Data Privacy Policy

Return to homepage

Last updated: May 16, 2018

Executive Summary

This document (dated 16th May 2018) aims to outline the practices, intentions and processes of Health Optimising UK with regards to data storage & processing in a fully transparent and coherent manner.

By producing this document, we are showing full compliancy with the General Data Protection Regulation law which takes effect on 25th May 2018. This law aims to protect the personal data of consumers in an increasingly digital world, and to help them better understand how said data is used internally by companies.

If you have any questions, queries or concerns about anything mentioned in this document, or anything else relating to the storage of data at Health Optimising UK, then please don't hesitate to get in touch with our Patient Service Team (winchester@healthoptimising.co.uk who will liaise with our Data Protection Officer (DPO) to do our best to help you.

Our policy document will go through:

  • the types of data which we store
  • the reasons behind us storing this data
  • how you consented to us using it
  • our approach to the storing of children’s data
  • who we are sharing this data with
  • how you can change any of the data which we are storing
  • how you can request to have your data removed
  • how we react to data breaches
  • how you can make a complaint should you so wish.

Mission Statement
We pride ourselves on the attention and care given as part of our patient service, and aim to do the same with patient data. Our number one data protection priority is that the confidential health information held internally is handled and protected with the greatest care and respect possible.

What data we are storing

As part of our onboarding process for our clinical services, we need to store personal information about our patients to support an efficient administration process. This includes name, date of birth, address, telephone numbers (home & mobile), social media handles and email address.

Beyond this, in order to support our clinical and consultation services, we also store information about past and present health issues, which may include information about, but not limited to, illnesses, treatments, medications, diet and lifestyle. These are mostly stored in the form of a questionnaire filled out by patients prior to an initial consultation.

Moving forward from the onboarding process, we store diagnostic information following appointments in the form of notes and reports delivered to patients through our digital portal Patient Hub (explained below). We also store information about prescriptions given to patients and instructions on how to follow them. Additionally, we store test results and other documents pertinent to our patients’ health, which may be provided by 3rd parties (e.g. laboratories).

We may also store information about how our patients use Patient Hub in order to continue optimising our platform for a better user experience. And we may store information about visitors to our website. This is done completely anonymously so we cannot know who is using it or where they are.

We may also store information about how often our patients open and read newsletters sent through our email marketing platform in order to optimise our outbound emails for greater uptake.

We may also temporarily store payment information on our e-commerce platform when patients order products from our online store in order to process payments.
Such information is fully encrypted and we provide a highly secure environment with tools that enable us to constantly and accurately detect and prevent fraudulent access.

Why we are storing it

The primary reason behind storing personal details is for efficient administration to aid the process of onboarding a new patient, engaging and managing with existing patients, as well as offboarding inactive or outgoing patients.

Knowing information such as past illnesses or treatments may help our therapists and clinicians to better perform their duties and ascertain the underlying causes more quickly.

Failure to have a full health picture may result in less effective diagnosis and treatment, which is why it is important that we store such information to support an accurate diagnosis and effective health protocol.

Storing appointment notes, reports, prescriptions and other relevant information across a patient's lifetime at the clinic enables us to keep track of the progress of a patient over time also and provides context to future treatments.

Analysing patient habits on our digital platform, Patient Hub, as well as our outbound email marketing results in a better user experience for the patient. We can use the data collected to make amendments to the design and functionality of our platform to make using it easier and more enjoyable.

Analysing visitor usage on our website through the use of Google Analytics results in a better user experience for any future website visitors.

The data collected through our email marketing platform enables us to similarly optimise our occasional outbound emails to patients to ensure they are non-intrusive and easy to digest.

We need to store payment information temporarily to process payments when patients make a purchase on our online store powered by our e-commerce platform. This information is fully encrypted and kept within a highly secure environment.

Consent to store it

By becoming a patient of Health Optimising UK, you agree to our Terms & Conditions, Data Privacy Policy and usage of your email for marketing purposes.

