Data Provision Agreement between the University of Reading and the University of Reading Medical Practice



Similar documents
DATA PROTECTION POLICY

Job Description Receptionist Administrator

New Ross Credit Union Web Site Statement

MANAGE MY HEALTH. The online patient portal. Index. Waikanae Health

GP Patient Survey Your Doctor, Your Experience, Your Say

INFORMATION FOR PATIENTS

Instruction Guide. People First Dependent Certification Process

System Administrator and Deputy if applicable System Operators. Type of System. Purpose

A Mobile Phone and Camera Toolkit for Early Years Settings. Early Years Services April 2013 Version 1.0

Please note that you will not be able to see a doctor or a nurse or obtain any of the free National Health services until you have:

Guidance for Data Users on the Collection and Use of Personal Data through the Internet 1

Metropolitan Living, LLC 151 W. Burnsville Parkway, Suite 101 Burnsville, MN Ph: (952) Fax: (651)

Guidelines for. Quality Assurance in Cervical Screening. Second Edition

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19

ป งบประมาณ พ.ศ.๒๕๕๘ ( ๑ ต ลาคม ๒๕๕๗ ถ ง 30 ก นยายน ๒๕๕๘ ) สร ปผลปร มาณงานพ สด การจ ดซ อ/จ าง/เช า ในรอบเด อนพฤศจ กายน ๒๕๕๗ ส าน กงานท ด นจ งหว ดเช

Dublin City University

SCHEDULE 18. Premises. This Schedule 18 sets out certain terms relating to the Service Provider s Premises.

The Manchester College

The Waterloo Practice

General Register Office for Scotland information about Scotland s people. Paper NHSCR GB 1/08. NHSCR Scotland Information Governance Standards

Privacy Policy. We have provided answers to the following important questions on our information practices:

Date of birth Gender NHS number (if known) Town/Country of birth. Home Telephone no. Work Telephone no.

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1

1. General questions. 2. Personal data protection rights of employees PERSONAL DATA PROTECTION FAQ

LEWISHAM MEDICAL CENTRE

PRIVACY POLICY. Effective: January 1, 2014 Revised: March 19, Privacy Policy Page 1 of 7

NHS Constitution Patient & Public Quarter 4 report 2011/12

DARTFISH PRIVACY POLICY

University of Limerick Data Protection Compliance Regulations June 2015

General Register Office for Scotland information about Scotland s people. Paper NHSCR GB 5/07. NHSCR s quality assurance procedures

PATIENT PARTICIPATION GROUP REPORT ON OVERTON PARK SURGERY S PATIENT SURVEY CONDUCTED IN JANUARY 2012

Information Governance Strategy

How To Protect Your Personal Information At A College

STONEHILL MEDICAL CENTRE PATIENT PARTICIPATION GROUP REPORT AND ACTION PLAN 2013/2014

Highbridge Medical Centre Pepperall Road Highbridge Somerset TA9 3YA

Bodywhys Privacy Policy

Safe and secure use of personal health information

Drs Beales, Crowley, Strachan & Navamani North Road Surgery, 77 North Road, Kew, Richmond, TW9 4HQ

DATA PROTECTION AND DATA STORAGE POLICY

Data Protection Policy June 2014

UNIVERSITY MEDICAL CENTRE PATIENT PARTICIPATION GROUP ANNUAL REPORT & ACTION PLAN

Information Governance Strategy. Version No 2.0

The system is available to the holders of Medicover cards entitled to examinations and consultations in Medicover Centres.

