Privacy Notice

Privacy Notice   

We are committed to ensuring the privacy and confidentiality of the information we hold of users of our website, our online portal, applicants and employees/patients being assessed by, or utilising, our service.

This privacy statement explains what kind of information is collected by us during a visit to our web site, customer online portal or when an employee/patient is referred to our service and how we use this information.

The information collected, held and used is in strict compliance with not only all current UK legislation but the confidentiality and ethical codes set out by the General Medical Council, Nursing and Midwifery Council, the Health & Care Professions Council (HCPC), the British Psychological Society (BPS), the Chartered Society of Physiotherapy (CSP) and the Faculty of Occupational Medicine (FOM).


Data Controller 

Health Partners Group includes as subsidiary companies; Psych Health, Business Health Resource, Hygiene Partners and Duradiamond Healthcare Limited.

As such each company acts as a data controller when managing your data for that service.

The ICO registration numbers are

  • ZA205055 for the Health Partners Group,
  • Z1823682 for Psych Health,
  • Z6482673 for Business Health Resource,
  • ZB345511 for Hygiene Partners and
  • Z7499599 for Duradiamond Healthcare.

The Health Partners Group’s registered address is Roller Mill, Mill Lane, Uckfield, TN22 5AA.


Collection and processing of personal data on our website

For the purpose of system security, when you visit our web site, our web server temporarily registers the domain name or the IP address of the requesting computer as well as the date of access, the file request of the client (file name and URL), the HTTP response code and the Web site from which you are visiting us, and the number of bytes transferred during the session. We might also, in some cases, store some information in the form of 'cookies' on your PC so that we can optimise our web site according to your preferences. Please see the ‘Cookies’ section for more information.

We will not collect any other personal data such as name, address, telephone number or e-mail address unless you provide this information voluntarily, for example, when completing the ‘contact us’ section or when accessing the customer online portal.

If you choose to contact us, we will process the information you share to manage your query only. We will not use the information for any other purpose. By contacting us you consent to us processing the information under the current data protection legislation so we may do this.

All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. You must not share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

 

Use and forwarding of personal data on our website

We will use your personal data for the technical administration of the web site and to provide you with an appropriate service when using our online portal. We will not disclose any data to third parties or government agencies without your consent, except where required by law.

Our employees and business offices are obligated to treat all data as confidential and safeguard it accordingly.

We use Google Analytics (GA) on our sites for very limited purposes including to understand user behaviour and to see volumes and activities on different pages. Google Analytics does not store or log your IP address. We do not store or log your user name or any other personal data with GA, we only store anonymised data for 14 months on Google’s servers. GA has been classified as being GDPR compliant.

 

Security

We have taken extensive technical and operational precautions to protect the data retained by us against unauthorised access, unlawful processing, accidental loss or destruction, damage or misuse.
 

Our security procedures are revised regularly, adapted to reflect technological progress and are governed under our ‘Information Security Management System’.

 

Customers & Specialists using the Gateway portal

When you register on the portal to use the service, we will take information from you such as your name, e mail address and details of the individual you are referring/asking to complete a questionnaire that may include both personal and sensitive or special category data. Please see below how we process and keep confidential the information we obtain.

This data will be protected by our security procedures which are regularly updated to reflect progress and development in the various technologies we use.

The companies within Health Partners Group processes and manages the data of our Clients, and their employees/patients, for the purposes of occupational medicine, assessing the work capacity and capability of employees, medical diagnosis, treatment of a psychological condition or difficulty, and the management of their cases’ and for ‘legitimate interests’.

All our security and protection measures meet both current legislation in the UK and Ireland and the ethical guidelines issued by the General Medical Council, Nursing and Midwifery Council, the Health & Care Professions Council (HCPC), the British Psychological Society (BPS), the Chartered Society of Physiotherapy (CSP) and both Faculties of Occupational Medicine.

Please see below the general principals regarding data protection we will practice with regard to your data.

 

Applicants using the website to apply for roles

If you register for any jobs or upload your CV and details on our ‘join us’ pages we will use the data you provide purely for recruitment and future employment purposes only. By registering and sharing the information you consent to us processing this under data protection legislation.

This data will be protected by our security procedures which are regularly updated to reflect progress and development in the various technologies we use.

All our security and protection measures meet both current legislation in the UK and Ireland, and the ethical guidelines issued by the General Medical Council, Nursing and Midwifery Council, the Health & Care Professions Council (HCPC), the British Psychological Society (BPS), the Chartered Society of Physiotherapy (CSP) and both Faculties of Occupational Medicine.

Please see below the general principals regarding data protection we will practice with regard to your data.

 

Individuals who may be referred to our service

Due to the nature of our work, we manage both personal and sensitive or special category data, as classified under the current Data Protection legislation. We have developed procedures and IT security measures to ensure the protection of the data we hold.

We are also governed by the Faculty of Occupational Medicine, and must adhere to the ethical codes of the General Medical Council, the Nursing and Midwifery Council, the Health & Care Professions Council (HCPC), the British Psychological Society (BPS) and the Chartered Society of Physiotherapy (CSP).   We are also registered with the ICO in the UK, all of which have guidelines and codes of conduct that we follow to ensure your confidentiality. In Ireland we have an ‘EU Representative’, as required by data protection law within the European Union.

Health Partners processes and manages the data of Client employees/patients for the purposes of occupational medicine, assessing the work capacity and capability of employees, medical diagnosis, treatment of a psychological condition or difficulty  and the management of their cases and for ‘legitimate interests’.

Please see below the general principals regarding data protection we will practice with regard to your data.

