Fair processing privacy notice

Our Fair Processing Privacy Notice (FPPN) provides information on how we collect, store and use your information in accordance with the Data Protection Act 2018 and General Data Protection Regulation 2018.

Throughout this notice, where we refer to “KIMS Hospital” this also includes Sevenoaks Medical Centre, unless otherwise stated.

Why we collect information about you

The hospital keeps records about the healthcare and treatment patients receive. This helps to ensure that patients receive the best possible care from us.

How we keep your records confidential

Everyone working for KIMS Hospital must comply with the Common Law Duty of Confidence. Information you provide to the hospital in confidence will only be used for the purposes explained to you and to which you consented, unless there are other circumstances covered by the law.

The hospital holds information about you in accordance with the requirements Data Protection Act 2018 and the General Data Protection Regulation 2018.

How your personal information is used

We will use your information to:

  • book appointments and provide you with healthcare service
  • review the care we provide to ensure it is of the highest standard and quality, e.g. through audit or service improvement
  • ensure our services can meet patient needs in the future
  • investigate patient queries, complaints and legal claims
  • ensure the hospital receives payment for the care you receive
  • prepare statistics on hospital performance
  • audit accounts and services
  • train and educate healthcare professionals

Sharing information with other healthcare organisations

We share your personal information with other private healthcare and NHS organisations. For example, we may share your information for healthcare purposes with health authorities, other NHS trusts, general practitioners (GPs), ambulance services and primary care agencies.

NHS National data opt out

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.
The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:

• improving the quality and standards of care provided
• research into the development of new treatments
• preventing illness and diseases
• monitoring safety
• planning services

This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.

Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.
To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters.

KIMS Hospital is compliant with the National data opt-out policy.

Information sharing with non-NHS organisations

We may need to share information from your health records with other non-NHS organisations from which you are also receiving care, such as Social Services or other private hospitals. However, we will not disclose any health information to third parties without your explicit consent unless there are exceptional circumstances, such as when the health or safety of others is at risk or where the law requires it.

We may also be asked by other statutory bodies to share basic information about you, such as your name and address, but not sensitive information from your health records. This would normally be to assist them to carry out their statutory duties. In these circumstances, where it is not practical to obtain your explicit consent, we are informing you through this notice, which is referred to as a Fair Processing Notice, under the Data Protection Act.

These non-NHS organisations may include, but are not restricted to:

  • Social Services
  • education services
  • local authorities
  • the police
  • voluntary sector providers
  • private sector providers

KIMS Hospital is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.

Acute Data Alignment Programme (ADAPt)

ADAPt is a joint programme between Private Healthcare Information Network (PHIN) and NHS Digital for the purpose of enhancing patient safety through appropriate, secure and robust information sharing between private healthcare organisations and the NHS.

As part of this programme, patient health record information supplied by KIMS Hospital to PHIN, is shared with NHS Digital.

Where patients choose to opt out of the ADAPt data sharing, PHIN will exclude all patient identifiers from its onward submission to NHS Digital.

To find out more, please visit NHS Digital

Patient satisfaction

We may use your details to contact you about patient satisfaction surveys relating to services you have used within our hospital. This is to improve the way we deliver healthcare to you and other patients.

Satisfaction surveys are only carried out with our patients’ consent and completion is not a requirement of service provision.

Your right to withdraw consent for us to share your personal information

At any time, you have the right to refuse/withdraw consent to information sharing. The possible consequences will be fully explained to you and could include delays in receiving care.

Data Controller and Data Protection Officer

KIMS Hospital is a registered Data Controller with the Information Commissioner’s Office and has a Data Protection Officer, responsible ensuring your confidential information is kept safe and secure. The Data Protection Officer may be contacted at:

FAO  Paul Couldrey, PCIG Consulting Ltd

c/o Quality & Governance Office, KIMS Hospital

Newnham Court Way

Maidstone

Kent   ME14 5FT

Telephone: 01622 237500

Email: enquiries@kims.org.uk