Privacy Policy for Staff

We need to collect and process Personal Data that relates to employees in connection with their employment. This Notice is to explain how we use and safeguard that Personal Data.

What is a Privacy Notice?

Find out about privacy notices and what they should include. The UK General Data Protection Regulation (GDPR) requires that data controllers provide certain information to people whose information (personal data) they hold and use. A privacy notice is one way of providing this information. This is sometimes referred to as a fair processing notice.

A privacy notice should identify who the data controller is, with contact details for its Data Protection Officer. It should also explain the purposes for which personal data are collected and used, how the data are used and disclosed, how long it is kept, and the controller’s legal basis for processing.

In addition Healthcare Central London Ltd (HCL) may occasionally be required to collect and use certain types of such personal information to comply with the requirements of the law. No matter how it is collected, recorded and used (such as, on a computer or other digital media, on hardcopy, paper or images, including CCTV) this personal information will be dealt with properly to ensure compliance with data protection legislation – the European General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA2018) which implements the GDPR in the UK.

We may collect and use personal data for the functions that we exercise jointly with the NHS.
HCL fully support and we are able to demonstrate compliance with the six principles of Data Protection Act 2018 which are summarised below:

  • Personal data shall be processed lawfully, fairly and in a transparent manner in relation to individuals;
  • Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • Personal data processed must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • Personal data shall be accurate and, where necessary, kept up to date.
  • Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
  • Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

Information covered by data protection legislation

The GDPR definition of “personal data” covers any information relating to an identified or identifiable natural person – i.e. living individuals. Pseudonymised personal data is covered, however anonymised or aggregated data is not regulated by the GDPR or DPA2018, providing the anonymisation or aggregation has not been done in a reversible way.

Individuals and individual employee from which they can be identified can be identified by various means including their:

It may include but may not be limited to the following:

  • Personal contact information such as name, title, address, telephone number(s) and personal and/ or company email addresses.
  • Date of birth.
  • Gender.
  • Marital status and details of next of kin or dependents.
  • Employment records (including job titles, start date, work history, working hours, training records and professional memberships).
  • Workplace location.
  • Salary and benefit details and history including payroll records and tax records/information.
  • Holiday and absence records.
  • Copy documents such as passport or driving license or other identification document provided to us as part of our legal obligation to check an employee’s right to work in the UK.
  • Recruitment information (including references and other information included in a CV or cover letter or as part of the job application process).
  • Information relating to qualifications and performance including appraisal records.
  • Disciplinary and grievance information.
  • CCTV footage, photographs and other information obtained through electronic means such as swipe card records, time and attendance data and/or data from vehicle tracking software.
  • Information about an employee’s use of our information and communications systems.
  • Telephone conversation recordings and activity related to making and receiving telephone calls
  • Health information for employment purposes

How is Personal Data collected?

Typically an employee will have provided Personal Data or we have recorded Personal Data about the employee in connection with or in the course of their employment. Occasionally we are passed Personal Data by a third party such as our payroll provider, HR advisers or training providers.

For what purposes is Personal Data used?

We will only use Personal Data when the law allows us to which can be summarized under the following headings:

  1. Consent: an individual has given clear consent for us to process their personal data for a specific purpose.
  2. Contract: the processing is necessary for a contract we have with the individual or because they have asked us to take specific steps before entering into a contract.
  3. Legal obligation: the processing is necessary for us to comply with the law.
  4. Vital interests: the processing is necessary to protect someone’s life.
  5. Public task: the processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.
  6. Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party. Details of the Personal Data that we are most likely to process are set out in Appendix One.

How we keep your information confidential and safe

Everyone working for our organisation is subject to the Common Law Duty of Confidence. Information provided in confidence will only be used for the purposes advised with consent given by the patient unless there are other legal bases covered by the law.

All our staff are expected to make sure information is kept confidential and receive regular training on how to do this.

The health records we use may be electronic, on paper, or a mixture of both. We use a combination of working practices and technology to ensure that your information is kept confidential and secure.

Your records are backed up securely according to our standard procedures, NHS policies and in accordance with DPA 2018 . We ensure that the information we hold is kept in secure locations, is protected by appropriate security and access is restricted to authorised personnel.