Upon activation of new patient accounts on Patient Hub, our digital health platform, new patients agree to our Terms & Conditions, Data Privacy Policy and usage of their email for marketing purposes. They do this by physically opting-in by checking a checkbox that confirms their agreement. They may receive an additional email asking them to double opt-in for marketing emails.

Existing patients of Health Optimising UK who receive e-communications, will be sent a GDPR notification email which lets them opt-out should they wish to do so. Existing patients of Health Optimising UK who have opted out of e-communications and / or Patient Hub, will have been asked to double check, and sign a new consent form in-clinic.

Visitors are notified upon visit of our website that we are using cookies to track their data anonymously and therefore measure user behaviour on Google Analytics. They are not required to opt-in for consent, but are allowed to block our website from tracking such information by visiting their web browser’s security settings.

Our approach to children’s data

We take our patient's data extremely seriously, especially when it comes to underage children.

The GDPR law sets the age when a child can give their own consent to this processing at 16 (although this may be lowered to a minimum of 13 in the UK following 'Brexit'). If a child is younger then we will need to get consent from a person holding 'parental responsibility'.

In the case of our child Patient Hub accounts, we always request the explicit consent from a parent or guardian to store their information in digital format.

Where we are storing data

Data stored on paper is stored under lock and key in a highly secure place within Health Optimising UK building currently located at 1 Lake Court, Hursley, Winchester, Hampshire SO21 2LD as of April 2018.

Data stored digitally is currently stored in two highly secure places:

  • Dropbox - file sharing service
  • Patient Hub - digital health platform

Dropbox

Dropbox is our internal file sharing service which allows us to securely and easily collaborate on documents relating to the clinic and its patients. It is a HIPAA-compliant cloud service that is committed to delivering secure and cloud-native content services to their customers worldwide. They embed security and resilience not only into their products, but into the very fabric of their enterprise.

Dropbox effectuates EU personal data transfers pursuant to their Processor Global Binding Corporate Rules and Controller Global Binding Corporate Rules (BCRs) approved in August 2016 by the European Data Protection Authorities. Their BCRs FAQs help address common queries and answers.

They are certified under the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) System and help their customers meet new global privacy obligations such as those relating to the Global Data Protection Regulation (GDPR). You can read more about their privacy policy on their website.

Access to our Dropbox Business account is strictly restricted to the core medical team at The Naturopathic Centre and is also limited to clinic and personal computers in a clinic environment.

Patient Hub

Patient Hub is our custom-built digital health platform that helps facilitate our niche service for both our patients as well as our staff internally.

Our platform and its data are securely held on Amazon’s AWS (Amazon Web Services) servers. This immediately puts us under Amazon’s protection with a variety of protocols in place to mitigate the potential for things like DDoS (distributed denial-of-service) attacks. The data stored in Amazon S3 is also protected with Amazon Macie, which uses machine learning to automatically discover, classify, & protect sensitive data in AWS.

Our website is also protected using a high-quality SSL certificate which offers SHA-2 and 2048-bit encryption, some of the strongest available on the market. Our SSL certificate protects your sensitive information by encrypting the data you send to us, then decrypting it once we have received it securely.

Furthermore, our staff members are changing their passwords on a regular basis to ensure no harmful or malicious access to their accounts.

We currently use AWS’ EU-West 2 servers. These are located in Amazon’s new region in London, find out more about their release here.

Our payment processing is provided by Stripe which ensures that we provide a highly secure environment to be processing our patients’ payments. All payment details with them are encrypted on disk with AES-256 and the decryption keys are stored on separate machines. They also offer further tools like ‘Radar’ that enable us to constantly and accurately detect and prevent fraudulent access.

Who are we sharing it with

All health data which we store is exclusively held and shared internally within Health Optimising UK and is not shared with any 3rd parties for any purposes (research, etc). The only exception to this would be if we needed to involve a third party such as a laboratory (UK, EU or US-based) or provider of devices, but this would only be done with the strict consent and acknowledgement of the patient.

