top of page

Privacy Policy

GENERAL

 

In this Privacy Policy, we, us, or our refers to the Obstetrics and Gynaecology practice carried on by Dr. Katrina Erskine from her consulting rooms at 212 Great Portland Street, London W1W 5QN.

 

We are committed to respecting and protecting your privacy at all times and take seriously our responsibilities under data protection legislation. This Privacy Policy outlines how we collect and use your personal information, how we keep it secure, and your legal rights.

 

For the purpose of the Data Protection Act 1998, the data controller is Dr. Katrina Erskine (ICO registration number Z2162494).

 

If you have any questions or concerns about this policy or how we are processing your personal information, please contact:

 

Dr. Katrina Erskine

2nd Floor Consulting Rooms, 212 Great Portland Street, London W1W 5QN

Email: cath.mclaren@hcahealthcare.co.uk

 

We always appreciate the opportunity to resolve any disputes with you but you have a right to complain or contact the Information Commissioner at any time. More information can be found at www.ico.org.uk.

WHAT INFORMATION DO WE COLLECT AND PROCESS?

 

To provide your care and treatment we will collect certain types of personal and sensitive data about you. 

 

General Data

 

  • Identifying and contact information such as your full name, address,  gender, date of birth, title, marital status, telephone numbers, email addresses, and emergency contacts details and/or next of kin;

  • Financial information including your credit card or other bank details if you are responsible for the payment of all or part of the bills relating to your care;

  • Your Medical insurance details or information regarding other organisations responsible for funding your care;

  • Details about other clinicians involved in your care or referral, e.g. your GP;

  • Usage data including IP protocol data, cookies, enquiry information, geographic data including time zones, browser information, and operating system information;

  • Query information including data supplied by you when submitting inquiries.

 

Health-related Data

 

  • Your previous and current medical health records including past treatments, results of investigations, tests and scans;

  • Information about your previous and current physical or mental health. This may include details of treatment you have received elsewhere and by other clinicians; 

  • Imaging such as X-rays, ultrasound and MRI scans and their reports, photographs and videos;  

  • Your religion, nationality, race and/or ethnicity; 

  • Sexual orientation; 

  • Genetic or biometric data relating to you.

 

The information, which is part of your medical record, may be provided by either yourself, your GP, or your referring clinician as well as by any other health professionals involved in your care. Further information may also be provided by your insurer or others funding your treatment. We also collect information directly from you when you visit our website. 

 

We will collect data if you have a remote consultation with Dr. Erskine either virtually or by telephone.

 

Some of the data we collect may be automatically processed. This includes usage data collected from our website. Please see the paragraph Cookies below.

 

Please note that our site may, from time to time, contain links to and from other third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal detail to these websites.

HOW DO WE USE YOUR PERSONAL DATA?

 

Under the General Data Protection Regulations we have the right to process your data in the following ways:

  • To support the provision of high quality treatment and clinical care appropriate to your needs;

  • To communicate with you regarding your clinical care with us and to resolve any queries, concerns or complaints you may have;

  • To communicate with other health professionals and referring clinicians regarding your care;

  • In order to obtain payment for your treatment; and

  • To comply with legal obligations.

We use your personal data for the following purposes:

  • To ensure you are receiving appropriate clinical care for your needs;

  • Arranging appointments, investigations, scans, procedures and surgeries;

  • To respond to your queries, complaints and concerns; 

  • Quality assurance through the evaluation of your treatment and outcomes;

  • Processing of invoices and payment of fees in connection with your account with us; and

  • Disclosure of details of your treatment with us to your referring physician or clinician or to another clinician for further treatment when required. If you would prefer us not to share this information please notify us.

We use your data to ensure we can comply with our legal obligations:

  • When you exercise your rights under data protection law and make requests;

  • For compliance with legal and regulatory requirements and related disclosures;

  • For establishment and defense of legal rights;

  • For activities relating to the prevention, detection, and investigation of crime;

  • To verify your identity, credit fraud prevention, and anti-money laundering checks; and

  • To investigate complaints, legal claims, and data protection or clinical incidents.

You are free at any time to change your mind and withdraw your consent, where we have only relied on your consent, to share your data. We will advise you if the consequence of doing so is that we cannot continue to provide full healthcare services to you.

 

WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH?


