Privacy Policy

PATIENT ACCESS is provided by Egton Medical Information Systems Limited ("We" or "EMIS"), a company registered in England with company number 2117205 with registered offices at Rawdon House, Green Lane, Yeadon, Leeds, LS19 7BY.

We are committed to protecting and respecting your privacy.

SCOPE OF POLICY

This policy (together with our end-user licence agreement as set out at https://patient.emisaccess.co.uk/Static/Terms ("EULA") and any additional terms of use incorporated by reference into the EULA, together our "Terms of Use") applies to your use of:

  • the PATIENT ACCESS mobile application software (the "App") (available on a number of different App marketplaces (the "App Sites")), once you have downloaded or streamed a copy of the App onto your mobile telephone or handheld device ("Device"); and
  • the PATIENT ACCESS Service (the "Service") accessible through the App or through our website at https://patient.emisaccess.co.uk the "Site"). For the avoidance of doubt, use of our site at www.patient.info (or of any service other than Patient Access which is accessible through it) is subject to a separate privacy policy (and terms of use) accessible at that site.

This policy sets out the basis on which any personal data We collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how We will treat it.

For the avoidance of doubt, by registering with, or using, the Site, or supplying data or information through the App or on the Site, you consent to the collection, use and transfer of that data and your information under the terms of this Privacy Policy.

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you:

  • Information you give us ("Submitted Information"): You may give us information about you by filling in forms on the relevant App Site and the Site, or by corresponding with us (for example, by e-mail). This includes:
    • information you provide when you download or register an App, subscribe to the Service or Site, and when you report a problem with an App, or the Service, or the Site. The information you give us may include your name, date of birth, NHS number, e-mail address and phone number, the Device's phone number, username, password and other registration information (and if registering for the Service online, your sex, house number and postcode); and
    • health and wellbeing information you provide which you have extracted from third party health applications on your Device and any connected devices (collectively, the "Health Data").
  • Information We collect about you and your Device. Each time you visit the Site or use the App We may automatically collect the following information:
    • technical information, including the type of mobile device you use, a unique device identifier, mobile network information, your mobile operating system, and time zone setting ("Device Information");
    • health information stored on your Device which you have explicitly consented to sharing, and the providence of that data including the device used to collect that data, time, date ("Content Information"); and
    • details of your use of the App or your visits to the Site and the resources that you access ("Log Information").
  • If you contact us, We may keep a record of that correspondence.

COOKIES

We use cookies to distinguish you from other users of the App or Site. This helps us to provide you with a good experience when you use the App or browse the Site and also allows us to improve the App and our Site. For detailed information on the cookies We use and the purposes for which We use them, see our cookie policy https://patient.emisaccess.co.uk/Static/CookiePolicy.

USES MADE OF THE INFORMATION

We use information held about you in the following ways:

  • Submitted Information: We will use information which you submit as part of registering to use the App and the Service in order to manage your account, to provide technical support, to answer queries you might raise regarding the Site or the Service and for our own internal administrative purposes (and, in respect of the Service, to help us to verify your identity where appropriate by cross-checking the records kept at the relevant GP Practice). We will use any Health Data you submit through the App only for the purposes of storing that information and to make it available to you or (with your consent) your nominated health professional as you may request from time to time.
  • Device information: We will use this information to ensure that Patient Access presents the correct version and data for your Device.
  • Content Information: health information submitted through the App only for the purposes of storing that information and to make it available to you or (with your consent) your nominated health practitioner as you may request from time to time.
  • Log information: this is stored for security and audit purposes and to ensure that We are able to support your use of Patient Access.

We may associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.

DISCLOSURE OF YOUR INFORMATION

We will not provide your Submitted Information to any third party for any commercial purposes. We may disclose your personal information:

  • If We are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
  • In order to:
    • enforce or apply the EULA and other agreements or to investigate potential breaches; or
    • protect the rights, property or safety of EMIS, our customers, or others (acting at all times in accordance with our obligations under the relevant data protection legislation and the terms of our agreement with your GP Practice in respect of any Health Data).
  • To your GP Practice upon request from the practice (though the relevant practice should always first seek your express consent to their accessing the Health Data).

HOW AND WHERE WE STORE YOUR PERSONAL DATA

The Health Data that We collect from you and data you submit when registering to use the Service will be stored at our secure data centre which is located within the United Kingdom. Any requests you may submit for technical support will be held within our internal management systems whilst relevant members of our team are dealing with the same.

All Health Data will be encrypted (using industry standard methods) when being transferred from your Device to our data centre. No Health Data is stored locally within the App on your Device.

Where We have given you (or where you have chosen) a password that enables you to access certain parts of the Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

If you register for the Service online then you will not be able to access all aspects of the Service (via the Site or the App) unless or until you contact your GP Practice in order to confirm your identity.

Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect your personal data, We cannot guarantee the security of your data transmitted to the Site; any transmission is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access.

YOUR RIGHTS

We always aim to comply with the relevant data privacy laws which impose many obligations on us (in relation to your login/contact details and any Health Data) and which limit what We are allowed to do with the information which you provide to us so as to protect your rights.

In relation to any health information which you wish to add to your record or pass to your GP then this information is passed securely to the GP practice. Your GP is responsible for this data and We can only act in accordance with their instructions.

We do not currently use your contact details for marketing purposes (but if this were to change then We would contact you to obtain your consent and you do in any event have a legal right to require us to stop direct marketing at any time and We would make clear in any communications how you might exercise that right). We will not sell your details to any third party.

Our Site may, from time to time, contain links to and from the websites of our partner networks (including, Patient), advertisers and affiliates (including, websites on which the App or the Services are advertised). If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that We do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.

ACCESS TO INFORMATION

You have the right to access information held about you. Your right of access can be exercised in accordance with the terms of the Data Protection Act 1998 by making a "subject access request".

If you would like to make a subject access request then you must make that request in writing to the address provided below. Any access request may be subject to a reasonable fee (as notified to you upon request) to meet our costs in providing you with details of the information We hold about you (such fee to be no greater than that determined by the Data Protection Act 1998).

If We do hold information about you then following a subject access request We will: (i) describe it to you; (ii) explain why We are holding it; (iii) tell you who it could be disclosed to; and (iv) let you have a copy of it.

If you wish to delete or correct any personal data (including any Health Data) held by us then you may do so by using the relevant functionality within the App (once this function has been activated) or by sending a request to Patient Access Data Request, Rawdon House, Green Lane, Yeadon, Leeds LS19 7BY or to ps_webmaster@e-mis.com. We will use our reasonable efforts to delete the relevant information from our systems (however, please note that it is not (currently) technologically feasible to remove each and every record of the information you have provided to us). You should also be aware that if your medical practitioner has copied any of your health data into your medical record then you will need to contact the relevant practice directly should you wish to discuss changes required to that record as We are not able to delete information from your medical record(s).

CHANGES TO PRIVACY POLICY

We update our privacy policy from time to time and any changes We may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or when you next start the App or log onto the Site. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of the App or the Service.

CONTACT

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to Patient Access Data Request, Rawdon House, Green Lane, Yeadon, Leeds LS19 7BY or to ps_webmaster@e-mis.com.