We understand how important it is to keep your personal information safe and secure and we take this very seriously. We have taken steps to make sure your personal information is looked after in the best possible way and we review this regularly. This document contains information on how we about how we use the personal and healthcare information we collect on your behalf. This document contains comments on your health-related data that will be collected as part of healthcare provision, as well as your data generated by the use of this website. This is relevant because all websites generate data that is personal to you and you have a right to understand what this data includes.
Why We Are Providing This Privacy Notice
We are required to provide you with this Privacy Notice by Law. It explains how we use the personal and healthcare information we collect, store and hold about you. If you are unclear about how we process or use your personal and healthcare information, or you have any questions about this Privacy Notice or any other issue regarding your personal and healthcare information, then please do contact our Data Protection Officer (details below).
The Law says:
- We must let you know why we collect personal and healthcare information about you;
- We must let you know how we use any personal and/or healthcare information we hold on you
- We need to inform you in respect of what we do with it;
- We need to tell you about who we share it with or pass it on to and why;
- We need to let you know how long we can keep it for.
Who we are
We, are Dr Nijjer Ltd (‘the Practice’), and we provide medical care at a number of clinics. Our principal base is at 68 Harley Street, London, W1G 7HE. Dr Sukhjinder Nijjer is a Registered Data Controller of your information. This means we are responsible for collecting, storing and handling your personal and healthcare information when you register with us as a patient. Our website address is: https://drnijjer.com.
What personal data we collect and why we collect it
The Data Protection Officer at the Dr Nijjer Ltd is Dr Sukhjinder Nijjer. You can contact him at : email@example.com if:
- You have any questions about how your information is being held;
- If you require access to your information or if you wish to make a change to your information;
- If you wish to make a complaint about anything to do with the personal and healthcare information we hold about you;
- Or any other query relating to this Policy and your rights as a patient.
What personal data we collect and why we collect it
There may be times where we also process your information. That means we use it for a particular purpose and, therefore, on those occasions we may also be Data Processors. The purposes for which we use your information are set out in this Privacy Notice.
We collect information about you to perform our routine medical care. The information we collect from you may include:
- Your contact details (such as your name, home and email addresses, telephone/mobile numbers, including place of work and work contact details);
- Your age range, gender, ethnicity
- Details and contact numbers of your next of kin;
- Details of your General Practitioner and other health care professionals involved in your care
- Details in relation to your medical history and use of current and prior medication;
- The reason for your visit to the Practice;
- Medical notes and details of diagnosis and consultations with Dr Nijjer and other health professionals that you have seen, either in the Practice, or at other healthcare institutions ( including other clinics and hospitals, both private and NHS), involved in your direct healthcare;
- Details pertinent for insurance reports or driving licence authorities.
What personal data is collected by this website
This website and electronic communications with Dr Nijjer Ltd also mean there is information about you that is collected. This can include the following:
- Information that you submit when filling in online forms will be used to respond and answer your query. The information you submit will be shared with Dr Nijjer Ltd staff and affiliated staff to provide you with appropriate service and care. It will not be shared with persons outside of Dr Nijjer Ltd or affiliated staff without your prior explicit consent and only if additional advice is deemed necessary.
- Any information you provide to us through online forms or by email etc, will be deemed that you consent for us to process such information in order for us to adequately respond. Any information you provide on behalf of someone else will be deemed that you have their consent to do so.
- The website content is not encrypted and can be accessed without registering or the need to provide personal information. By using the www.drnijjer.com website, you agree to Dr Nijjer Ltd placing cookies on your computer or device.
- Cookies are pieces of information that a website temporarily places in a cookie file on your computer or device when visiting a website. Cookies enable users to navigate the website more easily by remembering pages visited and to recognise a user’s device and browser.
Dr Nijjer Ltd uses a third-party cookie called Google Analytics. This allows us to collect information such as your IP address, the number of visitors to our site, pages visited, time on site and if you requested information from the website. This information is used to understand usage behaviour and help us improve the navigability of our website for users.
You are able to disable cookies. Disabling cookies may prevent the site working as expected and may prevent access to certain areas.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Comment data may be passed through specialist services that assess for Spam.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
This website uses Google Analytics to understand who visits the website and to understand how the website is being used. At the time of writing Google Analytics is GDPR compliant.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
The Purpose of the Information We Collect From You
Dr Nijjer Ltd securely stores your personal data and will only use for it for the purpose it was supplied to us for; to provide healthcare input, appointments, treatment and ongoing medical care.
Your personal information may be used for billing and payment purposes. Your personal information may be used by staff from One Heart Clinic, who provide administration services to Dr Nijjer Ltd.
Your personal information may also be used by the companies or providers of healthcare testing and this will depend upon the clinics and hospitals in which testing or therapeutic procedures are performed. In the case of third parties, they may require you to complete registration and consent forms in addition to those that you have completed at other clinics. We will not share your information with a third party, without your explicit consent or instruction.
We seek to have your consent prior to sending your personal information and medical reports to you electronically. Direct emails or ‘instant’-messages between you and Dr Nijjer Ltd are not encrypted and your use of such communication technologies is deemed as consent to utilise such technologies to discuss your medical condition and ongoing healthcare.
Weblinks to other websites are not covered by this policy.
