How we use your information
• why we need your data
• how it will be used
• who it will be shared with
This information also explains what rights you have to control how we use your information. The law determines how organisations can use personal information. The key pieces of legislation are the Data Protection Act 1998, the Human Rights Act 1998, relevant health service legislation and the common law duty of confidentiality.
Within this page, we describe instances where Millbrook Healthcare Limited is the “Data Controller”, for the purposes of the Data Protection Act 1998 and where we direct or commission the processing of service user data to help deliver better wheelchair, community equipment, assistive technology and home improvement agency services. Millbrook Healthcare Limited recognises the importance of protecting personal and confidential information in everything that we do and takes great care to meet its legal duties.
What information do we collect about you?
We only collect and use your information for the lawful purposes of administering the business of Millbrook Healthcare Limited. These purposes include:
• accounting and auditing
• accounts and records
• crime prevention and prosecution of offenders
• health administration and services
• staff administration
What types of personal data do we handle?
We process personal information to enable us to support the provision of healthcare services to service users, maintain our own accounts and records, promote our services, and to support and manage our employees.
We also use information to support and monitor the services we are commissioned to provide to enable the delivery of high quality healthcare. The types of personal information we use include:
• personal details such as names, addresses, telephone numbers
• family details (e.g. next of kin details)
• education, training, mostly frequently of clinicians such as OTs
• employment details, for example for those that work for us either directly
• visual images, personal appearance and behaviour (e.g. if CCTV images are used as part of building security)
• details held in the service user’s record
• responses to surveys, where individuals have responded to surveys about the services we provide
We also process sensitive classes of information that may include:
• racial and ethnic origin
• offences (including alleged offences), criminal proceedings, outcomes and sentences
• trade union membership
• religious or similar beliefs
• employment tribunal applications, complaints, accidents, and incident details
This information will generally relate to our staff, covered by the Privacy Notice for Staff, or for those health care professionals we manage. In terms of patient information, information may also include physical or mental health details.
How will we use information about you?
Your information is used to run and improve the quality of services we provide. It may be used to:
• check and report on how effective Millbrook Healthcare and the services it provides has been
• investigate complaints, legal claims or incidents
• review the care given to make sure it is of the highest possible standard
• improve the efficiency of healthcare services, by sharing information with other organisations (e.g. NHS and local authority commissioners) for a specific, justified purpose and approved by Millbrook Healthcare’s Caldicott Guardian.
We may keep your information in written form or on a computer. Whenever possible, all information that identifies you will be removed.
Sharing your information
There are a number of reasons why we share information. This can be due to:
• our obligations to comply with current legislation
• our duty to comply with a Court Order
• you having consented to disclosure
Millbrook Healthcare is responsible for protecting the public funds it receives in the provision of wheelchair, community equipment, assistive technology and home improvement agency services. To do this, we may use the information we hold about you to detect and prevent crime or fraud. We may also share this information with other bodies that inspect and manage public funds.
We will only retain information for as long as necessary. Records are maintained in line with the our retention schedule and NHS best practice which determines the length of time records should be kept.
Security of your information
We take our duty to protect your personal information and confidentiality seriously. We are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether electronic or on paper.
We have appointed a Senior Information Risk Owner (SIRO) who is accountable for the management of all information assets and any associated risks and incidents, and a Caldicott Guardian who is responsible for the management of service user information and service user confidentiality.
All staff are required to undertake information governance training and are provided with information governance guidance that they are required to read, understand and agree to adhere to. The guidance ensures that staff are aware of their information governance responsibilities and follow best practice guidelines ensuring the necessary safeguards and appropriate use of person identifiable and confidential information.
All our staff are also required to protect your information and inform you of how your information will be used. This includes allowing you to decide if and how your information can be shared.
All our employees are subject to the common law duty of confidentiality. Information provided in confidence will only be used for the purposes advised and consented to by the service user, unless it is required or permitted by the law.
