Personal data – what we collect and why:
We will use your personal data for the reasons set out below. We will collect most of this directly during the registration, admission and the questionnaire process but there may be sources of personal data collected indirectly as set out later in this policy. The personal data we use may include:
• Your name, address and contact details, including email address and home and mobile telephone numbers, date of birth and gender
• Your financial information (your bank account and national insurance number) if you are a ‘self pay’patient or the financial information of the company or individual who is responsible for the payment of invoices/bills relating to your care (e.g. insurer or sponsor)
• Information about your marital status, next of kin, dependants nominated and/or emergency contacts
• Information about your nationality and entitlement to treatment in the UK
• Information about medical or health conditions, including whether or not you have a disability for which the organisation needs to make reasonable adjustments
• Information about medical or health conditions of your family
• equal opportunity monitoring information, including information about your ethnic origin, sexual orientation, health and religion or belief
• Information about how you use our website.
Tomorrow may collect this information in a variety of ways. For example, data might be collected through Registration, Admission and questionnaire forms; from pre-admission forms, online web forms completed by you at the start of your treatment; from correspondence with you; through the Admission and Registration process or through interviews, meetings or other assessments.
In some cases, the organisation may collect personal data about you from third parties, such as insurer providers, referral agencies, sponsors, checks permitted by law.
Personal data and consent
We will tell you if providing some personal data is optional, including if we ask for your consent to process it. In all other cases, we need you to provide your personal data so we can provide care and treatment and receive payment for these services.
• If you ask us to disclose your personal data to other people or organisations such as a company handling a claim on your behalf; or otherwise agree to disclosures;
• When we process any special categories of personal data about you at your request (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning your health, sex life or sexual orientation).
You are free at any time to change your mind and withdraw your consent. The consequence might be that we cannot continue to provide full healthcare services to you.
Personal data and the legal basis for processing
We will process your personal data under General Data protection Regulations - Article 6 (1); Article 9 (2):
• To support the provision of your healthcare
• To decide how best to provide treatment to you
• As necessary to support the healthcare contract with you and to allow us to receive [full] payment for those services
• To take steps at your request during the course of your treatment
• To keep your records up-to-date
We will process your personal data under Article 6 (1) f of the General Data Protection Regulations:
• As necessary for our own legitimate interests or those of other persons and organisations, e.g.:
• For good governance, accounting, and managing and auditing our clinical and business operations
• To monitor emails, calls, other communications, and activities on HCA UK networks and systems
• For market research, analysis and developing statistics for improving clinical performance; and
As necessary to comply with a legal obligation:
• When you exercise your rights under Data Protection Laws and make requests
• For compliance with legal and regulatory requirements and related disclosures
• For establishment and defence of legal rights
• For activities relating to the prevention, detection and investigation of crime
• To verify your identity, make credit fraud prevention and anti-money laundering checks; and
• To investigate complaints, legal claims and data protection or clinical incidents.
Personal data sharing
Subject to applicable data protection laws we may share your personal data with:
• Consultants/doctors and other healthcare professionals who provide treatment to you at our facilities
• Other healthcare providers where we feel this will enhance the quality of your care
• Sub-contractors and other persons who help us to provide healthcare products and services to you
• Companies and other persons providing services to you as part of your extended care;
• Our legal and other professional advisors, including our auditors
• Fraud prevention agencies, credit reference agencies, and debt collection agencies
• Government bodies and agencies in the UK and overseas (e.g. HMRC who may in turn share it with relevant overseas tax authorities and with regulators, the Information Commissioner's Office (ICO)
• Courts, to comply with legal requirements, and for the administration of justice
• In an emergency or to otherwise protect your vital interests
• To protect the security or integrity of our business operations and other patients
• When we restructure or sell our business or its assets or have a merger or re-organisation
• Payment systems and providers;
Anyone else where we have your consent or as required by law
Sharing of your personal data to contribute to the review and publishing of information about the quality and cost of privately funded healthcare
Personal data sharing for research purposes and marketing purposes
Subject to applicable data protection laws and your explicit written consent we may share your personal data for the purpose of scientific research.
Personal data sharing for marketing purposes
Subject to obtaining your written consent and communications preferences we may use your contact details to send you newsletters and other information on new Facilities, services and treatments which we think may be of interest to you. We will not sell your personal data to a third party without your written consent.