NEW CROSS ROAD LONDON SE14 6TJ TEL: FAX:

Scottish Rowing Data Protection Policy

Code of Practice on Data Protection for the Insurance Sector

Section 1 - for you to f ill in

Definition document for Health Bodies in Wales (including Local Health Boards, NHS trusts and Ambulance trusts)

DRUG, ALCOHOL AND SUBSTANCE ABUSE

A guide to our services

Information Governance Strategy

This TEPL Data Protection Policy is effective from 2 July Updated on 31 Jul 2015

VICTORIA STREET MEDICAL GROUP 7 VICTORIA STREET ABERDEEN AB10 1QW. Tel: Fax:

Closed Circuit Television (CCTV) code of practice. Based on the publication A Code of Practice for CCTV

Identity and Access Management Product Terms

Professional Certificate in General Insurance for QFAs

Human Resources Policy No. HR46

Privacy Policy GetYou

Easy Participation for Healthcare Professionals

De-identification of Data using Pseudonyms (Pseudonymisation) Policy

Data Protection Act a more detailed guide

We may collect the following types of information during your visit on our Site:

September 2015 TO THE BOARDS OF MANAGEMENT AND PRINCIPAL TEACHERS OF PRIMARY SCHOOLS

Maximum Global Business Online Privacy Statement

Patient Satisfaction Survey Results Report 2013/2014

Information Governance Strategy

Policy and Procedure Title: Maintaining Secure Learner Records Policy No: CCTP1001 Version: 1.0

FELLVIEW HEALTHCARE LIMITED IN-HOUSE COMPLAINTS FORM. If you need help to complete the form please ask the Branch Manager for assistance.

DATA PROTECTION POLICY

KNIGHTS HILL SURGERY Suite 1, West Norwood Health and Leisure Centre, SE27 0DF

TargetingMantra Privacy Policy

STANDARD TERMS AND CONDITIONS FOR PROVISION OF MEDICAL REPORTING SERVICES BY MEDICAL PRACTITIONERS

IAPT Data Standard. Frequently Asked Questions

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework

A Framework for the Safe and Secure Use & Management of Community Pharmacy NHSmail including Generic Mailboxes

Privacy Policy. Federal Insurance Company, Singapore Branch Singapore Personal Data Protection Privacy Policy. 1. Introduction

ESTRO PRIVACY AND DATA SECURITY NOTICE

Data Protection Policy

SABDEN & WHALLEY MEDICAL GROUP

John Leggott College. Data Protection Policy. Introduction

Data Protection Policy

Information Governance Strategy. Version No 2.1

CMHS NOMs Client-Level Measures for Programs Providing Direct Services (Services Activities): FREQUENTLY ASKED QUESTIONS (FAQs)

SUBJECT ACCESS REQUEST PROCEDURE

The terminology used in this document is presented below: a limited company registered in Finland. BI:

Halton Borough Council. Privacy Notice

GROUP INCOME PROTECTION

Personal Data (Privacy) Ordinance and Electronic Health Record Sharing System (Points to Note for Healthcare Providers and Healthcare Professionals)

Privacy Policy. 1. Principle

Privacy Policy. 1. Principle

Caedmon College Whitby

Welcome To The First Edition Of Our Newsletter March 2014

NHS Lanarkshire Information Governance Committee

Research Governance Standard Operating Procedure

Photography and filming in schools Code of Practice

PROTECTION OF PERSONAL INFORMATION

PRIVACY POLICY. The Policy is incorporated into Terms of Use and is subject to the terms laid down therein.

The original version was published in: Official Announcements Vol. 29 / 2010, pp. 2473

Data Protection Policy

United Kingdom. London W1J 6QE. FCA Register No: HA6 1NW. United Kingdom

Transcription:

