(Effective from 25th May 2018)
A: What does this Policy cover?
LSP Enterprises Ltd (referred in this document going forwards as ‘LSP’) is committed to respecting your right to privacy and protecting any personal information you provide to us. We are a Data Controller and registered on the Data Protection Register of the Information Commissioner’s Office (ICO) with registration number ZA150863.
LSP’s Data Protection Officer (DPO) is Mr. Richard Seah. He can be contacted via email on firstname.lastname@example.org
B: General Data Protection Regulation (GDPR) and your personal data
Since 25th May 2018, the General Data Protection Regulation (GDPR) has replaced previous data protection legislation. The prior principles of data protection continue to hold true but are now strengthened in the key areas of process transparency, data accuracy, minimisation and accountability.
This privacy notice informs you how LSP will collect and use your personal data for the purposes of patient management.
C: Why does LSP need to collect and store personal data?
In order for us to perform appropriate medical assessment, management and treatment, LSP needs to collect personal data for identification and correspondence purposes. We are fully committed to ensuring the information collected and utilised is appropriate for these purposes, and importantly, does not constitute an abuse or invasion of your privacy.
In regards to being contacted for any non-medical or marketing purposes, LSP would contact you for additional consent.
D: Will my personal data be shared?
If appropriate and with your agreement, we may need to pass your personal data on to third-party service providers in the course of carrying out your treatment plan. Examples of this would include, but are not exclusive to, other medical, allied health and biomedical professionals and services.
Any third parties we may share your data with are obliged to keep your details confidential, secure and use them only to fulfil the services provided. When your data is no longer required to fulfil this service, they will dispose of those details in line with GDPR policy. If we need to pass your sensitive personal data onto a third party, we will only do so once we have obtained your consent, except where we are legally obliged to do so otherwise.
E: How is the personal data that is collected utilised?
LSP will not sell your personal information to anyone. We will only use and disclose personal information for the purposes for which it was initially collected, and for purposes which are directly related to our functions or activities.
LSP will process (collect, store and use) the information provided in a manner compatible with GDPR. We will endeavour to keep your information accurate and contemporaneous, and not keep it for longer than is necessary.
LSP is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of personal data should be kept will be governed by specific business sector requirements and agreed practices. Personal data may also be held in addition to these periods, depending on individual business needs.
F: Under what circumstances will LSP contact me?
We aim not to be intrusive, and undertake not to ask unnecessary or irrelevant questions. Additionally, the information provided by you will be subject to rigorous measures and procedures to minimise risk of unauthorised access or disclosure.
G: Can I find out the personal data that the organisation holds about me?
LSP, at your request, can confirm what information we hold about you and how it is processed. If LSP does hold personal data about you, you can request the following information:
H: What forms of official identification will I need to provide to access this?
LSP will accept the following forms of official identification when information on your personal data is requested: Passport, driving licence, birth certificate or utility bill (valid for the last three months).
The Data Protection Officer is responsible for ensuring this notice is made available to data subjects, prior to LSP collecting or processing their personal data. All staff or contractors of LSP who interact with data subjects are responsible for ensuring this notice is drawn to the data subject’s attention and their consent to the processing of their data is secured.
J: Disclosures for reasons of National Security or Law Enforcement
Under certain circumstances, LSP may be required to disclose your personal information, in response to valid requests by public authorities, to meet national security or law enforcement requirements. LSP is bound by local and regional applicable privacy and data protection laws and regulations.
K: Data controllers and your rights
LSP is a medical and healthcare services company committed to patient-focused care, principally patient assessment, diagnosis, management and treatment. Our Data Protection Officer can be contacted directly via email at: email@example.com
As a data subject, you have the following rights:
All the above requests will be forwarded on if there is a third party involved in the processing of your personal data.
L: Cookies and other tracking technologies
M: Linked websites
N: How to make a complaint
If you have concerns or a complaint regarding our collection and use of your personal information, or a possible breach of your privacy, please send them to: firstname.lastname@example.org or write to us at: LSP Enterprises Ltd, c/o ISEH, 170 Tottenham Court Road, London W1T 7HA.
LSP will treat your requests or complaints confidentially and contact you within a reasonable time after receipt of your complaint to address your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
If you do not believe your complaint is managed appropriately, you have the right to escalate the complaint to the applicable Data Protection Authority.
This policy was most recently updated on 16th Dec 2019.