 

Principals of Data Protection

We operate within the principles set out in the current data protection legislation and best practice ethical guidelines, these include;

  • We will process your information fairly and lawfully for the purposes of providing occupational health and treatment advice.
  • We will always seek your consent before sharing information with your employer/insurer (*)
  • We will only obtain personal and sensitive or special category data to provide occupational health advice, psychological services, physiotherapy, testing, wellbeing and treatment services.
  • We will ensure we meet all legal requirements when processing this information and will not process the data for any other purposes, such as external marketing.
  • We will ensure all data held is ‘relevant’ and ‘appropriate’ to the purpose for which it has been obtained.
  • We will endeavour to ensure data is accurate and if it is found to not be, we will correct it, if appropriate.
  • We will not keep your data for longer than is ‘necessary’. We currently retain your occupational health data for 8 years after last annotation, unless the data relates to health surveillance when we will hold it for the timeframe stated within the regulations (up to 50 years) or if our contract with your employer terminates. For those utilising our psychological therapy and treatment services your data will be held for 20 years, or 10  years after your death.
  • We will always process data in accordance with your rights under the current data protection legislation.
  • We will take all necessary measures to protect your data against unauthorised or unlawful processing, accidental loss or destruction, and damage.
  • We will not transfer your data outside the UK for employees based in the UK. If you are based in Ireland, your data will be held in the UK and may also be held in Ireland if you are assessed by a clinician in Ireland. The UK and EU have in place appropriate reciprocal measures called ‘adequacy decisions’ which allow for data to be transferred and held in each area.

(*) Please be aware however that should there be a risk of serious harm or if we are required to by law, we will share limited data about you with the appropriate bodies.

 

Your rights

The current Data Protection legislation gives you certain additional rights including;

  • The right to access information held about you. Your right of access can be exercised at any time in accordance with the legislation.
  • We will inform you of what information we are processing about you when we assess you.
  • We will endeavour to ensure the data is accurate and, where necessary, kept up to date.
  • Individuals have a right to withdraw consent at any time, if they object.

An individual has the right to have inaccuracies amended/rectified. Any factual inaccuracies will be amended/rectified promptly, and the information noted on the case. (please be aware that after an outcome report is shared with your employer/insurer we cannot rectify the report further)

An individual may request copies of the information we hold on them at any time or for portability reasons. These are referred to as a ‘Subject Access Request’ or SAR. If you would like access to your records, we request that it be made in writing because we manage very sensitive data and do not want to cause a breach by taking verbal instructions incorrectly, and ask that the letter includes your full name, address and date of birth and you must request copies of your occupational health, treatment or therapy records held by the Health Partners Group (or one of the named companies within it). A security check will be made to verify your identity before we will release this information.

If you believe that any information we hold about you is incorrect or incomplete, please use the ‘contact us’ page and we will rectify the error.

 

Third Parties

Our Website may, from time to time, contain links to other websites of interest. Please note, these websites have their own privacy policies and we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such websites. You should exercise caution and look at the privacy statement applicable to the website in question. 

 

Changes to our privacy notice

Any changes we may make to our Privacy notice in the future will be posted on this page.

 

Further information

Should you have any queries regarding data protection there is further information available on the UK’s ICO website at www.ico.org.uk. If you are based in Ireland, information is available  from the DPC. Their website is www.dataprotection.ie. The ICO is the government body responsible for data protection in the United Kingdom and the DPC is the governing body in Ireland.

 

Making a complaint

If you’re unhappy with any aspect of our website or this privacy statement please let us know using the contact us page. For more information please request a copy of our Complaints Policy.

If you have a complaint regarding data protection, please contact Health Partners’ Data Protection Officer via hello@healthpartnersgroup.com initially.

 

Cookies

A cookie is a piece of information that a website sends to your browser (like Internet Explorer or Firefox)

We use cookies to determine how many site visitors we’ve received – and whether these are first-time or repeat visitors. Our cookies never store any personal information about you. If you don't want us to collect any cookies, or control which cookies are collected you can choose to turn them off with your chosen browser. For more information, including how to opt out click here.

 

Accessibility

We are committed to helping you use our website. 

This website endeavours to conform to level AA of the World Wide Web Consortium's (W3C) Web Accessibility Initiative (WAI) Web Content Accessibility Guidelines 2.1 (WCAG 2.1). These guidelines explain how to make web content more accessible for people with disabilities.

For in-depth information on tailoring your computer to suit your accessibility needs, visit My Web My Way, an online guide that explains the various accessibility features provided by your web browser and operating system.

This site has been built using code compliant with W3C standards for HTML and CSS. The site displays correctly in current browsers and using standards compliant HTML/CSS code means  any future browsers will also display it correctly.

When the author of a site uses descriptive link text, all links on the page will make sense even when read out of context. For users of assistive technology (e.g. Screen-readers) this can allow them to quickly jump through pages of text to find relevant links.

Most images on this site contain additional 'alternate' text that is stored with the image. This allows users who otherwise wouldn't be able to see the image access to the stored information. Although this can help users of assistive technology (e.g. Screen-readers), this also applies to visitors who disable images because of a slow internet connection.
Any image that is considered purely decorative will have a blank alternate text (e.g. alt=""). This reduces the amount of unnecessary content on the page.

If you should experience any difficulty in accessing this website, please don’t hesitate to contact us. 

 

Disclaimer

The content of this website is for information only. Please speak to your own medical practitioner if you have any questions or concerns.

Find out more about us

Visit Our Services page to learn more about our health and wellbeing services