We also make sure external organisations who process your personal information in order to support us are contractually required to have appropriate organisation and technical measures to protect your personal data.
We are committed to protecting your privacy and will only use information collected lawfully in accordance with:

  • Data Protection Act 2018;
  • UK GDPR;
  • General Data Protection Regulation (GDPR) 2016;
  • Human Rights Act 1998;
  • Common Law Duty of Confidentiality;
  • NHS Codes of Confidentiality and Information Security;
  • Health and Social Care Act 2012 and 2015;
  • And all other applicable legislation.

We will maintain our duty of confidentiality to you at all times. We will only ever use or pass on information about you if we reasonably believe that others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (such as a risk of serious harm to yourself or others) or where the law requires information to be passed on.

Children and Families

We use the data we gather from children, young people and families we are supporting for the sole purpose of providing the best care and support that we can provide to them. This might also include being able to evaluate the quality of support we have given and audit our practices in order to improve our services.

We will share information where we believe that the sharing of that information is in the best interests of supporting a child or young person. Where it is legally required to do so, and prior to the sharing of any information, we will obtain the necessary consent of relevant parent/guardian.

We take our responsibility to safeguard the welfare of children, young people and vulnerable adults very seriously. We are legally obliged to pass on personal information to the relevant authority if we thought a child, young person or vulnerable adult was at risk. When you begin to receive a service, you will be notified of how your personal data will be used and under what circumstances shared. We will also continue to update you through privacy notices such as this one.

If you are receiving a service from us, we would collect your personal data as part of receiving that service. This might include quite sensitive information relating to the support we are providing to you.

If you are under 13, we will need to get consent, when required by law, from the relevant adult/s who act as your parent/guardian to hold your personal information.

Sometimes another agency (like a school, GP or local authority) might have information that they want to pass onto us, but we would only take that data where we have a lawful basis to do so.

What rights and obligations do Employees have?

Duty to inform us of changes

It is important that Personal Data is kept accurate and up to date. Employees should please advise us if their personal information changes whilst they are employed by us.

Rights in connection with Personal Data

Under certain circumstances, individuals have the right to:

  • Request a copy of their Personal Data (commonly known as a “data subject access request”). This enables them to receive a copy of the personal information we hold about them and to check that we are lawfully processing it.
  • Request correction of the Personal Data that we hold about them.
  • Request the erasure of Personal Data. An individual may ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. An individual may also request that we stop processing Personal Data where we are relying on a legitimate interest and there is something about their particular situation which permits an object to processing on this ground.
  • Request the restriction of processing of Personal Data for example until its accuracy or the reason for processing it is more clearly established.
  • Request the transfer of Personal Data to another party. Individuals who wish to review, verify, correct or request erasure of Personal Data, object to the processing of Personal Data, or request that we transfer a copy of Personal Data to another party, please contact our nominated Data Controller

Distribution and Implementation

This document will be made available to all staff via the intranet site. A notice will be issued in the staff bulletin notifying of the release of this document.

Training Plan

A training needs analysis will be undertaken with staff affected by this document by the Corporate Information Governance team in conjunction with the Data Protection Officer.

Based on the findings of that analysis appropriate training will be provided to staff as necessary.

Monitoring

Compliance with the policies and procedures laid down in this document will be monitored via the Data Protection Officer a and the Corporate Information Governance team, together with independent reviews from Internal Audit

What we may need to comply with a Data Subject Access Request

We may need to request specific information to help us confirm a lawful right to access the information (or to exercise any other rights). This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to access it.

Equality Impact Assessment

This document forms part commitment to create a positive culture of respect for all staff and service users. The intention is to identify, remove or minimise discriminatory practice in relation to the protected characteristics (race, disability, gender, sexual orientation, age, religious or other belief, marriage and civil partnership, gender reassignment and pregnancy and maternity), as well as to promote positive practice and value the diversity of all individuals and communities.

As part of its development this document and its impact on equality has been analysed and no detriment identified.

Charges

No fee is usually required to access Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if the request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

Right to withdraw consent

In certain circumstances consent may be required to the processing of Personal Data. Where an employee provides such consent to the processing of Personal Data for a specific purpose, that employee has the right to withdraw consent for that specific processing at any time. To withdraw consent, please contact the nominated Data Controller. Once notification is received that consent has been withdrawn, we will no longer process Personal Data for the said specific purpose, unless we have another lawful basis to do so.

