Fittleworth takes the protection of all personal data extremely seriously and is committed to a policy of protecting the rights and freedoms of all individuals in relation to the processing of their personal data in compliance with Data Protection legislation.
Fittleworth has a nominated Data Protection Officer who is responsible for notifying the Information Commissioner, responding to individual requests for access to personal data and framing guidelines and procedures with the aim of ensuring that all personal data processing by the Company complies with the Data Protection Act.
As a supplier of NHS Services. Fittleworth has an obligation to process Sensitive Personal Data. We collect this information to ensure that we continue to meet your service expectations as well as remaining compliant with national legislative and NHS guidance.
The collection, retention and transfer of Sensitive Personal Data is necessary in order for us to dispense your NHS Prescriptions. This contractual requirement, coupled with our obligations in the provision of healthcare and treatment form the legal basis under which we hold and share your data.
We hold identifiable information as a means of safeguarding access to your records. We may also collect contact information relating to carers and/or family member so that we can contact them about your appliances.
We collect and retain information about your account including the appliances dispensed and any products purchased, payments you make including prescription fees and your prescription payment exemption status.
We will collect information regarding your medical condition that enables us to provide you with advice about your condition and to ensure we are dispensing appropriately.
We collect and retain information when you access our website, complete a registration or provide us with physical or digital information, either personally or someone acting on your behalf.
We monitor and record calls to and from our customer service centres to improve our service. If you contact us electronically (e.g. by email or using our website), we may collect your electronic identifier such as your internet protocol address.
Where we record consultation notes and clinical records we use recognised clinical management systems. Paper based referrals and appliance user reviews are subject to stringent NHS Information Governance controls which are reviewed annually.
We will only share your information:
We may contact you by phone or post and, if you provide us with an email address or mobile phone number, we may send you emails or text messages with operational messages about your account or the dispensing of your prescription. We will need to confirm with you that the goods to be dispensed are required and that you understand how to use and dispose of them.
As texts and emails can be intercepted, we will keep confidential information to a minimum and you should never send us any confidential information via text or email.
We will send you tailored marketing information by post, telephone, text and email, but only if you have requested marketing information via these channels.
The medical appliance field is constantly evolving. In order to ensure that you remain fully informed of the development of products and services that may help you to better manage your condition, we may send you information about those products and services that we think you would like to hear about. We respect that you may not wish to receive product updates and have ensured that this is not a default option.
Your data is primarily held on our servers based in the UK. We may however also use cloud based services where the data is stored within the EU we only do this where we can be sure your information will be adequately protected.
Fittleworth is the exclusive UK member of the World Assist Alliance; a network dedicated to helping stoma and continence customers with emergency goods when abroad on holiday or business. In order to deliver this service, we will need to share your information with a trusted international partner. You will always be advised of this prior to the disclosure of your private data.
We keep your information for as long as we need to for legitimate business purposes and for legal and regulatory reasons. We will retain your information after your account has closed for these purposes. Your records are subject to a formal retention and disposal policy which conforms with NHS Information Governance requirements.
We take our responsibilities for safeguarding patient data very seriously and have elected a designated Data Protection Officer (DPO) to oversee information management. If you have any questions or concerns relating to the way your personal data is managed, or would simply like to see the information that we hold, please address any enquiries to:
The Data Protection Officer
Governance & Compliance Department
Fittleworth Medical Limited
2 Henry Lock Way
West Sussex, BN17 7FB
Inherent to our operations and business approach is the need to provide a secure, robust and reliable payment processing service. Information security is our top business priority. To this end we have invested in extensive security controls and infrastructure.Realex Payments are certified and approved by several leading financial institutions. Our systems and security controls are based on current industry standards. There are several layers of technology in place to ensure the confidentiality, authentication and integrity of information.