Privacy Policy

Legal Requirement

Why We Are Providing This Privacy Notice

We are required to provide you with this Privacy Notice by Law. It explains how we use the personal and healthcare information we collect, store and hold about you. If you are unclear about how we process or use your personal and healthcare information, or you have any questions about this Privacy Notice or any other issue regarding your personal and healthcare information, then please do contact our Data Protection Officer (details below).

The Law says:

1. 1We must let you know why we collect personal and healthcare information about you;
2. 2We must let you know how we use any personal and/or healthcare information we hold on you;
3. 3We need to inform you in respect of what we do with it;
4. 4We need to tell you about who we share it with or pass it on to and why;
5. 5We need to let you know how long we can keep it for.

Data Controller

Who We Are

We, are Dr Nijjer Ltd ('the Practice'), and we provide medical care at a number of clinics. Our principal base is at 68 Harley Street, London, W1G 7HE. Dr Sukhjinder Nijjer is a Registered Data Controller of your information. This means we are responsible for collecting, storing and handling your personal and healthcare information when you register with us as a patient. Our website address is: https://drnijjer.com.

Healthcare Data

What Personal Data We Collect and Why

There may be times where we also process your information. That means we use it for a particular purpose and, therefore, on those occasions we may also be Data Processors. The purposes for which we use your information are set out in this Privacy Notice.

We collect information about you to perform our routine medical care. The information we collect from you may include:

1. 1Your contact details (such as your name, home and email addresses, telephone/mobile numbers, including place of work and work contact details);
2. 2Your age range, gender, ethnicity;
3. 3Details and contact numbers of your next of kin;
4. 4Details of your General Practitioner and other health care professionals involved in your care;
5. 5Details in relation to your medical history and use of current and prior medication;
6. 6The reason for your visit to the Practice;
7. 7Medical notes and details of diagnosis and consultations with Dr Nijjer and other health professionals that you have seen, either in the Practice, or at other healthcare institutions (including other clinics and hospitals, both private and NHS), involved in your direct healthcare;
8. 8Details pertinent for insurance reports or driving licence authorities.

Website & Digital

What Personal Data Is Collected by This Website

This website and electronic communications with Dr Nijjer Ltd also mean there is information about you that is collected. This can include the following:

1. 1Information that you submit when filling in online forms will be used to respond and answer your query. The information you submit will be shared with Dr Nijjer Ltd staff and affiliated staff to provide you with appropriate service and care. It will not be shared with persons outside of Dr Nijjer Ltd or affiliated staff without your prior explicit consent and only if additional advice is deemed necessary.
2. 2Any information you provide to us through online forms or by email etc, will be deemed that you consent for us to process such information in order for us to adequately respond. Any information you provide on behalf of someone else will be deemed that you have their consent to do so.
3. 3The website content is not encrypted and can be accessed without registering or the need to provide personal information. By using the www.drnijjer.com website, you agree to Dr Nijjer Ltd placing cookies on your computer or device.
4. 4Cookies are pieces of information that a website temporarily places in a cookie file on your computer or device when visiting a website. Cookies enable users to navigate the website more easily by remembering pages visited and to recognise a user's device and browser.

Dr Nijjer Ltd uses a third-party cookie called Google Analytics. This allows us to collect information such as your IP address, the number of visitors to our site, pages visited, time on site and if you requested information from the website. This information is used to understand usage behaviour and help us improve the navigability of our website for users.

You are able to disable cookies. Disabling cookies may prevent the site working as expected and may prevent access to certain areas.

Cookie Policy

Cookies

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Use of Information

The Purpose of the Information We Collect From You

Dr Nijjer Ltd securely stores your personal data and will only use it for the purpose it was supplied to us for; to provide healthcare input, appointments, treatment and ongoing medical care.

Your personal information may be used for billing and payment purposes. Your personal information may be used by staff from One Heart Clinic, who provide administration services to Dr Nijjer Ltd.

Your personal information may also be used by the companies or providers of healthcare testing and this will depend upon the clinics and hospitals in which testing or therapeutic procedures are performed. In the case of third parties, they may require you to complete registration and consent forms in addition to those that you have completed at other clinics. We will not share your information with a third party, without your explicit consent or instruction.

We seek to have your consent prior to sending your personal information and medical reports to you electronically. Direct emails or 'instant'-messages between you and Dr Nijjer Ltd are not encrypted and your use of such communication technologies is deemed as consent to utilise such technologies to discuss your medical condition and ongoing healthcare.

Weblinks to other websites are not covered by this policy.

Data Sharing

Who Might We Share Your Data With?

Whenever you use a health or care service, such as attending our clinics with Dr Nijjer Ltd, or attending your GP, an Accident & Emergency Department or using Hospital Services, important information about you is collected to help ensure you get the best possible care and treatment. The most common people with whom the information will be shared is your GP. Other clinicians may need information about your health to provide accurate and appropriate healthcare.

The following clinicians may require your information:

• Other Hospital specialists
• Your GP or other GPs
• Pharmacists
• Nurses or specialist nurses
• Dentists
• Opticians

Dr Nijjer Ltd does not share your information with non-medical teams but may be required to share information with your insurance company. The insurance company will specifically ask your permission if this information they have requested. On occasions, for audit purposes, Dr Nijjer may be required to share clinical information about your case with your insurer. This is because some insurers require specific information to authorise financial coverage for invasive procedures.

Retention

How Long We Retain Your Data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Patient Rights

What Rights You Have Over Your Data

Your medical data belongs to you and you may request it at any time. We will provide you the data within a reasonable time frame. Dr Nijjer Ltd will include the patient in all correspondence relevant to the patient.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Visitor comments may be checked through an automated spam detection service.

Data Security

How Do We Keep Your Personal Data Secure?

We keep your personal data secure on a recognised encrypted platform. All personal data is accessed only for the purpose of delivering a service to you. It is collected, stored and processed by Dr Nijjer Ltd in line with Data Protection Legislation.

Unless we have your explicit consent, we will not disclose your personal information to anyone, except: members of Dr Nijjer staff with legitimate reason, your referrer and authorised persons involved in your care, or as required by law, or we have a legitimate reason to do so.

• PC access is by user account
• Data, when sent electronically, is sent by secure end-to-end exchange switch which prevents unauthorised access — this can be audited, made time limited, and have access revoked
• Staff training in Information Governance is maintained
• Access permissions are controlled

Website Terms

This Website

GDPR & Data Protection Act

Data Processing

It is important that patients have the information easily accessible and we are transparent about what information we collect, why we collect it, what we do with it, who has access to it, how long we keep it and what rights the patient has — and what you can do if you believe we have not acted appropriately with your data. This is a key element in the EU General Data Protection Regulation (GDPR) and the Data Protection Act 1998 and shortly to be published 2018. Combined, these make up the Data Protection Legislation.

This notice sets out our obligation and your rights in regard to this legislation and how Dr Nijjer Ltd will use your data for the lawful purpose to deliver care to you.

Concerns & Complaints

Complaints

If you believe we are not processing your personal data appropriately or are not holding it securely, you can in the first instance complain to the Data Controller care of info@drnijjer.com.

If you have a complaint about how we hold or process your personal data, in the first instance, please email the Data Controller at One Heart Clinic care of enquiries@oneheartclinic.com and Dr Nijjer at info@DrNijjer.com. Alternatively write to The Data Controller at One Heart Clinic, 68 Harley Street, London, W1G 7HE.

If you remain unsatisfied with our response, you may contact the Information Commissioner's Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or online at www.ico.gov.uk.