Our Data Protection Officer

We will have in place a Data Protection Officer at all times so far as is possible. At the date of issue of this Privacy Notice we have appointed the person. The Data Protection Officer will oversee compliance with this Privacy Notice. For any questions about this Privacy Notice or how we handle Personal Data, please contact the Data Protection Officer using the contact details included.

Making a complaint

Individuals have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters.

Amending this Privacy Notice

We may update this Privacy Notice from time to time and we will issue a new privacy notice when we make any material changes including when we the identity of the Data Protection Officer changes.

Appendix One

Data Processing

The situations in which we are most likely to process Personal Data are in connection with the following processes set out below:

  • Dealing with recruitment or appointment and termination matters including the assessment of experience, qualifications and overall suitability for a particular role.
  • Determining an individual’s employment terms and the subsequent administration of matters connected with the employment relationship.
  • Checking upon an individual’s legal entitlement to work in the UK.
  • Checking upon an individual’s unspent convictions through the completion of a basic Disclosure and Barring Service check.
  • Checking upon an individual’s spent/unspent convictions through the completion of a standard Disclosure and Barring Service check but only limited to those individuals who carry out regulated activities with patients.
  • Payroll and benefit provision.
  • Managing our business including accounting, forecasting, planning, scheduling and auditing.
  • Conducting appraisals, managing performance and determining performance requirements.
  • Dealing with grievance and disciplinary matters.
  • Dealing with training and development requirements and related issues.
  • Dealing with conflicts and disputes involving employees.
  • To monitor use of our information and communication systems to ensure compliance with our IT policies.
  • Managing absence including assessing fitness to work.
  • Health and safety matters including compliance.
  • To prevent fraud.
  • Equal opportunities monitoring and advice. We believe that we have a legitimate interest in processing the above Personal Data in the context of the overall employment relationship. Some of the above grounds for processing may overlap and there may be several grounds which justify our use of Personal Data.

Appendix Two

Our safeguarding measures

Please note that we do not transfer any Personal Data to countries or territories that do not have adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

We do not use any Personal Data for automated decision making or other form of profiling.

We aim to keep Personal Data accurate and up to date. Data that is out of date or inaccurate will be amended when we are made aware of that. Employees should notify us if they become aware of any inaccuracies in their Personal Data held by us.

We will not keep Personal Data for longer than is permitted. This means that data will be destroyed or erased from our systems when it is no longer lawfully required. For regulatory purposes we are required to keep certain Personal Data for a six-year period after which it is securely destroyed.

We have in place procedures and solutions to maintain the security of all personal data from the point of collection to the point of destruction and have taken appropriate measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data. Maintaining data security means guaranteeing the confidentiality, integrity and availability (for authorised purposes) of the personal data. For example, we take the following steps to protect data:

  • Staff are trained in relation to the importance of privacy and data security.
  • Laptops are protected by encryption.
  • Electronic files can only be accessed via password logins We will only pass Personal Data to third parties where we are lawfully obliged to do so. For example, an employee may ask us to provide their salary details to a building society when they apply for a mortgage, or we may lawfully pass data to our payroll adviser in order to ensure that employees are paid.

We will not disclose Personal Data to a third party without consent unless we are satisfied that they are legally entitled to the data. Where we do disclose Personal Data to a third party without consent, we will only do so where that third party has confirmed that it has in place adequate measures to protect Personal Data.

Appendix Three

Our nominated Data Protection Officer

Umar Sabat

Email: umar.sabat@ig-health.co.uk

Privacy Policy for patients

Health professional examining a patient's blood pressure

We need to collect and process Personal Data that relates to Clinical Services we provide as a registered healthcare provider.

What is a Privacy Notice?

Find out about privacy notices and what they should include. The UK General Data Protection Regulation (GDPR) requires that data controllers provide certain information to people whose information (personal data) they hold and use. A privacy notice is one way of providing this information. This is sometimes referred to as a fair processing notice.

A privacy notice should identify who the data controller is, with contact details for its Data Protection Officer. It should also explain the purposes for which personal data are collected and used, how the data are used and disclosed, how long it is kept, and the controller’s legal basis for processing.

