What is a privacy notice? 

A Privacy Notice is a statement by the practice to patients, service users, visitors, carers, the public and staff that describes how we collect, use, retain and disclose personal information which we hold. It is sometimes also referred to as a Privacy Statement, Fair Processing Statement or Privacy Policy. This privacy notice is part of our commitment to ensure that we process your personal information data fairly and lawfully. 

Why issue a privacy notice? 

The Liverpool Clinic recognises the importance of protecting personal and confidential information in all that we do and takes care to meet its legal and regulatory duties. This notice is one of the ways in which we can demonstrate our commitment to our values  and being transparent and open, and commitment to our values of Respecting Diversity, Acting with Integrity, Demonstrating Compassion, Striving for Excellence and Listening  and Supporting Others. 

This notice also explains what rights you must control how we use your information. What are we governed by? 

The key pieces of legislation/guidance we are governed by are: 

Data Protection Act 1998 

Human Rights Act 1998 (Article 8) 

Access to Health Records Act 1990 

Freedom of Information Act 2000 

Health and Social Care Act 2012, 2015 

Public Records Act 1958 

Copyright Design and Patents Act 1988 

The Re-Use of Public Sector Information Regulations 2015 

The Environmental Information Regulations 2004 

Computer Misuse Act 1990 

The Common Law Duty of Confidentiality 

The Care Record Guarantee for England 

The Social Care Record Guarantee for England 

International Organisation for Standardisation (ISO) – Information Security Management

Standards (ISMS) 

Information Security Management – NHS Code of Practice 

Records Management – Code of Practice for Health and Social Care 2016 Accessible Information Standards (AIS) 

General Data Protection Regulations (GDPR) – post 25th May 2018 Who are we governed by? 

Department of Health – https://www.gov.uk/government/organisations/department ofhealth 

Information Commissioner’s O8ice – https://ico.org.uk/ 

Care Quality Commission – http://www.cqc.org.uk/ 

Our, doctors, nurses, healthcare professionals and registered support sta8 are also  regulated and governed by professional bodies. 

Why and how we collect information 

We may ask for or hold personal confidential information about you which will be used  to support delivery of appropriate care and treatment. This is to support the provision of  high-quality care. 

These records may include: 

• Basic details, such as name, address, date of birth, next of kin. 

• Contact we have had such as for appointments 

• Details and records of treatment and care, including notes and reports about  your health 

• Results of x-rays, blood tests, etc. 

• Information from people who care for you and know you well, such as health  professionals and relatives. 

It may also include personal sensitive information such as sexuality, race, your religion  or beliefs, and whether you have a disability, allergies or health conditions. It is  important for us to have a complete picture, as this information assists sta8 involved in  your care to deliver and provide improved care, deliver appropriate treatment and care  plans, to meet your needs. 

Information is collected in several ways, via your healthcare professional, referral  details from your GP or directly given by you.

How we use information 

• To help inform decisions that we make about your care. 

• To ensure that your treatment is safe and e8ective. 

• To work effectively with other organisations who may be involved in your care.

• To ensure our services can meet future needs. 

• To review care provided to ensure it is of the highest standard possible.

• To train healthcare professionals, where required. 

• For research and audit. 

• To prepare statistics on our performance. 

• To monitor how we spend public money. 

It helps you because:

Accurate and up-to-date information assists us in providing you with the best possible  care. 

If you see another healthcare professional or, specialist they can readily access the information they need to provide you with the best possible care. 

Where possible, when using information to inform future services and provision, non identifiable information will be used. 

How is information retained and kept safe? 

Information is retained in secure electronic and paper records and access is restricted  to only those who need to know. 

It is important that information is kept safe and secure, to protect your confidentiality. 

There are several ways in which your privacy is shielded; by removing your identifying  information, using an independent review process, adhering to strict contractual  conditions and ensuring strict sharing or processing agreements are in place. 

The Data Protection Act 1998 / GDPR rules regulates the processing of personal  information. Strict principles govern our use of information and our duty to ensure it is  kept safe and secure. The Liverpool Clinic the data controller and is registered with the  Information Commissioners O8ice (ICO 

Technology allows us to protect information in several ways, in the main by restricting  access. Our guiding principle is that we are holding your information in strict  confidence.

How do we keep information confidential? 

Everyone working for the Practice is subject to the Common Law Duty of Confidentiality and the Data Protection Act 1998 / GDPR. Information provided in confidence will only  be used for the purposes to which you consent to, unless there are other circumstances  covered by the law. 

Under the NHS Confidentiality Code of Conduct, all staff are required to protect  information, inform you of how your information will be used and allow you to decide if and how your information can be shared. This will be noted in your records. 

All staff are required to undertake training in data protection, confidentiality,  IT/awareness, with additional training for specialist, such as healthcare records, data  protection officers and IT staff. 

Who will the information be shared with? 

To provide best care possible, sometimes we will need to share information about you with others. We may share your information with health care organisations and  regulatory bodies. You may be contacted by any one of these organisations for a  specific reason; they will have a duty to tell you why they have contacted you. Information sharing is governed by specific rules and law. 

Third party websites 

This website contains links to other websites. We are not responsible for the privacy policies or practices of third-party websites. Ensure you review their privacy policy  before sending them any personal data. 

Sharing Patient Information with Healthcare Professionals 

As part of our commitment to providing high-quality, collaborative care, The Liverpool Clinic may share relevant patient information with healthcare professionals such as physiotherapists, referring clinicians, and other allied health providers involved in your  treatment. This information exchange ensures a seamless and coordinated approach to  your care. 

We will only share your personal and medical information when: 

• It is necessary for your ongoing treatment and care. 

• You have provided consent for referral and information sharing. This may be  given verbally or in writing and will be documented in your medical records. 

• There is a legal or regulatory obligation to do so. 

Similarly, we may receive relevant medical information from your physiotherapist or referring healthcare provider to support your treatment at The Liverpool Clinic.

All information shared is handled securely and in accordance with the UK General Data  Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you have any concerns about how your information is shared, please contact us at  info@theliverpoolclinic.com 

We ensure information is shared in a way that complies with relevant legislation. You’re right to withdraw consent for us to share your personal information 

You have the right to refuse/withdraw consent to information sharing at any time. We  will fully explain the possible consequences to you, which could include delays in you  receiving care. 

Can I access my information? 

Under the Data Protection Act 1998 (GDPR) a person may request access to information  (with some exemptions) that is held about them by an organisation 

Receipt of such information will be subject to: 

If you have any questions or concerns regarding the information we hold on you, the use  of your information or would like to discuss further, please contact us on  info@theliverpoolclinic.com