Privacy Policy

Who we are

TyneHealth is a GP federation representing all 27 practices in North Tyneside. Together with our GP members, we deliver improved health care in the community to over 215,000 residents, closer to patients’ homes.  We are registered in England and Wales under registration number 05927008.

TyneHealth takes your privacy rights very seriously and are committed to always protecting and respecting these rights.   This privacy policy sets out the way in which the personal information you provide to us (and the information collected by us) is handled, stored and processed.

TyneHealth is registered with the Information Commissioner’s Office for data protection purposes (registration number Z1096290).

Scope of this Privacy Policy

This Privacy Policy relates to all personal information collected and used by TyneHealth either in relation to our staff, our business contacts, website users and individuals who access our services.   It provides an overview of how we use this personal information and your rights in relation to this use.

The majority of TyneHealth clinical services are delivered on behalf of practices within the North Tyneside area.  Where this is the case, further information on use of this information can be found in the relevant practice’s privacy notice.

In addition all TyneHealth potential or existing staff will be provided with an Employee Privacy Notice.

Information we use

We collect and use different types of information for different purposes.  These include:

  • Information that you provide to use when using our services, or that is generated in the course of the use of these services e.g. if you use one of our clinical services such as North Tyneside Care Plus or a service provided by us through your GP practice (out of hours doctors services, sexual health services etc).  Information collected may include your personal contact details and any health information needed to deliver the service to you)
  • Information that you may provide to us through our recruitment processes or as a TyneHealth member of staff
  • Information contained in or relating to any communications that you send to us or send through our website (including the communication content and meta data associated with the communication)
  • Any other personal information that you choose to provide to us

Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.

Source of information

We collect personal information from a number of different sources, including:

  • directly from you. For example, when you access healthcare services, submit a query to us including via our website, by email or post
  • from other healthcare organisations, such as your GP, an NHS body or a private healthcare, for example in order to access your medical records

How we use your information

We may use your information for a number of different purposes.  For each purpose we must have a “legal ground” to use your personal information in such a way.  When the information that we process is classed as sensitive personal information/ special categories of personal information, we must have a specific, additional “legal ground” to process such information.

Generally we will rely on the following “legal grounds”, as appropriate:

  • We have a legal or regulatory obligation to use such personal information. For example, where our regulators require us to hold certain records of our dealings with you.
  • We need to use your personal information in order to protect your vital interests or those of a third party. For example, in order to ensure your safety or the safety of others.
  • We need to use your personal information for the performance of a task carried out in the public interest or in the exercise or our official authority. For example, in order to provide healthcare services.
  • We need to use your personal information for purposes of medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems. For example, in order to provide healthcare services and treatment to you.
  • We need to use such personal information to establish, exercise or defend our legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves.
  • We need to use your personal information to manage employment practices as part of our recruitment and staffing processes
  • You have consented to the use of your personal information

Uses of your information which rely on some of the legal grounds detailed above include:

  • Providing healthcare and related services
  • Administration and management of healthcare services (such as maintaining records, receiving professional advice)
  • Service improvement, evaluation and audit (in order to improve the healthcare we provide, and to protect and improve the health of the public)
  • Communicating with you and resolving any queries or complaints that you might have
  • Complying with our legal and regulatory requirements
  • Safeguarding purposes (for example, in order to ensure the health and safety of an individual)
  • Preventing and investigating fraud. This might include sharing your personal information with third parties such as the police or fraud prevention agencies, for example, NHS Counter Fraud Authority or Audit One
  • Managing staff employment and recruitment
  • Delivering the TyneHealth website
  • Responding to enquiries or complaints received

Cookies Policy

Cookies are small text files that are placed on your computer by websites that you visit to distinguish you from other users of the site. At the current time, TyneHealth do not use any cookies in running its website.  If these are used in the future, you will clearly be made aware of this and will have the opportunity to consent to the use of these cookies when you first access the site.

Profiling

At the current time, we do not use your information to actively profile you or to make decisions based on characteristics of our service users, neither do we carry out any automated processing of your personal information that would lead to significant decisions being made about you.

When we might disclose your information

We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as is reasonably necessary for the purposes set out in this policy.  We will also share information with your GP for the purpose of providing appropriate ongoing medical care.

We may disclose your personal information:

  • to the extent that we are required to do by law
  • in connection with any ongoing or prospective legal proceedings
  • in order to establish, exercise or defend our legal rights (including providing information to others for the purpose of fraud prevention and reducing credit risk)
  • to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such or authority would be reasonably likely to order disclosure of that personal information

Except as provided in this policy, we will not provide your personal information to third parties or share or process any of your personal information outside the EU.

How we store your information

Your information is transferred, stored and processed securely and in accordance with this privacy policy. We have strict measures, procedures and security features to prevent unauthorised access to your information. Although all appropriate technical security measures have been taken to protect your personal information, be aware that the transmission of any information via the internet is never completely secure and as such any transmission of personal information is made at your own risk.

How long we keep your information for

Personal information that we process for any purpose shall not be kept for longer than is necessary for that purpose.   Notwithstanding the other provisions of this section, we will retain your personal information: 

  • to the extent that we are required to do so by law 
  • if we believe that the information may be relevant to any ongoing or prospective legal proceedings 
  • in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk) 
  • to support the ongoing business purposes of TyneHealth as specified above (with due consideration for the rights and freedoms of individuals privacy)

If you would like further details of how personal information is retained by our organisation, please contact us directly. 

Your rights

You have a number of rights under Data Protection law including: 

  • The right to be informed about the collection and use of your personal information e.g. via this privacy notice
  • The right to access your personal information
  • The right to have any inaccurate personal information rectified, or completed if it is incomplete
  • The right to have your personal information erased in certain circumstances (please note that information which is clinically relevant cannot be deleted from medical records, although notes relating to accuracy etc can be added and access appropriately restricted as necessary)
  • The right to request the restriction or suppression of their personal information in certain circumstances
  • The right to data portability - to obtain and reuse your personal information for your own purposes across different services
  • The right to object to our use of your information in certain circumstances e.g. for marketing or profiling purposes

If you would like to access your own personal information or exercise any of the rights detailed above, please contact us by email email address

In the majority of cases, we will respond to your request within one month of receiving the necessary information required to deal with your request.

We may ask you to supply appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport plus an original copy of a utility bill showing your current address) and any additional information to help us to deal with your request effectively.

There may be some exemptions to dealing with your rights as specified in Data Protection law, but we will ensure you are fully informed of this within a month of receiving your request. 

Full information on your rights under the Data Protection Act can be found from the following link: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.  

If you have a concern that cannot be resolved through discussion with us, these can also be raised with the Information Commissioner’s Office.  More information can be found from the following link https://ico.org.uk/concerns/

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page, so please check from time to time to see if there are any changes.

Contact

Questions, comments and requests regarding this privacy policy or about the way we use your personal information are welcomed and should be addressed to email address.