In addition Healthcare Central London Ltd (HCL) may occasionally be required to collect and use certain types of such personal information to comply with the requirements of the law. No matter how it is collected, recorded and used (such as, on a computer or other digital media, on hardcopy, paper or images, including CCTV) this personal information will be dealt with properly to ensure compliance with data protection legislation – the European General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA2018) which implements the GDPR in the UK.

We may collect and use personal data for the functions that we exercise jointly with the NHS.

HCL fully support and we are able to demonstrate compliance with the six principles of Data Protection Act 2018 which are summarised below:

  • Personal data shall be processed lawfully, fairly and in a transparent manner in relation to individuals;
  • Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • Personal data processed must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • Personal data shall be accurate and, where necessary, kept up to date.
  • Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
  • Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

Information covered by data protection legislation

The GDPR definition of “personal data” covers any information relating to an identified or identifiable natural person – i.e. living individuals. Pseudonymised personal data is covered, however anonymised or aggregated data is not regulated by the GDPR or DPA2018, providing the anonymisation or aggregation has not been done in a reversible way.

The information we collect about you is:-

  • Personal contact information such as name, title, address, telephone number(s) and personal and/ or company email addresses.
  • Date of birth.
  • Gender.
  • Marital status and details of next of kin or dependents.
  • Healthcare information about you
  • CCTV footage For premises we operate from
  • Telephone conversation recordings and activity related to making and receiving telephone calls.

How is Personal Data collected?

We rely on patients to provide this information to us to support and provide treatment and care services.

For what purposes is Personal Data used?

We will only use Personal Data when the law allows us to which can be summarized under the following headings:

  1. Consent: an individual has given clear consent for us to process their personal data for a specific purpose.
  2. Contract: the processing is necessary for a contract we have with the individual or because they have asked us to take specific steps before entering into a contract.
  3. Legal obligation: the processing is necessary for us to comply with the law.
  4. Vital interests: the processing is necessary to protect someone’s life.
  5. Public task: the processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.
  6. Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party. Details of the Personal Data that we are most likely to process are set out in Appendix One.

    For the purposes of the activities we carry out nearly all of our processing will be reliant upon a public task.

How we keep your information confidential and safe

Everyone working for our organisation is subject to the Common Law Duty of Confidence. Information provided in confidence will only be used for the purposes advised with consent given by the patient unless there are other legal bases covered by the law.

All of our staff are expected to make sure information is kept confidential and receive regular training on how to do this.

The health records we use may be electronic, on paper, or a mixture of both. We use a combination of working practices and technology to ensure that your information is kept confidential and secure.

Your records are backed up securely according to our standard procedures, NHS Records Management Code of Practice and in accordance with the Data Protection Act 2018 . We ensure that the information we hold is kept in secure locations, is protected by appropriate security and access is restricted to authorised personnel.

We also make sure external organisations who process your personal information in order to support us are contractually required to have appropriate organisation and technical measures to protect your personal data.

We are committed to protecting your privacy and will only use information collected lawfully in accordance with:

  • Data Protection Act 2018;
  • UK GDPR;
  • Human Rights Act 1998;
  • Common Law Duty of Confidentiality;
  • NHS Codes of Confidentiality and Information Security;
  • Health and Social Care Act 2022;
  • And all other applicable legislation.

We will maintain our duty of confidentiality to you at all times. We will only ever use or pass on information about you if we reasonably believe that others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (such as a risk of serious harm to yourself or others) or where the law requires information to be passed on.

Children and Families

We use the data we gather from children, young people and families we are supporting for the sole purpose of providing the best care and support that we can provide to them. This might also include being able to evaluate the quality of support we have given and audit our practices in order to improve our services.

We will share information where we believe that the sharing of that information is in the best interests of supporting a child or young person. Where it is legally required to do so, and prior to the sharing of any information, we will obtain the necessary consent of relevant parent/guardian.

We take our responsibility to safeguard the welfare of children, young people and vulnerable adults very seriously. We are legally obliged to pass on personal information to the relevant authority if we thought a child, young person or vulnerable adult was at risk. When you begin to receive a service, you will be notified of how your personal data will be used and under what circumstances shared. We will also continue to update you through privacy notices such as this one.