Jennifer Chetcuti Office of the University Secretary Section name Data Provision Agreement between the University of Reading and the University of Reading Medical Practice 1. Overview The following agreement governs the provision of students personal data, including sensitive personal data, by the University of Reading (the University) to the University Medical Practice (the Medical Practice) and explains the purposes for which that information may be used. The Medical Practice will not share any personal information regarding its patients with the University unless the patient has given their explicit permission or it is otherwise lawful to do so. For further information as to the Medical Practice s management of sensitive data please see their website (www.readinguniversitymedicalpractice.nhs.uk) or ask at the Reception for a leaflet. 2. How students personal information will be used The Medical Practice will use the personal information for the purposes set out below. 2.1 To ensure the contact details for students are accurate so that communications, such as invitations for health checks and reviews, are sent out to the correct address. Female patients will also receive reminders of smear (PAP) tests when they are due, and parents will receive reminders of their children s immunisation program. 2.2 To assist in the list cleansing initiatives. 2.3 To prepare name labels for the annual Freshers registrations in order to make the registration procedure easier to administer. 2.4 For any students personal information contained in CCTV images, this information will be used to assist with the identification of visitors to the Centre, to help ensure public safety and assist with the prevention and detection of crime. 3. Information to be shared 3.1 The University will provide the Medical Practice with the following personal information from RISIS: Title First Name University of Reading 2012 Page 1

Preferred name Initials Last Name Date of birth Gender Student Number Course code Duration of course Addresses (Reading locality) Previous addresses Telephone number Email address 3.2 The University may provide the data listed in 3.1 to the Medical Practice for enrolled students up to a full year after the closure of their academic programme of study. 3.3 The Medical Practice will be given access to relevant CCTV images covering the Centre. 4. Information provision 4.1 Students personal information will be provided via secure direct access or via encrypted email attachment. Medical Practice staff will be issued with University ITS accounts, according to the procedures set out in the Service Level Agreement (Schedule 1), to ensure the security of any data transfers. The direct access via RISIS portal log on will also assist the Medical Practice in maintaining accurate information. 5. Access to information 5.1 Access to the students personal information and CCTV images will be restricted to the following employees of the Medical Practice: Receptionists Administrators the IT Manager University of Reading 2012 Page 2

5.2 Staff listed in 5.1 will be issued with access accounts to RISIS and these will only be used strictly on a need to know basis for the purposes of health care provision. 5.3 Access to the students personal information will be provided on a read-only access basis only. 6. Conditions for the processing student personal information 6.1 With regard to the use of students personal information, the Medical Practice will: 6.1.1 comply with the University s Data Protection Policy and Guidelines (www.reading.ac.uk/data_protection) where appropriate; 6.1.2 comply with the eight data protection principles in the Data Protection Act 1998; 6.1.3 follow the Caldicott Guidelines on confidentiality; 6.1.4 ensure that all Medical Practice staff, and any staff of data processors, handling student personal information, are trained and authorised to access the personal data before processing begins; 6.1.5 ensure that any data processor it uses has security policies and procedures that ensure compliance with Principle 7 of the Data Protection Act 1998; 6.1.6 maintain its accreditation with the PCT or its successor with regard to the Information Management and Transfer Local Enhanced Service; 6.1.7 ensure that staff complete information governance training modules and participate in annual training programmes on data protection and maintenance of confidentiality. 7. Restrictions on the use of information 7.1. The information provided by the University to the Medical Practice shall not be routinely passed to any third party unless the patient s doctor believes that it is in their best interests with regard to health provision. 8. Student rights 8.1 Students have the right to refuse consent to certain uses of their information. In such cases they should contact either the University using imps@reading.ac.uk (0118 378 8981) or the Medical Practice Manager (or their deputy) on 0118 921 3823 if they have any concerns with the processing outlined above. 8.2 Students are entitled to access the personal data held by the University. See www.reading.ac.uk/accessing-personal-data for more information. 9. Retention of information 9.1 The Medical Practice will ensure that it adheres to the records retention policy for patient personal information available here: http://www.readinguniversitymedicalpractice.nhs.uk/userfiles/image/servicebuttons/r ecords_retention_policy_oct_12.pdf 10. Review and publication University of Reading 2012 Page 3

10.1 This agreement will be reviewed annually by the 31 July. 10.2 This agreement will be published on the University s website and linked from the University s fair processing notice, which new students consent to on enrolment: www.reading.ac.uk/fair-processing-notice Lee Shailer Data Protection Officer Date Janet Judkins Medical Practice Manager Date University of Reading 2012 Page 4

University of Reading 2012 Page 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information