Effective Date: 01 January 2023
- Information We Collect
We may collect various types of personal information from individuals receiving our care services and employee, including but not limited to:
1.1. Contact Information: Your name, address, email address, and telephone number.
1.2. Personal Details: Such as date of birth, gender, and marital status.
1.3. Health Information: Medical history, conditions, medications, and dietary requirements.
1.4. Care Notes: Records of care provided, health assessments, treatment plans, and progress reports.
1.5. Financial Information: Payment details, insurance information, and billing records.
1.6. Emergency Contacts: The names and contact details of individuals to be notified in emergencies.
1.7. Website User: IP address
- Use of Personal Information
We may use the personal information we collect for the following purposes:
2.1. Provision of Care: To deliver care services, including assessments, care planning, scheduling, coordination with healthcare professionals, and monitoring of health conditions.
2.2. Communication: To communicate with clients and their designated representatives regarding appointments, updates, changes in care plans, and other relevant information.
2.3. Billing and Financial Administration: Process payments, verify insurance coverage, generate invoices, and maintain financial records.
2.4. Compliance with Legal Obligations: To comply with applicable laws, regulations, and contractual obligations, including reporting requirements, audits, and insurance claims.
2.5. Quality Improvement and Research: To evaluate and improve our services, research, analyse trends, and develop new programs and initiatives.
2.6. Marketing and Promotions: With your consent, to inform you about our services, promotions, newsletters, and events that may interest you.
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:
(a) Your consent. You can remove your consent at any time. You can do this by contacting:
Diamond Heart Health Care Limited
2nd Floor, Lowry Mill, Lees Street, Swinton, Manchester. M27 6DB
Phone No: 01619524505/07983571259
(b) We have a contractual obligation.
(c) We have a legal obligation.
(d) We have a vital interest.
(e) We need it to perform a public task.
(f) We have a legitimate interest
- Disclosure of Personal Information
We may disclose your personal information to the following parties under certain circumstances:
3.1. Care Assistant and Healthcare Professionals: To facilitate care services, we may share relevant personal information with our care assistants and healthcare professionals involved in your care.
3.2. Third-Party Service Providers: We may engage trusted third-party service providers, such as IT support, billing processors, and insurance companies, to assist with the operation and administration of our services.
3.3. Legal and Regulatory Authorities:
- Her Majesty’s Revenue and Customs (HMRC).
- Our pension (NEST)
- Organisations we have a legal obligation to share information with, i.e., for safeguarding, CQC
- Local Authorities
- The police or other law enforcement agencies
- UCheck (DBS Check Service)
We may disclose personal information when required by law or in response to a valid legal request, such as court orders or government inquiries, or to protect our rights, safety, or the safety of others.
3.4. Business Transfers: In the event of a merger, acquisition, sale, or transfer of assets, personal information may be transferred to the acquiring entity, or third parties involved in the transaction.
- Data Security and Retention
We implement appropriate technical and organisational measures to protect personal information from unauthorised access, disclosure, alteration, or destruction. We retain personal information for as long as necessary to fulfil the purposes outlined in the Data Protection Act 1998 unless a more extended retention period is required or permitted by law.
- Your Rights and Choices
The data we keep about you is your data, and we ensure that we keep it confidential and used appropriately. You have the following rights when it comes to your data:
5.1. You have the right to request a copy of all the data we keep about you. Generally, we will not charge for this service.
5.2. You have the right to ask us to correct any data we have that you believe to be inaccurate or incomplete. You can also request that we restrict all data processing while we consider your rectification request.
5.3. You have the right to ask that we erase any of your personal data which is no longer necessary for the purpose we originally collected it for. We retain our data in line with the Information Governance Alliance’s guidelines (https://digital.nhs.uk/data-and-information/looking-after-information/data-security-and-information-governance/codes-of-practice-for-handling-information-in-health-and-care/records-management-code-of-practice-for-health-and-social-care-2016)
5.4. You may also request that we restrict the processing if we no longer require your personal data for the purpose, we originally collected it for, but you do not wish for it to be erased.
5.5. You can ask for your data to be erased if we have asked for your consent to process your data. You can withdraw consent at any time – please get in touch with us to do so.
5.6. If we are processing your data as part of our legitimate interests as an organisation or to complete a task in the public interest, you have the right to object to that processing. We will restrict all processing of this data while we investigate your objection.
You may need to provide adequate information for our staff to identify you, for example, a passport or driver’s licence. This is to make sure that data is not shared with the wrong person inappropriately. We will always respond to your request as soon as possible and, at the latest, within one month.
If you would like to complain about how we have dealt with your request, please contact:
Information Commissioner’s Office
SK9 5AF https://ico.org.uk/global/contact-us/