This statement explains how and why Stow Healthcare uses any information you give us; with whom we may need to share information; how long we keep your information for; what your rights are, including how to get a copy of your information, have it corrected or erased; and who to contact at our company in relation to privacy and GDPR matters.
Stow Healthcare is a data controller, which means that we collect, process and store information that helps us manage your care effectively in our homes.
The personal data that we collect includes, but is not limited to:
We use your information in the ways you would expect:
We do not rent, sell or trade your information to other parties. We don’t allow others to market to you. We do not share your information with other healthcare professionals unless we have your consent to do so.
This notice describes how we collect, store, use and share personal information. It applies to personal information provided to us, both by you or by others on your behalf. It also explains the rights you may have in relation to the personal information that we hold about you.
We hold some of your information in hard copy, and some is stored electronically. Where we store your information in hard copy, this is held in locked file cupboards. Staff outside of the management team are not able to access financial information about you. Where third parties are used to store your electronic data (which they do not have access to), this information is held in operational centres in the UK or Europe.
There is no legal stipulation as to how long your medical and financial data should be held for. In general, we will retain your financial data until any financial matters post your departure are resolved. NHS data retention guidelines indicate information pertaining to health care provision should be kept for 8 years after care is completed, so we will keep your data for the same period in order for example that any incident arising may be further investigated. After this time, hard copy data will be securely destroyed, and electronic data will be wiped and no longer be accessible.
There are a number of third parties with whom we work, who may have access to some of your data for a specific reason, this can include: your GP or associated healthcare professionals; the Care Quality Commission, which regulates us; the local Council or Clinical Commissioning Group, if they help fund your care; and those who help us securely store any electronic data for example. We have reviewed agreements with any third parties to satisfy ourselves that they are compliant with the requirements of the GDPR.
Yes, each of our homes operates as an individual company and are registered individually with the ICO. You can search for our homes using the following link and by inputting the Registration Number of the home (see below): https://ico.org.uk/esdwebpages/search
The Designated Data Controller for Stow Healthcare is Ruth French, Operations Director whom you can contact directly if you have any questions or concerns. Her e-mail address is firstname.lastname@example.org and her telephone number is 01359 300470.
If you are dissatisfied with how Stow Healthcare uses, stores or destroys your data, you can make a complaint to the government body in charge (Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or at www.ico.org.uk).
Making sure that we keep you up to date with privacy information is a continuous responsibility and we will keep this notice under review. We’ll update our notice as changes are required.