Call us now:

01254961018

Privacy Policy

This privacy policy applies between you as a user of Local Primary Care Federation services, and Local Primary Care Federation. This Privacy Notice also covers the users of our website. Local Primary Care Federation (hereafter LPC) takes the privacy of your information very seriously. This privacy policy applies to our use of any and all Data collected by us or provided by you in relation to your use of our services.

  • Please read this Privacy Policy carefully.

1. Definitions and Interpretations

1.a The following definitions are used:

  • Data – collectively all information that you submit to Local Primary Care Federation via any means, or data which we collect. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws detailed below.
  • Processing – includes the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of personal data.
  • Cookies – when accessing the website, a small text file may be placed on your computer when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies).
  • Data Protection Laws – any applicable UK law relating to the processing of personal Data, including but not limited to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
  • Local Primary Care Federation – we or us:
    • a company incorporated in England and Wales with registered Company number 09348776.
    • Registered office, Ams Medical Accountants, Floor 2, 9 Portland Street, Manchester, England, M1 3BE.
    • ICO registration number ZA244667.
  • LPC – may be used as the abbreviation for Local Primary Care Federation for ease of interpretation.
  • UK and EU Cookie Law – the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 and the UK GDPR.
  • User or you – any third party that accesses services, or the Website and is not either (i) employed by Local Primary Care Federation and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Local Primary Care Federation in connection with the provision of such services.
  • Website – the website which you may access, https://lpcfederate.co.uk/, and any sub-domains of this site unless expressly excluded by their own terms and conditions.

Context – In this privacy policy:

  • unless the context requires a different interpretation, the singular includes the plural and vice versa
  • references to sub-clauses, clauses, schedules or appendices are restricted to sub-clauses, clauses, schedules or appendices of this privacy policy
  • any reference to a person includes firms, companies, government entities, trusts and partnerships
  • “including” is understood to mean “including without limitation”
  • reference to any statutory provision includes any modification or amendment of it
  • the headings and sub-headings do not form part of this privacy policy.

2. Scope of this Privacy Notice

2.a This privacy policy will apply only to the actions and procedures of LPC and to the data collection in respect to the Website, it does not extend to any websites that can be accessed from the LPC Website including, but not limited to, any links we may provide to social media websites.

2.b For purposes of the applicable Data Protection Laws, LPC is the "data controller". This means that LPC determines the purposes for which, and the manner in which, your Data is processed.

3. Data Collected

We will collect data from you strictly in accordance with the principles set out within the Data Protection legislation expectations. These principles are in place to ensure that we are accountable, and that data processing will be:

  • Transparent – which means in a lawful, fair and transparent way.
  • Legitimate – we will collect data only for a specific purpose and only process it for that original intent.
  • Limited – only the amount of data required for the purposes identified will be collected.
  • Up to date – we will use all reasonable endeavours to ensure we have the more accurate and up to data information.
  • Retention – we will only keep your data for as long as it is needed unless we are required to retain it longer to fulfill a legal obligation.
  • Secure – all data we hold is held confidentially and with the highest possible levels of security.

LPC may collect the following Data, which will be influenced by and dependent on the reasons we are engaging with you. Data collected will consist of both personal data and sensitive data, referred to as special category data.

  • Basic details about you such as, name, address, date of birth, mobile and home telephone numbers
  • Email address – if provided
  • Gender
  • Job title and employer
  • Details relating to ethnic origin, cultural and religious belief – if provided
  • Details of allergies, special needs such as communication requirements or accessibility considerations
  • Contact we have had with you such as appointments and home visits
  • Notes and reports about your health, physical and mental condition
  • Details and records of your treatment and care
  • Results of investigations, including x-rays and laboratory test results
  • Relevant information from other people who care for you such as healthcare professionals (from within or without the NHS) and relatives
  • Accident and Incident reporting
  • Surveillance camera photographic data
  • In the event of a Lasting Power of Attorney being in place we will record this
  • When using the Website, we will also collect your IP address, operating system and web browser type and version.

4. How we collect data

4.a We may collect data directly from you:

  • when you make general enquiries which require a response
  • when you access services provided by us
  • when you complete surveys (unless it is stated such survey responses are anonymised).

4.b Data may be collected automatically when accessing electronic information. For example:

  • when you access the website, we automatically collect your IP address, the date, times and frequency with which you access the Website and the way you use and interact with its content
  • this information helps us to make improvements to Website content and navigation
  • this data is harvested automatically via cookies, in line with the cookie settings on your browser. For more information about cookies, and how we use them on the Website, see the section below, headed “Cookies”.

5. How we use your data

In keeping with UK GDPR and the Data Protection Act 2018, we may use your data in many ways such as those listed below to:

  • ensure we have accurate, up to date contact information
  • facilitate appointments and record keeping
  • offer feedback and communications relating to treatment
  • ensure you receive the most appropriate, safe and effective treatment
  • allow appropriate Healthcare professionals to provide you with the range of care you may require
  • provide anonymised information to support NHS recording relating to service provision expectations and requirements
  • support internal audits as required by regulatory authorities
  • provide information to regulatory authorities such as the Care Quality Commission
  • ensure we meet the legal obligations in relation to healthcare record management
  • properly investigate any concerns or complaints you may raise with us
  • the event of an incident we may require sharing your data with a 3rd Party such as the Health & Safety Executive.