Under certain circumstances and only when it is appropriate we may share your personal data with:

Healthcare Providers or those who help us provide care to you

  • Consultants/Doctors and other healthcare professionals who provide treatment to you; and

  • Other healthcare providers including your GP where we believe this will enhance the quality of your care. Let us know if you do not wish us to share information with your GP.

 

Advisers, Legal, Government, and regulatory bodies

  • Our legal and other professional advisers;

  • Fraud prevention agencies, credit reference agencies, and debt collection agencies;

  • Government bodies and agencies in the UK and overseas (e.g. HMRC who may in turn share it with relevant overseas tax authorities and with regulators including the Information Commissioner's Office and Care Quality Commission (CQC);

  • General Medical Council and other professional bodies; and

  • Courts, to comply with legal requirements, and for the administration of justice.

Others

  • In an emergency or to otherwise protect your vital interests;

  • Payment systems and providers; and

  • Anyone else where we have your consent or as required by law.

Sharing of your personal data in order to receive payment for your treatment from your Insurer, sponsor, or guarantor

We will contact the individual or company including your insurer and provide them with the information necessary to support our invoices for payment and to ensure that we receive full payment for your care.  We may also contact them prior to your care to confirm that the treatment you are about to receive is covered by them and they are willing to pay for your care.  We will also provide the information necessary to support any audits carried out by insurers and sponsors.

 

YOUR RIGHTS

 

You have various rights under the General Data Protection Regulations. These rights are subject to any legal constraints or rights we may have but include:

 

Access: you can make a request for your personal data (this is known as a subject access request) (see below);

Correction: if you believe any information we have is incorrect then you can ask us to rectify this. This will be subject to us verifying the inaccuracy;

Erasure: you are entitled to ask us to erase or amend any personal data we may process;

Transfer: you may request that we transfer your data to you or a third party;

Withdrawing consent: you may withdraw any consent you have given to us to process your personal data.

If you exercise any of your rights in a situation where a third party is involved we will forward your request to them.

 

We will not usually charge you for exercising any of the above rights but:

  • We may have a legal basis on which we cannot carry out your request. Unless prohibited by law we will set out our reasons for refusing or seeking to amend any request;

  • We may charge a reasonable fee in limited circumstances – for example, if a subject access request is excessive or we consider it unfounded; and/or

  • We will usually require identification to satisfy ourselves of the legitimacy of any request before we carry it out.

We will carry out any request as soon as reasonably possible but usually within one month.

You have the right to complain to the Information Commissioner's Office (ICO). It has enforcement powers and can investigate compliance with data protection laws. Contact the ICO at www.ico.org.uk or you can call them on 0303 1231113.

DATA SECURITY

 

We have in place appropriate technical and organisational security measures to prevent your data from being accidentally lost, amended, used, or stolen. Data is limited to only those who need access and we have taken reasonable steps to ensure that all data is stored in a secure and controlled environment.

 

Please note that we retain limited paper information with the majority of personal data being scanned and stored in electronic format.

HOW LONG DO WE KEEP YOUR DATA?

 

Information will be kept in accordance with the retention periods outlined in the Records Management Code of Practice 2021 published by NHSX.

 

Information may be held for longer periods where the following apply: 

 

  • Retention in case of queries. We will retain your personal data as long as necessary to deal with any queries you may have;

  • Retention in case of claims. We will retain your personal data for as long as you might legally bring claims against us; and

  • Retention in accordance with legal and regulatory requirements. We will retain your personal data after you have received healthcare services from us based on our legal and regulatory requirements and obligations.

DATA STORAGE

 

All personal data is stored by us in the UK and/or the European Economic Area. In the event that we have to transfer data outside the UK and/or EEA we will only do so if it is to countries that have adequate data protection laws in place or we have entered into specific contracts (in a form approved by the European Commission and/or the UK regulator) and/or they are part of any government authorised arrangement.

 

CHANGES

 

We may update this policy from time to time without notice to you. Where we do make changes we will include a link to the immediate previous version highlighting the changes that have been made.

COOKIES

Cookies are small data files that can identify you when you visit a website. Cookies remember your settings during and between visits to our site and also improve the speed and security of the website. 


We use cookies on our website to improve the visitor’s experience, ensuring our website is responsive, fast and shows the information that you need. It enables us to improve the website.


We do not use cookies to collect any personally identifiable information about you, and do not pass personally identifiable data to third parties. You can disable cookies in your browser settings. If your browser settings are set to accept cookies we take this as agreement.

Last updated 23 September 2022

bottom of page