Liver Wellness Data Privacy Statement
last updated on 27.01.2020
If you have any questions about this Privacy Statement or the way in which your Personal Data is being used by us please contact us by email, phone or letter:
Data Protection Lead
Beacon Consultants Clinic
Telephone: +353 (0)1 910-8901
Our website is http://www.liverwellness.ie/
About Liver Wellness
We want to ensure the highest standard of medical care for our patients consistent with an ethic of privacy and confidentiality. Our approach is consistent with the Medical Council guidelines and the privacy principles of the Data Protection Regulations. It is not possible to undertake medical care without collecting and processing personal data and data concerning health. This statement is intended to inform you of our policies and practices regarding the processing of your medical information.
This practice complies with the IHCA Data Protection Guideline for Consultants.
Legal Basis for Processing Your Data
Liver Wellness offers patients a private and confidential service in the assessment, treatment and personalised management of liver health issues.
When you are referred to our services or elect to avail of our services directly you enter into a contract with Liver Wellness. We process your personal data as part of this contract. The processing we carry out enables us to:
- Follow-up on referrals from other medical professionals;
- Schedule appointments and send appointment reminders;
- Carry out testing to measure your liver health;
- Determine appropriate treatment and to work with you in conjunction with other medical professionals such as your GP to manage any liver health issues.
- Bill you for the delivery of your services;
- Follow-up with other medical professionals during and after your consultation.
Liver Wellness processes special category data in the form of health data. The processing of personal data in a Consultant practice is necessary for medical diagnosis and the provision of healthcare or social care or treatment and is carried out under the responsibility of a health professional who is subject to the obligation of professional secrecy.
Managing Your Information
In order to provide for your care, we need to collect and keep personal data about you and your health on our records. This includes basic personal information, contact details, billing information, etc. which we will use for administrative purposes. We will also record data related to your physical or mental health, i.e. personal data which reveals information about your health status, including vaccination details, medication details, allergies and test results, etc.
- We retain your personal data securely.
- We will only ask for and keep information that is necessary. We will attempt to keep it as accurate and up to-date as possible. We will explain the need for any personal data we ask for if you are not sure why it is needed.
- We ask you to inform us of any relevant changes that we should know about. This would include such things as any new treatments or investigations being carried out that we are not aware of. Please also inform us of any change of address and phone numbers.
- All employees in the practice (not already covered by a professional confidentiality code) sign a confidentiality agreement that explicitly makes clear their duties in relation to personal data and the consequences of breaching that duty.
- Access to patient records is regulated to ensure that they are used only to the extent necessary to enable the secretary or administrative staff to perform their tasks for the proper functioning of the practice. In this regard, patients should understand that practice staff may have access to their records for:
- Typing referral letters to other consultants or allied health professionals such as physiotherapists, occupational therapists, psychologists and dietitians.
- Opening letters from hospitals and other healthcare professionals. The letters could be appended to a patient’s paper file or scanned into their electronic patient record.
- Scanning clinical letters, radiology reports and any other documents not available in electronic format.
- Downloading laboratory results and reports and performing integration of these results into the electronic patient record.
- Photocopying or printing documents for referral to other healthcare professionals.
- Checking for a patient if a laboratory or radiology result has been returned.
- Handling, printing, photocopying and postage of medico-legal and life assurance reports, and of associated documents.
- Sending and receiving information via secure email.
- And other activities related to the support of the provision of medical care and treatment.
Disclosure Of Information
Disclosure of Information to your health insurer
We may need to share your personal data with your health insurer for the purpose of claims processing. The health insurance claim form that you sign will have certain data protection provisions which provide for your consent in this regard. If it is intended to share your data with your health insurer for any other purpose that is not directly related to the processing of your health insurance claim, a separate explicit declaration of consent will be required from you and your health insurer may contact you in this regard.
Disclosure of Information to Other Health and Social Care Professionals
We may need to pass some of your personal data to other health and social care professionals in order to provide you with the treatment and services you need. Only the relevant part of your record will be released. These other health and social care professionals are also legally bound to treat your personal data with the same duty of care and confidentiality that we do.
As part of our service we disclose your results and recommended follow-up treatment to your GP.
Disclosures Required or Permitted Under Law
The law provides that in certain instances personal data (including health information) can be disclosed, for example, in the case of infectious diseases.
Disclosure of information to Employers, Insurance Companies and Solicitors
In general, work related Medical Certificates from your Consultant will only provide a confirmation that you are unfit for work with an indication of when you will be fit to resume work. Where it is considered necessary to provide additional information we will discuss that with you. However, Department of Social Protection sickness certs for work must include the medical reason you are unfit to work.
