, if you are not satisfied with our response or believe we are processing your personal information incorrectly and not in accordance with UK GDPR, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ICO.org.uk.