- Alex Digesu is registered with the ICO – reference no: ZA228517
- Personal data of patients is kept in digital form. This data is necessary for patient care including name, date of birth, address, contact details, details of other medical practitioners involved in the care of the patient, as well sensitive data including medical history and notes / correspondence and patient results. For insured patients details of their medical insurance company are kept.
- Patient data is kept securely. Medical notes are kept in digital form and are stored on a patient management database which is hosted by Imperial College Healthcare and/or Digital practice manager software that are both password protected. It can only be accessed by Alex Digesu and named practice secretarial staff. Practice staff are trained in clinical governance and confidentiality.
- No data is used for marketing purposes.
- Patient consent is requested to use the patient’s email and phone number for the purposes of patient care only.
- Data is not shared with other organisations other than in the following circumstances:
- There will be correspondence with patient’s usual medical practitioner and other specialists involved in their care which includes medical details.
- The patients name, address and insurance details will be shared with laboratories that are requested to perform tests / investigations that are necessary for patient care. If necessary for interpretation of results, limited medical details will be provided to the laboratory.
- Personal information may be shared with insurance companies if requested but explicit consent from the patient is required if medical details are requested to deal with the claim.
- For the purposes of unpaid invoices only, the patients name, address and contact details may be passed to a debt collection agency.
- Patient notes are kept for 25 years. In lines with GDPR, data subject rights include the request for medical notes to be deleted, corrected if inaccurate.