6. Legal Basis for data collection

There are a range of lawful bases allowing the collection of personal data. Which basis LPC uses will be dependent on the services we are supporting you with.

  • Necessary for Contract – processing your data is necessary for the Patient Contract we hold with members of the Federation to support care.
  • Public Interest – to support education and training for healthcare professionals. Anonymised data may be used in training publications and training events.
  • Legitimate Interest – LPC may process your information for providing and improving the clinical services you access. We also use your data to contact you about booked appointments and ongoing care planning.
  • Legal Obligation – LPC collect and process your data to meet legal obligations for record management, including the archiving of your information held in your Patient record. We also collect information to meet our legal obligations agencies such as the Health & Safety Executive, the Care Quality Commission, and the Information Commissioners Office.
  • Common Law – We will also recognise your rights established under UK case law collectively known as the “Common Law Duty of Confidentiality”.

The processing of personal data in the delivery of direct care and for providers’ administrative purposes in LPC practices and services and in support of direct care, is supported under the following Article 6 and 9 conditions of the UK General Data Protection Regulation:

  • Article 6(1)(e) ‘…necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’.
  • Article 9(2)(h) ‘necessary for the purposes of preventative or occupational medicine for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services…”.

7. Who do we share data with

7.a Your data is always kept secure and is shared only on a ‘need to know’ basis. Limited and proportionate sharing may occur with:

  • Healthcare professionals – doctors, nurses, pharmacists, physiotherapists, occupational therapists both in clinical and domiciliary settings
  • Healthcare administrative support staff
  • Healthcare students undergoing training
  • Laboratory staff
  • Staff conducting clinical audits
  • Visiting regulatory authorities such as the Care Quality Commission or the Health & Safety Executive.

7.b Subject to sharing protocols and with your consent we may also share your data with:

  • Social services
  • Education services
  • Local authorities
  • Translation services should you require this support
  • Voluntary sector providers.

7.c There may be times when we share your information without your consent. For example:

  • Where there is a risk of harm to you or to other people
  • Where we believe that the reasons for sharing are so important that they override our obligation of confidentiality. (for example, to support investigation and prosecution of offenders or to prevent serious crime)
  • When instructed to do so by a court order
  • To control infectious diseases such as meningitis, tuberculosis or measles.
  • If you are subject to the provisions of The Mental Health Act (1983) and there are circumstances where your ‘nearest relative’ must receive information even if you object.

8. Keeping data secure

8.a We use physical, technical and organisational measures to safeguard your Data, for example we:

  • ensure all premises and facilities where data is stored are secure and adequately monitored
  • provide information security training to staff and to commit to Data Quality supported through training and best practice
  • ensure robust technology security is in place through the use of firewalls, password protection of files and two factor authentication on devices
  • encryption of data
  • encryption of surveillance camera data.
  • payment details are encrypted using SSL technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.

8.b Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us via this e-mail address: localprimarycare@nhs.net.

8.c If you would like more detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

9. Data retention

Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the period necessary to fulfil the purposes outlined in this privacy policy.

UK GDPR Article 5(1)(e), storage limitation specifies that “personal data shall be kept for no longer than is necessary for the purposes for which the personal data are processed. Personal data may be stored for longer periods insofar as it will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of GDPR”.

You should be aware that if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.

10. Your rights

10.a You have the following rights in relation to your Data:

  • Right to be informed – you have the right to be assured that LPC is processing your data in a clear and transparent manner, that when you provide data to us we are processing it in the way we say we are and that we will not perform any processing which has not been fully explained.
  • Right to access – the right to request copies of the information we hold about you at any time, or that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive.” Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
  • Right to rectification – this is the right to have your Data corrected if it is inaccurate or incomplete.
  • Right to erasure – the right to request that we delete or remove your Data from our systems.
  • Right to restrict our processing of your Data – the right to “block” us from using your Data or limit the way in which we can use it.
  • Right to data portability – the right to obtain and reuse your data for your own purposes, from our environment to another in a safe, secure, and usable manner.
  • Right to object – the right to object to our use of your Data including where we use it for our legitimate interests.
  • Rights relating to automated decision making and profiling – relevant particularly in relation to the website.

10.b To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: localprimarycare@nhs.net.

10.c If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner's Office (ICO). The ICO's contact details can be found on their website at https://ico.org.uk/.

10.d It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.

11. Cookies

11.a All Cookies used by the LPC Website are used in accordance with UK The ePrivacy Directive, also known as the European Union (EU) cookie law.

11.b Before the Website places Cookies on your computer, you will be presented with a message bar or a pop-up window, requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling LPC to provide a better experience and service to you.

11.c You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended. You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser.

12. Links to other Websites

The LPC Website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites or how they manage data provided to them. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.

13. Changes of Business Ownership and control

13.a Local Primary Care Federation may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of LPC.

13.b Data provided by Users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy policy, be permitted to use the Data only for the purposes for which it was originally supplied to us.

13.c We may also disclose Data to a prospective purchaser of our business or any part of it. In the above instances, we will take steps with the aim of ensuring your privacy is protected under the terms of UK GDPR and the Data Protection Act 2018.

14. General

14.a You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.

14.b If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.

14.c Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

14.d This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.

15. Changes to this Privacy Policy

LPC reserves the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted in hard copy in our premises and on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of our services or on accessing the Website following the alterations.

You may contact LPC by email in relation to this Privacy Notice at localprimarycare@nhs.net.

Scroll to Top