You are free at any time to change your mind and withdraw your consent. Please contact firstname.lastname@example.org This will not affect the healthcare services we provide to you.
Personal data – how long do we keep your data?
Information will be kept in in accordance with the retention periods outlined in the Information Governance Alliance (IGA) Records Management Code of Practice for Health and Social Care (2016). Information may be held for longer periods where the following apply:
• Retention in case of queries. We will retain your personal data as long as necessary to deal with any queries you may have
• Retention in case of claims. We will retain your personal data for as long as you might legally bring claims against us
• Retention in accordance with legal and regulatory requirements. We will retain your personal data after you have received healthcare services at our facilities based on our legal and regulatory requirements.
Your rights under applicable data protection law
Your rights are as follows (noting that these rights do not apply in all circumstances):
• The right to be informed about processing of your personal data
• The right to have your personal data corrected if it is inaccurate and to have incomplete personal data completed
• The right to object to processing of your personal data
• The right to restrict processing of your personal data
• The right to have your personal data erased (the 'right to be forgotten')
• The right to request access to your personal data and information about how we process it
• The right to move, copy or transfer your personal data ('data portability')
• Rights in relation to automated decision making including profiling
You may exercise these rights by emailing us via email@example.com
You have the right to complain to the Information Commissioner's Office (ICO) which can be found at https://ico.org.uk/. It has enforcement powers and can investigate compliance with data protection law.
Your Personal Data is data which by itself or with other data available to Tomorrow Cardiovascular Screening Ltd (TMRW) can be used to identify you as an individual. TMRW is the data controller. This privacy notice sets out how TMRW will use your personal data. You can contact us at info@tomorrowscreening.
Content management and responsibility
Tomorrow Cardiovascular screening Ltd, "TMRW", and the hosts of this website, accept no responsibility for, and exclude all liability in connection with browsing this website, use of information on this website and downloading any material from it, including, but not limited to, any liability for errors, inaccuracies, omissions or misleading or defamatory statements.
Although every reasonable effort is made to ensure that files are free of defects and viruses, there are no guarantees that they are free from defects or computer viruses. Therefore, no warranty or guarantee is given by TMRW, regarding files downloaded or accessed through TMRW's website or through a link accessed via TMRW's website.
This website is intended to enable information relevant to the work of TMRW, to be freely available on the World Wide Web. Whilst TMRW hopes you find this website interesting and informative, the contents are for general information only. TMRW believes the contents to be true and accurate as at the date of writing, but can give no assurances or warranties regarding the accuracy, currency or applicability of any of this website's contents. As such, the contents of this website should not be relied upon. In addition, none of the content of this website will form any contract between TMRW and any user of the website, nor constitute any offer by TMRW. The use of and access to pages of the TMRW website is subject to the foregoing disclaimer, and the terms and conditions set out below. By using or accessing this website, you agree to be bound by these terms and conditions.
TMRW shall not be liable for any loss or damage howsoever arising in connection with the content of the website. TMRW does not guarantee that the website will be error-free, omission-free, uninterrupted or without delay.
Whilst TMRW makes all reasonable attempts to exclude viruses from the website, we cannot guarantee that the website will be virus free and accept no liability in the unlikely event that the website is not virus free.
Users are recommended to take appropriate safeguards before downloading information from this website.
Access to information
TMRW will not share your confidential information with anyone outside of TMRW. You are prohibited from posting or transmitting, to and from, the website any unlawful, threatening, defamatory, obscene, and pornographic or other material which would violate any law.
Unless otherwise specified, the materials on this website are directed solely at those who access this website from the United Kingdom mainland. TMRW makes no representation that any information, product or services referred to in the materials on this website are appropriate for use, or available, in other locations. Those who choose to access this website from other locations are responsible for compliance with local laws if and to the extent local laws are applicable.
Although the website has been tested and should work correctly under normal circumstances, there are many factors both within and outside of the control of TMRW, which may prevent the website from being available. No responsibility is accepted by TMRW, for any losses howsoever caused that may arise from an inability to access or to access resources through its website. If you find any errors within the TMRW website, including links that do not work, pages linked to the wrong document and out of date information, please email TMRW on firstname.lastname@example.org.
We are committed to respecting and protecting your privacy when we deal with your personal information. The following privacy notice gives you details on the information we collect about you, how we protect and use it, and your rights. If you have any questions about how we use your information, please email us at email@example.com.