If you are receiving a service from us, we would collect your personal data as part of receiving that service. This might include quite sensitive information relating to the support we are providing to you.

If you are under 13, we will need to get consent, when required by law, from the relevant adult/s who act as your parent/guardian to hold your personal information.

Sometimes another agency (like a school, GP or local authority) might have information that they want to pass onto us, but we would only take that data where we have a lawful basis to do so.

Rights in connection with Personal Data

Under certain circumstances, individuals have the right to:

  • Request a copy of their Personal Data (commonly known as a “data subject access request”). This enables them to receive a copy of the personal information we hold about them and to check that we are lawfully processing it.
  • Request correction of the Personal Data that we hold about them.
  • Request the erasure of Personal Data. An individual may ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. An individual may also request that we stop processing Personal Data where we are relying on a legitimate interest and there is something about their particular situation which permits an object to processing on this ground.
  • Request the restriction of processing of Personal Data for example until its accuracy or the reason for processing it is more clearly established.
  • Request the transfer of Personal Data to another party. Individuals who wish to review, verify, correct or request erasure of Personal Data, object to the processing of Personal Data, or request that we transfer a copy of Personal Data to another party, please contact our nominated Data Controller

To exercise any of these rights as a patient please contact our Data Protection Officer on umar.sabat@ig-health.co.uk

What we may need to comply with a Data Subject Access Request

We may need to request specific information to help us confirm a lawful right to access the information (or to exercise any other rights). This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to access it.

Equality Impact Assessment

This document forms part commitment to create a positive culture of respect for all staff and service users. The intention is to identify, remove or minimise discriminatory practice in relation to the protected characteristics (race, disability, gender, sexual orientation, age, religious or other belief, marriage and civil partnership, gender reassignment and pregnancy and maternity), as well as to promote positive practice and value the diversity of all individuals and communities.

As part of its development this document and its impact on equality has been analysed and no detriment identified.

Charges

No fee is usually required to access Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if the request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

Right to withdraw consent

In certain circumstances consent may be required to the processing of Personal Data. Where an employee provides such consent to the processing of Personal Data for a specific purpose, that employee has the right to withdraw consent for that specific processing at any time. To withdraw consent, please contact the nominated Data Controller. Once notification is received that consent has been withdrawn, we will no longer process Personal Data for the said specific purpose, unless we have another lawful basis to do so.

Our Data Protection Officer

We will have in place a Data Protection Officer at all times so far as is possible. At the date of issue of this Privacy Notice we have appointed the person. The Data Protection Officer will oversee compliance with this Privacy Notice. For any questions about this Privacy Notice or how we handle Personal Data, please contact the Data Protection Officer using the contact details included.

Making a complaint

Individuals have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters.

Amending this Privacy Notice

We may update this Privacy Notice from time to time and we will issue a new privacy notice when we make any material changes including when we the identity of the Data Protection Officer changes.

Appendix One

Data Processing

The situations in which we are most likely to process Personal Data are in connection with the following services we deliver

  • Spirometry
  • Dermatology
  • Cardiology
  • Research clinics delivered at South Westminster
  • Enhanced Access hubs also knows as extended access
  • Diabetes
  • Health and Wellbeing
  • First Contact Physio

Appendix Two

Our safeguarding measures

Please note that we do not transfer any Personal Data to countries or territories that do not have adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

We do not use any Personal Data for automated decision making or other form of profiling.

We aim to keep Personal Data accurate and up to date. Data that is out of date or inaccurate will be amended when we are made aware of that. Patients should notify us if they become aware of any inaccuracies in their Personal Data held by us.

We will not disclose Personal Data to a third party without consent unless we are satisfied that they are legally entitled to the data. Where we do disclose Personal Data to a third party without consent, we will only do so where that third party has confirmed that it has in place adequate measures to protect Personal Data.

Appendix Three

Our nominated Data Protection Officer

Mr Umar Sabat

Email: umar.sabat@ig-health.co.uk

 

Terms of usage

Computer showing code

PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THIS SITE

What’s in these terms?

These terms tell you the rules for using our website htttps://healthcarecentrallondon.co.uk (our site).

