Patient Confidentiality

Privacy Policy for Patients

The Richard Tildesley Practice

This practice aims to meet the requirements of the Data Protection Act 2018 and the General Data Protection Regulation (GDPR) 2018 to ensure that personal information about patients is processed fairly and lawfully.

In order to provide the best care to you we will ask for information about your general and optical health. Occasionally we may receive information about you from other providers who have been involved in providing your care such as Hospital Eye Services, private eye care providers and GP surgeries. This privacy notice describes the kind of information we hold, why we hold it and what we do with it.

About us

We are The Richard Tildesley Practice, registered as Stickland Eye Care Ltd, operating at 51 West Street Chichester PO19 1RP. Paul Stickland, is the Data Controller and practice owner and is responsible for keeping secure the information about you that we hold.

Our practice manager Emma Stickland is the Data Protection Officer and ensures that the practice complies with data protection requirements that we collect, use, store and dispose of your information responsibly.

Those at the practice who have access to your information include optometrists, dispensing opticians, clinical assistants and administrative staff.

Information we hold

We can only keep and use information for specific reasons set out in law. If we want to keep and use information about you we can only do it under particular circumstances. Below, we describe the information we hold and why, and the lawful basis for collecting and using it.

Contact details

We may hold personal information about you including your name, date of birth, NI number, hospital number NHS number, address, telephone number, email address etc. This information allows us to fulfil our contract with you to provide appointments. We will also use this information to send you reminders and recall appointments as we have a legitimate interest to ensure your continuing care and make you aware of our services.

Patient records

We hold information about your general health and optical health including:

• Clinical records made by optometrists and other optical professionals involved in your care and treatment.
• OCT and Fields scans, medical photographs, of your eyes.
• Medical and optical histories.
• Treatment plans and consent.
• Dispensing records.
• Notes of conversations with you about your symptoms and care.
• Dates of appointments attended including any appointments you cancelled or failed to attend.
• Details of any complaints you have made and how these complaints were dealt with.
• Correspondence with any other health professionals or institutions.
• Details of your general medical practitioner

Financial Information

We hold information about the fees we have charged the amounts you have paid and how they were paid. Your payment card or bank account details. This forms part of our contractual obligation to you to provide optical care and allows us to meet legal financial requirements. Where your treatment is provided under the terms of the NHS we are required to complete statutory forms to allow payments to be processed. This is an NHS requirement.

How we use your information

To provide you with the optical care and treatment you need we require up to date and accurate information about you.

There are 2 types of information:

• Personal data – this is the sort of information that relates to a living individual who can be identified from the information alone, or from information combined with other data such as postcodes, DOB etc.
• Special data – This is more sensitive information we collect such as health.
  The categories of data we process in the practice are:
• Personal data – for the purposes of direct mail/correspondence.
• Personal data – for fulfilling a public authority role given by legislation eg NHS England to deliver our responsibilities
• Personal data – for taking steps to enter into an NHS contract or necessary for the performance of a contract or delivery of private optical care
• Special data – including health records for the purposes of delivering health care.

We will share your information with the NHS in connection with your treatment. Any emails sent to third parties regarding your care will be sent from the practice using a secure email address.

Sharing information

There may be instances where we need to share your information, and examples include:

• Your doctor.
• The hospital or community optical care services or other health care professionals
  NHS payment authorities.
• The Department of work and Pensions and its agencies where you are claiming exemption for NHS charges.
• Private eye Plan schemes of which you are a member.
• Laboratories or companies responsible for the construction of medical appliances.

We will only disclose your information on a need-to-know basis and will limit any information that we share to the minimum necessary. We will let you know in advance if we send your information to another medical provider and we will give you the details of that provider. In certain circumstances or if required by law, we may need to disclose your information to a third party not connected with your health care including HMRC or other law enforcement of Government agencies.

Keeping your information safe

We store your information securely on our practice computer systems. And in a manual filing system. Your information cannot be accessed by those who do not work at the practice unless under supervision. All parties with access to your information understand their legal responsibility to maintain confidentiality and follow practice procedures to ensure this.

We take precautions to ensure security of the practice premises, the filing systems and computers. We use specially developed software to record and use your personal information safely and effectively. We back up information routinely.

We keep your records for 10 years after the date of your last visit to the practice or until you reach the age of 25 – whichever is the longer. We delete and physically destroy your records after this time.

Access to your information and other rights

You have the right to access the information we hold about you and to receive a copy. You should submit your request to the practice in writing. We do not usually charge you for copies of your information. You can also request us to:

• Correct any information you believe is inaccurate or incomplete. If we have disclosed this information to a third party we will let them know about the change.
• Erase any information we hold although you should be aware that for legal reasons we may be unable to erase certain information about your treatment.
• Stop using your information – for example to send you reminders for appointments.
• Stop using information if you believe the information is inaccurate or you believe we are using it illegally.
• Supply your information to another optician.

All requests should be made by email to our Data Protection Officer Emma Stickland

The practice has a Data Opt-out policy which allows you to opt out of your data being used for research or study purposes.

If you have any concerns about how we use your information and you do not feel able to discuss this with us you should contact the Information Commissioner’s Office (ICO) Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF (0303 123 1113 or 01625 545745).

Date: November 2023