In the case of disclosures to health insurance companies, other insurance companies or requests made by solicitors for your records we will only release the information with your explicit consent.
Use of Information for Training, Teaching and Quality Assurance
It is usual for Consultants to discuss patient case histories as part of their continuing medical education or for the purpose of training medical students. In these situations the identity of the patient concerned will not be revealed.
In other situations, however, it may be beneficial for other Consultants to be aware of patients with particular conditions and in such cases we would only communicate the information necessary to provide the highest level of care to the patient.
Use of Information for Research and Audit
From time to time, patients’ personal data may be used for research and audit in order to improve services and standards of practice. The National Quality and Risk Management Standard for the Health Service Executive means some Consultants may be subject to a clinical audit. Information used for such purposes is done in an anonymised or pseudonymised manner with all personal identifying information removed.
If it is proposed to use your information in a way where it would not be anonymous or if we are involved in external research, we would discuss this further with you before we proceed and seek your written informed consent. Please remember that the quality of the patient service provided can only be maintained and improved by training, teaching, audit and research.
Transferring to Another Doctor
If you decide at any time and for whatever reason to transfer to another Consultant/Service Provider or doctor we will facilitate that decision by making available to your new Consultant/Service Provider or doctor a copy of your records on receipt of your signed consent from your new Consultant or doctor. For medico-legal reasons we will also retain a copy of your records in this practice for an appropriate period of time which may exceed eight years.
Your rights under GDPR
You have rights under data protection law in relation to how Liver Wellness uses your Personal Data. You may generally access your rights free of charge.
You can ask for access to the Personal Data we hold on you
You have the right of access to personal data held about you by this practice.
If you wish to see your records, you can discuss this with your Consultant who will review the information in the record with you.
You can also make a formal written access request and receive a copy of your medical records. These will be provided to you within 30 days, without cost.
However, it should be noted that there may be circumstances where access may be restricted or denied, for example, where disclosure would be likely to cause serious harm to the physical or mental health of a patient.
You can ask to change Personal Data you think is inaccurate
You should let us know if you disagree with something included in your Personal Data.
We may not always be able to change or remove that information, but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
You can ask to delete Personal Data (right to be forgotten)
In some circumstances you can ask for your Personal Data to be deleted, for example, where:
- your Personal Data is no longer needed for the reason that it was collected in the first place
- you have removed your consent for us to use your Personal Data (where there is no other lawful basis for us to use it)
- there is no lawful basis for the use of your Personal Data
- deleting the Personal Data is a legal requirement
Where your Personal Data has been shared with others, we will do what we can to make sure those using your Personal Data comply with your request for erasure.
Please note that we cannot delete your Personal Data where:
- we are required to have it by law
- it is used for freedom of expression
- it is used for public health purposes
- it is used for scientific or historical research or statistical purposes where deleting the Personal Data would make it difficult or impossible to achieve the objectives of the processing
- it is necessary for legal claims.
Transferring to Another Doctor
If you decide at any time and for whatever reason to transfer to another Consultant/Service Provider or doctor we will facilitate that decision by making available to your new Consultant/Service Provider or doctor a copy of your records on receipt of your request.
For medico-legal reasons we will also retain a copy of your records in this practice for an appropriate period of time in line with our data retention policy.
You can ask us to limit what we use your Personal Data for
You have the right to ask us to restrict what we use your Personal Data for where:
- you have identified inaccurate information, and have told us of it
- where we have no legal reason to use that Personal Data, but you want us to restrict what we use it for rather than erase it altogether
When Personal Data is restricted it can’t be used other than to securely store the Personal Data and with your consent to handle legal claims and protect others, or where it’s for important public interests.
You can make a complaint
You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law took place.
Amendments to this privacy statement
We will post any changes on the Website and when doing so will change the effective date at the top of this Privacy Statement. Please make sure to check the date when you use our services to see if there have been any changes since you last used those services.
In some cases, we may provide you with additional notice of changes to this Privacy Statement, such as via email. We will always provide you with any notice in advance of the changes taking effect where we consider the changes to be material.
Thank you for reading our Privacy Statement. Please contact us if you have any questions.
The Data Protection Commission in Ireland may be contacted using the contact details below if you have any concerns or questions about the processing of your Personal Data.
Online Form: https://forms.dataprotection.ie/contact
Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Tel: +353 578 684 800 or +353 761 104 800
We hope this practice privacy statement has explained any issues that may arise. If you have any questions, please speak to the practice secretary or your Consultant.