The patient may, should they choose to do so, decide to share their health data with a third party provider such as Apple or Fitbit through the use of a connected device like an Apple Watch or health service like Apple Health which monitors and stores health information.

Such an integration between Patient Hub and connected devices may be explored in future by Health Optimising UK but if progressed would be fully acknowledged and announced to patients, with consent sought.

We share your top-line personal information with our email marketing platform, Mailchimp, and this is limited to your name and email address. This information may also be shared very occasionally with our trade partners for the purposes of sending products ordered directly to you.

We will share your data with Health Tech Services, a worldwide clinic group which we joined in May 2018. This only applies to patients who will be receiving Health Optimising Assessments and Health Optimising Treatment. Reviewing information and data from all assessments and treatments helps us to improve our service to patients. This data is to be held on a secure server for as long as it’s relevant to our patients.

International Transfer

Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside United Kingdom and choose to provide information to us, please note that we transfer the information, including Personal Information, to United Kingdom and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. In the event that a dispute arises with regards to the international transfer of data, you agree that the courts of England and Wales shall have exclusive jurisdiction over the matter.

How long we store your data for

All patient data is stored on our systems indefinitely until a patient submits a takedown request of their data by contacting the Data Protection Officer.

The records shall be kept for at least 7 years following the last occasion on which treatment was given. In the case of treatment to minors, their records are kept for 7 years after they reach the age of majority (18).

In the event that a patient dies, their data will be removed immediately upon receipt of notification of their death by a next of kin or other contact.

Anonymous visitor data stored on Google Analytics, collected upon visit of our website, is stored for a total of 26 months before it is removed.

How we handle data change requests

All of the data which we store is wholly owned by the patient or user in question, who are therefore entitled to submit a change request.

This can be done either by email to our Data Protection Officer (see contact information at bottom of document) or by amending their information in the ‘My Details’ tool on Patient Hub which is where their personal information will be stored. Email changes must be requested through the Patient Manager by email.

Any amends or censoring of health information stored within the patient-read-only tools on Patient Hub such as ‘My Reports’ and ‘My Prescriptions’, or on our internal file sharing service, can only be requested by email to our Data Protection Officer.

This change request should clearly outline the type of data which should be changed and the content of this data which is to be changed, along with basic details such as name and contact information. An example of this could be changing a name, an address or a telephone number.

These requests can be made free of charge, unless they are deemed unfounded or excessive by the Data Protection Officer and executive team of Health Optimising UK. We must comply with these requests within 30 days of acknowledgment of receipt of request.

Please note that we reserve the right to refuse or charge for requests that are manifestly unfounded or excessive, and that if we refuse such a request then we must tell the individual in question why and inform them that they have the right to complain to a supervisory authority and to a judicial remedy. We must do this without undue delay and at the latest, within one month.

How we handle takedown requests

All of the data which we store is wholly owned by the patient or user in question, who are therefore entitled to submit a takedown request in order to remove their data from our paper and digital systems.

Please note that in doing so, a patient could potentially jeopardise any future involvement they have with Health Optimising UK or other clinic by losing valuable clinical and diagnostic information. The loss of this information is permanent and non-reversible.

This can only be done by submitting a clear and well-written email to our Data Protection Officer (see contact information at bottom of document) outlining your personal information, the extent of the takedown (i.e. what data) and any reasoning behind requesting the takedown.

Confirmation of a successful takedown will then be sent to the patient in question upon completion, along with an assurance that their email will no longer be stored in our internal system and that communication would cease moving forward.

These requests can be made free of charge, unless they are deemed unfounded or excessive by the Data Protection Officer and executive team of Health Optimising UK. We must comply with these requests within 30 days of acknowledgment of receipt of request.