Who might we share your data with?
Whenever you use a health or care service, such as attending our clinics with Dr Nijjer LTD, or attending your GP, an Accident & Emergency Department or using Hospital Services, important information about you is collected to help ensure you get the best possible care and treatment. The most common people with whom the information will be shared is your GP. Other clinicians may need information about our health to provide accurate and appropriate healthcare.
The following clinicians may require your information:
- Other Hospital specialists
- Your GP or other GPs
- Nurses or specialist nurses
Dr Nijjer LTD does not share your information with non-medical teams but may be required to share information with your insurance company. The insurance company will specifically ask your permission if this information they have requested. On occasions, for audit purposes, Dr Nijjer may be required to share clinical information about your case with your insurer. This is because some insurers require specific information to authorise financial coverage for invasive procedures.
What rights you have over your data
Your medical data belongs to you and you may request it at any time. We will provide you the data within a reasonable time frame. Dr Nijjer Ltd will include the patient in all correspondence relevant to the patient.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Visitor comments may be checked through an automated spam detection service.
The content, images and graphics on this website belong to Dr Nijjer Ltd, except where stated. You may print or download content for your personal use; however, you must not reproduce any material on this website for any commercial use without first obtaining our written permission.
Reliability of Information Found on this Website
The content on this website is for information purposes only and the medical information must not be taken as a diagnosis of any symptom or condition that may be affecting you. Likewise, any suggested treatments are provided as an indication of likely procedures, although may not be suitable for everyone.
In any cases where you are suffering from symptoms, you should seek medical opinion.
Although reasonable efforts are made to check that pages and files are free of defects and errors. No guarantees can be made that they are virus free. Therefore, no warranty or guarantee is given by Dr Nijjer Ltd regarding files downloaded or accessed.
You have the right to know what personal information we hold about you. You have the right to request a copy of this information. You have the right to have any mistakes corrected. You have the right to ask us to stop processing your data and where it does not breach our legislative duty to maintain your medical record for a minimum period of time, to have it deleted. You have the right to data portability – meaning you can request your personal information be sent to another medical provider. We however, will still maintain your medical record as part of legislation for the minimum retention period.
If you wish to exercise any of these rights, you should make a Subject Access Request to the Data Controller, care of firstname.lastname@example.org where your request will be acted on within 1 month.
If you believe we are not processing your personal data appropriately or are not holding it securely, you can in the first instance complain to the Data Controller care of email@example.com.
If you remain unsatisfied, you should write to the Information Commissioners Office.
It is important that patients have the information easily accessible and we are transparent about what information we collect, why we collect it, what we do with it, who has access to it, how long we keep it and what rights the patient has. And what you can do if you believe we have not acted appropriately with your data. This is a key element in the EU General Data Protection Regulation (GDPR) and the Data Protection Act 1998 and shortly to be published 2018. Combined, these make up the Data Protection Legislation.
This notice sets out our obligation and your rights in regard to this legislation and how Dr Nijjer Ltd will use your data for the lawful purpose to deliver care to you.
What types of data do we collect?
Broadly, there are two types of data: Personal Data and Sensitive Data.
Personal Data is anything meaning information relating to an identifiable living person. This can be either direct or indirect. Examples of this, but not limited to are name, date of birth, address etc.
Sensitive Data includes such information, but not limited to, medical history including medical records, appointments, communications with you, results, race, ethnicity, sexual orientation and religious beliefs.
Why does Dr Nijjer Ltd collect personal data?
In order for Dr Nijjer Ltd to respond to queries, provide care and follow up treatment, it is necessary to collect some personal data. We will only collect the minimum amount necessary in order to fulfil this. It is necessary to have a minimum amount of data to allow us to verify your identity when you contact us.
Who can access my personal data?
All personal data is accessed only for the purpose of delivering a service to you. It is collected, stored and processed by Dr Nijjer Ltd in line with Data Protection Legislation.
Unless we have your explicit consent, we will not disclose your personal information to anyone, except: members of Dr Nijjer staff with legitimate reason, your referrer and authorised persons involved in your care, or as required by law, or we have a legitimate reason to do so.
How do we keep your personal data secure?
We keep your personal data secure on a recognised encrypted platform.
PC access is by user account.
Data, when sent electronically is sent by secure end to end exchange switch which prevents unauthorised access which can be audited, be made time limited and have access revoked. We also maintain staff training in Information Governance.
Access permissions are controlled.
How long is your personal data held?
We will not keep your personal data for longer than is necessary. Data retention is guided by the NHS Records Management Code of Practice and by the Department of Health.
What are your rights?
You have the right to
- Ask what personal data we hold on you,
- Request a copy of your personal data,
- Have any mistakes rectified,
- To keep your records up to date,
- Ask us to delete personal data.
It should be noted that legislation may prevent us from carrying out your request.
If you have a complaint about how we hold or process your personal data, in the first instance, please Email the Data Controller at One Heart Clinic care of firstname.lastname@example.org and Dr Nijjer at info@DrNijjer.com. Alternatively write to The Data Controller at One Heart Clinic, 68Harley Street, London. W1G 7HE
If you remain unsatisfied with our response, you may contact the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or online at www.ico.gov.uk.
Dr Nijjer Ltd is registered with the ICO.