How you can access your personal information
The Data Protection Act 1998 gives you the right to see the information that NHS England holds about you and why. Requests must be made in writing and you will need to provide:
• adequate information (e.g. full name, address, date of birth, NHS number, etc.) so that your identity can be verified and your information located
• an indication of what information you are requesting to enable us to locate this in an efficient manner
A request for information can be made to your local Millbrook Healthcare service or, alternatively, it can be made to the Integrated Governance Team at firstname.lastname@example.org
Requests can also be sent via post to: Integrated Governance, Millbrook Healthcare Ltd, Calmore Industrial Park, Nutsey Lane, Totton, Hampshire, SO40 3XJ.
Where a fee is applicable under the terms of the Data Protection Act and subsequent legislation, we will inform you in writing. We aim to comply with requests for access to personal data as quickly as possible. We will ensure that we deal with requests within 40 days of receipt unless there is a reason for delay that is justifiable under the Data Protection Act.
We want to make sure that your personal information is accurate and up to date. If you think any information is inaccurate or incorrect then please let us know.
There are sections of the Mi-guardian website where you can (if you choose to) submit information to the company. For example, you can ask us a question or send us your feedback. When you submit information, you consent to the collection, processing and storage of that information for that specific purpose.
We are registered with the Information Commissioner’s Office. Under the Data Protection Act, we have a duty to protect any information you provide us with. We will not pass on your details to any third party unless you give us permission to do so.
A cookie is a small file which contains a random, unique identifier (made up of numbers). It is downloaded on to a device when a user accesses certain websites. A cookie allows the website to recognise that user’s device (through its identifier).
The cookies used on the Mi-guardian website do not store or collect any personal data about website visitors.
The only other cookies we use on the site are for:
- Tabs – some of our web pages are laid out in tabs, to help make the information easier to read. The website will generate a cookie to identify which Tab is selected and open on a page. The only data stored is about the page and the tab and not about the user.
- ‘Remember me’ – this function is used for those users who log in to the website and is optional. This cookie contains/collects no personal data.
The material on this site is subject to copyright protection of Millbrook Healthcare Limited unless otherwise indicated. The Millbrook Healthcare Limited copyright protected material may be reproduced free of charge in any format or medium for research, private study or for internal circulation within an organisation. This is subject to the material being reproduced accurately and not used in a misleading context. Where any of the company’s copyright items on this site are being republished or copied to others, the source of the material must be identified and the copyright status acknowledged.
The permission to reproduce Millbrook Healthcare Limited protected material does not extend to any material on this site that is identified as being the copyright of a third party. Authorisation to reproduce such material must be obtained from the copyright holders.
Every effort is taken to ensure that the information contained in this website is both accurate and complete.
We cannot guarantee uninterrupted access to this website, or the sites to which it links. We accept no responsibility for any damages arising from the loss of use of this information.
Access to your personal information and correction
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your information, please email email@example.com or write to us at the address below. We may make a small charge for this service.
Integrated Governance Team, Millbrook Healthcare Ltd, Calmore Industrial Park, Nutsey Lane, Totton, Hampshire, SO40 3XJ
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
Marketing and newsletters
We would like to send you information and updates about the services we provide and other companies in our group which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date. You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the Millbrook Group. If you no longer wish to be contacted for marketing purposes, please contact us at: firstname.lastname@example.org
The names, images and logos identifying Millbrook Healthcare Limited are the proprietary marks of Millbrook Industries Limited (Millbrook Group of Companies). Copying our logos and any other third party logos accessed via this website is not permitted without the prior approval of the relevant copyright owner.
We make every effort to check and test material at all stages of production. It is always wise for you to run an anti-virus programme on all material downloaded from the internet. We cannot accept any responsibility for any loss, disruption or damage to your data or your computer system that may occur while using material derived from this website.
All external links provided on this site are provided for information and convenience only. Millbrook Healthcare Limited is not responsible for the contents or reliability of any websites to which this site provides links, and does not necessarily endorse the views expressed within them. Listing should not be taken as endorsement of any kind.
Integrated Governance, Millbrook Healthcare Ltd, Calmore Industrial Park, Nutsey Lane, Totton, Hampshire, SO40 3XJ