Who we are

Your Healthcare Service Limited (YHS) is committed to protecting the privacy of our patients and users of our website. This privacy policy outlines the type of information we collect, how we use it, who we share it with, and how we protect it.

Collection of Personal Information

We collect personal information from our patients when they register on our website, make appointments, or use our healthcare services. The personal information we collect may include:

  • Name
  • Address
  • Email address
  • Phone number
  • Medical history
  • Vital signs data (blood pressure, heart rate, etc.)

We collect this information in order to provide our healthcare services to our patients and to ensure that our services are safe and effective.

 

Use of Personal Information

We use the personal information we collect to provide our healthcare services, to communicate with our patients, and to improve the quality of our services. Specifically, we may use personal information to:

  • Schedule appointments
  • Provide at-home healthcare services
  • Monitor and track patient vital signs data
  • Communicate with patients via email, phone, or instant messaging
  • Respond to patient inquiries or feedback
  • Analyze patient data to improve our services

Sharing of Personal Information

We may share personal information with third-party service providers that we use to provide our healthcare services, such as home healthcare providers or nursing staff. We will only share personal information with these third-party service providers to the extent necessary to provide our services.

We may also share personal information with government or regulatory authorities as required by law or to comply with legal obligations.

Security of Personal Information

We take the security of personal information seriously and implement reasonable and appropriate technical and organizational measures to protect it. This includes implementing SSL encryption to protect data transmitted over the internet, using firewalls to prevent unauthorized access, and using strong passwords and two-factor authentication to protect user accounts.

Retention of Personal Information

We will only retain personal information for as long as necessary to provide our healthcare services and to comply with legal obligations. We may also retain personal information for research or statistical purposes, provided that we have obtained the necessary consent from our patients.

Rights of Data Subjects

Under the General Data Protection Regulation (GDPR), data subjects have certain rights with respect to their personal information, including the right to access, rectify, and delete their data. Patients may also have the right to object to the processing of their personal data in certain circumstances.

Changes to this Privacy Policy

We reserve the right to update this privacy policy from time to time to reflect changes to our data handling practices or legal requirements. We will provide notice of any material changes to this privacy policy on our website.

GDPR Policy

  1. Introduction

Your Healthcare Service Limited (YHS) is committed to protecting the privacy and personal data of our patients and users of our website. This GDPR Policy outlines how we process personal data and the measures we take to ensure compliance with the EU General Data Protection Regulation (GDPR).

  1. Scope

This policy applies to all personal data processed by YHS, whether in electronic or paper form, and whether processed by staff, contractors, or third-party service providers.

  1. Principles of Data Protection

YHS is committed to complying with the principles of data protection set out in the GDPR, including:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  1. Lawful Basis for Processing Personal Data

YHS will only process personal data where there is a lawful basis to do so, as set out in Article 6 of the GDPR. The lawful bases for processing personal data include:

  • Consent
  • Contractual necessity
  • Legal obligation
  • Vital interests
  • Public interest
  • Legitimate interests
  1. Types of Personal Data Processed

YHS processes the following types of personal data:

  • Name and contact information (including email address and phone number)
  • Medical history and health data
  • Vital signs data (e.g., blood pressure, heart rate, etc.)
  • Appointment and scheduling data
  • Payment and billing data
  1. Purposes of Processing Personal Data

YHS processes personal data for the following purposes:

  • To provide healthcare services to our patients
  • To schedule and manage appointments
  • To communicate with patients about their care
  • To process payments and billing
  • To analyze data to improve the quality of our services
  1. Data Subject Rights

Under the GDPR, data subjects have certain rights with respect to their personal data, including the right to:

  • Access their personal data
  • Rectify inaccuracies in their personal data
  • Erase their personal data in certain circumstances
  • Restrict the processing of their personal data
  • Object to the processing of their personal data
  • Receive their personal data in a portable format
  • Lodge a complaint with a supervisory authority

YHS will take appropriate steps to enable data subjects to exercise their rights in relation to their personal data.

  1. Data Protection Officer

YHS has appointed a Data Protection Officer (DPO) to oversee our data protection activities and ensure compliance with the GDPR. If you have any questions or concerns about our data protection practices, or if you wish to exercise any of your data subject rights, please contact our DPO at dpo@yhs.uk.com.

  1. Data Security Measures

YHS takes appropriate technical and organizational measures to ensure the security of personal data and to prevent unauthorized access, disclosure, or alteration. These measures include:

  • Use of encryption to protect data in transit and at rest
  • Use of firewalls to prevent unauthorized access
  • Use of strong passwords and two-factor authentication to protect user accounts
  • Regular backups of data to prevent data loss in the event of a system failure or data breach
  • Staff training on data protection and information security
  1. Data Breach Notification

In the event of a data breach that is likely to result in a risk to the rights and freedoms of data subjects, YHS will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. Data subjects will also be notified where the breach is likely to result in a high risk to their rights and freedoms.

  1. Retention of Personal Data

YHS will retain personal data for no longer than is necessary to achieve the purposes for which it was collected, or as required by law. Personal data

be securely and permanently deleted or destroyed when it is no longer needed.

International Data Transfers YHS may transfer personal data outside of the European Economic Area (EEA) where necessary to provide healthcare services to our patients. In such cases, we will ensure that appropriate safeguards are in place to protect the personal data, such as contractual clauses or binding corporate rules.

Third-Party Service Providers YHS may engage third-party service providers to process personal data on our behalf, such as IT support or payment processors. We will ensure that any third-party service provider is GDPR-compliant and has appropriate technical and organizational measures in place to ensure the security of personal data.

Changes to this GDPR Policy YHS may update this GDPR Policy from time to time to reflect changes in our data processing practices or legal obligations. Any changes to this policy will be posted on our website and, where appropriate, we will notify data subjects of any significant changes.

Conclusion YHS takes the protection of personal data seriously and is committed to complying with the GDPR. If you have any questions or concerns about our GDPR Policy or our data protection practices, please contact our Data Protection Officer at dpo@yhs.uk.com.