Who we are
Eyedoctor.london Ltd. is incorporated in England and Wales (company number 10187972) The Registered address is the accountant’s office: Unit 7 Mulberry Place, Pinnel Road, Eltham, London SE9 6AR.Eyedoctor.london Ltd is the company through which Edward Lee’s private practice is run.Edward Lee is a registered data controller (registered with the Information Commissioners Office). Data is stored and used within the terms of the registration for a Healthcare provider.
If you have any concerns, or would like more detail about how we process your Personal Data, you can contact us using Edward.email@example.com
Protecting Your Personal Data
Your Personal Data isn’t just protected by the quality, commitment and high standards of Eyedoctor.london, it’s also protected by law. The law states that Eyedoctor.london can only process your Personal Data when there is a genuine reason to do so and it must be one of the following;
• To fulfil any contract that we have with you
• Where we have a legal obligation
• Where you have consented to the processing
• When it is in our legitimate interest
• When it is in the public interest
• When it is in your vital interests
Data Transfer Outside the EEA
Eyedoctor.london will not transfer your Personal Data outside of the EEA.
Your rights over your Personal Data
Eyedoctor.london will assist you if you choose to exercise any of your rights over your Personal Data, including:
• Access to your Personal Data that we hold or process
• Correction of any Personal Data that is incorrect or out of date
• Erasure of Personal Data that we process
• Restrict processing of your Personal Data in certain circumstances
• Lodging a complaint with any relevant Data Protection Authority
• Asking us to provide you or another company you nominate with certain aspects of your Personal Data, often referred to as ‘the right to portability’
• The ability to object to any processing data where we are doing it for our legitimate interests
For more information on these rights you can contact firstname.lastname@example.org
Changes to our Privacy Statement
Eyedoctor.london may update this policy. The most up to date version will be published on this website.
What data held
Clinic letters, correspondence with patients and correspondence with other clinicians regarding specific patients
Contact details for patients and next of kin where provided.
Clinical notes are primarily kept by the hospital where patients are seen or treated. Copies of relevant clinical notes are however made when patient’s care is transferred between hospitals. Referral letters +/- scans went sent to us by GPs or opticians rather than to the hospital direct.
Where is data stored
As of June 2018 all data apart from email correspondence is stored on a secure electronic database that is GPDR compliant (Carebit). Data is kept within the EU and encrypted. Only Edward Lee and Selina Galliers have access to this data using dual encryption. Non-secure emails are stored on the providers server; non-secure emails will only be used for patient information with their permission. Data from prior to June 2018 is stored on a separate encrypted and secured server within the EU.
How long is data stored for
Clinical records are ordinarily kept for at least 7 years after the last clinical episode.
What is the data used for
Data is used for clinical and billing purposes only. We do not send marketing material direct to individuals.
Who is data shared with
Billing information is shared with a specialised UK-based billing company who are also GDPR compliant. The minimum required information is passed to them (ie. Contact details, insurance details where applicable, and what procedures performed if any, but no additional clinical information). Clinical data held by the company is accessible by Edward Lee (Consultant Ophthalmologist) and Selina Galliers (Medical Secretary) only. Insurers intermittently ask for clinical information for selected patients who care they are paying for. This is shared with the company if it has been established that the patient’s permission has been sought (usually by the insurer)
Emails of personal data between Edward Lee and Selina Galliers, or to hospitals, or the billing company are performed using secure email services. For convenience, we are happy to email patients by non-secure means where express permission for this has beengranted.