Who we are and how to contact us

htttps://healthcarecentrallondon.co.uk is a site operated by Healthcare Central London Ltd  (“We”). We are registered in England and Wales under company number 12573258 and have our registered office at Capital House, 25 Chapel Street, London, United Kingdom, NW1 5DH

We are a Federation of General Practices in Westminster, providing community and primary care services to our local residents alongside a wide range of staffing, management and administrative support to our Practices.

To contact us, please email hcl.corporate@nhs.net.

By using our site you accept these terms

By using our site, you confirm that you accept these terms of use and that you agree to comply with them.

If you do not agree to these terms, you must not use our site.

There are other terms that may apply to you

These terms of use refer to the following additional terms, which also apply to your use of our site:

We may make changes to these terms

We amend these terms from time to time. Every time you wish to use our site, please check these terms to ensure you understand the terms that apply at that time.

We may make changes to our site

We may update and change our site from time to time. We do not guarantee that our site, or any content on it, will always be available or be uninterrupted.

How you may use material on our site

We are the owner or the licensee of all intellectual property rights in our site, and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.

Our status (and that of any identified contributors) as the authors of content on our site must always be acknowledged (except where the content is user-generated).

You must not use any part of the content on our site for commercial purposes without obtaining a licence to do so from us or our licensors.

If you print off, copy, download, share or repost any part of our site in breach of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

Do not rely on information on this site

The content on our site is provided for general information only. It is not intended to amount to advice on which you should rely. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.

Although we make reasonable efforts to update the information on our site, we make no representations, warranties or guarantees, whether express or implied, that the content on our site is accurate, complete or up to date.

We are not responsible for websites we link to

Where our site contains links to other sites and resources provided by third parties, these links are provided for your information only. Such links should not be interpreted as approval by us of those linked websites or information you may obtain from them.

We have no control over the contents of those sites or resources.

How we may use your personal information

We will only use your personal information as set out in our Privacy Policy (Privacy Policy – Healthcare Central London).

We are not responsible for viruses and you must not introduce them

We do not guarantee that our site will be secure or free from bugs or viruses.

You are responsible for configuring your information technology, computer programmes and platform to access our site. You should use your own virus protection software.

You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material that is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of service attack. By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately.

Rules about linking to our site

You may link to our home page, provided you do so in a way that is fair and legal and does not damage our reputation or take advantage of it.

You must not establish a link in such a way as to suggest any form of association, approval or endorsement on our part where none exists.

You must not establish a link to our site in any website that is not owned by you.

Our site must not be framed on any other site, nor may you create a link to any part of our site other than the home page.

We reserve the right to withdraw linking permission without notice.

If you wish to link to or make any use of content on our site other than that set out above, please contact hcl.corporate@nhs.net.

Our trade marks

All trade marks, service marks, graphics and logos used in connection with the site are trade marks or registered trade marks of ours or our licensors. Other trade marks, service marks, graphics and logos used in connection with the site may be the trade marks of other third parties. Your use of the site grants you no right or license to reproduce or otherwise use any our or third-party trade marks.

Acceptable use

You may not use our site:

  • In any way that breaches any applicable local, national or international law or regulation.
  • In any way that is unlawful or fraudulent or has any unlawful or fraudulent purpose or effect.
  • To transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam).
  • To knowingly transmit any data, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.

You also agree:

  • Not to reproduce, duplicate, copy or re-sell any part of our site in contravention of the provisions of these terms.
  • Not to access without authority, interfere with, damage or disrupt:
  • any part of our site;
  • any software used in the provision of our site; or
  • any software owned or used by any third party.

Non-compliance with these terms and conditions

When we consider that you have not complied with these terms and conditions, we may take such action as we deem appropriate.

Failure to comply with these terms of conditions may result in our taking all or any of the following actions:

  • Immediate, temporary or permanent withdrawal of your right to use our site.
  • Issue of a warning to you.
  • Possible legal action against you.
  • Disclosure of such information to law enforcement authorities as we reasonably feel is necessary or as required by law.

The actions we may take are not limited to those described above, and we may take any other action we reasonably deem appropriate.

Contact information

Questions about the Terms of Service should be sent to us at hcl.corporate@nhs.net