Please note that we reserve the right to refuse or charge for requests that are manifestly unfounded or excessive, and that if we refuse such a request then we must tell the individual in question why and inform them that they have the right to complain to a supervisory authority and to a judicial remedy. We must do this without undue delay and at the latest, within one month.

How we react to a data breach

Our policy on handling data breaches is broken down into 4 major steps: acknowledgement, notification, action and confirmation.

This process enables us to quickly react to a breach and solve the problem to prevent any further leaks of our patients’ data.

Please note that the likelihood of this happening is extremely low, but not impossible. Data breaches even occur at the highest level of security in government organisations for example, meaning that all businesses are open to a certain level of danger of being hacked. However, with our process in place, and extensive security measures protecting our patients’ data, we reduce this likelihood to a minimal level.

Acknowledgment

The first step in handling a data breach is acknowledging its presence. By storing our data on Amazon Web Services (AWS) we are immediately covered by their advanced security service Amazon Macie.

Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides us with dashboards and alerts that give visibility into how this data is being accessed or moved.

Additionally, we use AWS CloudTrail to keep an accurate log of all interactions. AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of our AWS account. With CloudTrail, we can log, continuously monitor, and retain account activity related to actions across our AWS infrastructure.

If a data breach should occur, these services should enable us to immediately be notified and then to make all relevant staff members in Health Optimising UK aware that a breach has occurred.

Notification

We are legally required to notify the Information Commissioner’s Office (ICO) in the event of a data breach, no matter how small or insignificant it may be. Upon acknowledgment and confirmation of a data breach, we would immediately report a concern with the ICO and give full details of the breach and how it may affect our patients.

They will then acknowledge receipt of our notification, and provide us with any further steps or requests needed as part of their filing of the breach.

Additionally, we would send out an email to all of our patients notifying them that a data breach has occurred, the extent of said breach and what steps we are then taking to ensure that the breach is fixed and how we can recover any lost data or prosecute any liable parties.

Our ultimate goal is to be fully transparent, as we are aware of the sensitivity of the data we are storing and how important it is to our patients that this be kept confidential and secure.

Action

Whilst notifying the ICO and our patients of a brief, our technological partners, Stanga AD, would be notified of the breach and contracted to solve it immediately through the use of AWS’ security tools.

They will be able to identify the origin of the breach, and then solve it by implementing new security protocols and code measures to block any further intrusions.

Additionally, they would provide a full report indicating the details of the breach, including what data may have been tampered with, downloaded or outright removed and how we can go about recovering any lost data and rolling back to a previous backup to ensure that any tampered data is reverted to its previous iteration.

Confirmation

Once the breach has been fixed, any subsequent effects reverted and a full report has been produced, we will send out an additional email to the ICO and our patients notifying them of the problem being solved.

How we process complaints

Any complaints with regards to our handling, storing and sharing of patient data within the clinic, whether this be on paper or digitally, are handled by our Data Protection Officer (DPO).

Please email our Patient Service Team (winchester@healthoptimising.co.uk) who will liaise with our DPO to do our best to help you.

They will review all complaints and decide on the best person to forward this onto if additional information or detail is required from our technological consultant and / or partners. Otherwise, they will provide a response in a timely manner, as per our hours of business.

If a complaint is passed on that requires managerial input, then it will be given to our Clinical Director, Lisa Steel, to review and discuss with our executive team.

Contact information

If you have any questions, queries or concerns about anything mentioned in this document, or anything else relating to the storage of data at Health Optimising UK, then please don't hesitate to get in touch with our Patient Service Team (winchester@healthoptimising.co.uk) who will liaise with our Data Protection Officer (DPO) to do our best to help you.

Document subject to change

This policy document may be altered in future to suit new incoming laws, new partnerships or other variables. We will always notify our patients of any changes made to this document, however, by agreeing to our Terms & Conditions and this document in particular, you agree to future changes which Health Optimising UK deems to be minor. In the rare instance that a major change is made to our policy, we will seek outright re-consent from our patients.