Privacy Policy

Wades of Ely Optometrists is committed to ensuring that your privacy is protected and you can be assured that any personal information will only be used in accordance with the General Data Protection Regulation GDPR.

Wades of Ely will continue to retain its registration as a Data Controller with the Information Commissioner.  

The legal basis for processing your personal data here at Wades of Ely is of legitimate interest and for the purposes of health care eg. ensuring regular check-ups.

You have eight rights under the GDPR:-

Right to be informed

We hold various pieces of information about you including your:-

  • name and address
  • telephone number
  • email address
  • clinical details such as the state of health of your eyes
  • your spectacle and/or contact lens prescription
  • copies of any letters we have written about you or received from other professionals, such as your doctor. 

This information is used to ensure regular check-ups, referral to other health professionals and for your best interest in keeping a full eye medical record.

These records are not kept longer than necessary and are retained for periods as agreed by the optical bodies.

Right of access 

You are entitled to a copy of this information although there may be an administrative charge for providing it. If you wish to see your records, please ask Wades of Ely and we will respond as quickly as possible and in any case are case are required to do so within 40 days.  If you require independent advice, contact the Information Commissioners Office at www.ico.gov.uk.

Right to rectification

You are entitled to have your personal data rectified if it is inaccurate or incomplete. We will comply with any requests within 1 month of receipt.

Right to erasure

You have the right for your data to be erased. This applies to personal data which is no longer necessary in relation to the purpose for which it was collected. However, this does not apply where we have a duty to keep records for the GOS Terms of Service which require us to keep all records for 7 years. Therefore, we will be able to delete electronic records but we will need hard copies to be printed and stored securely.

Right to restricted processing

The data we collect will not be processed for marketing purposes but only for recall categories which are purely health related.

Right to data portability

You are entitled to take a digital copy of your data when available

Right to object

We will not be using your data for marketing so this does not apply to you.

Rights relating to profiling

We will not be profiling your data so this will not apply to you.

Website

Wades of Ely is committed to ensuring that your privacy is protected and any information we collect will be used only in accordance with this privacy statement. We will not be using your data for marketing. 

When using our website we may collect your name, contact information including email address and telephone number.

This data will not be kept longer than is necessary.

Security

All information collected online is securely stored in order to prevent unauthorised access. We are committed to protecting the security of your personal information

Data Security

How we protect this information

  • All practice staff have a confidentiality clause within their contracts.
  • All personal information contained on practice records, whether paper or electronic, is considered confidential.
  • We will not discuss your personal information with anyone other than you or, if you are under 16 and not Gillick competent, your parent or guardian without your permission.
  • Care is taken that records are not seen by other people in the practice.
  • All staff are aware of the importance of ensuring and maintaining the confidentiality of patients’ personal data and that such data must be processed and stored in a secure manner.
  • All electronic data is protected by suitable back-up procedures and any on-line backup uses a service, which encrypts the data securely before transmitting it from the practice PC. 
  • When computers are replaced, old hard drives are securely erased or physically destroyed.
  • Records are retained for periods as agreed by the optical bodies.
  • Confidential paper information requiring destruction is shredded.
  • Records due for destruction are shredded.
  • If the need arises to transfer information we have procedures that include consent and secure transfer.
  • Any suspected breaches of security or loss of information are reported immediately and are dealt with appropriately by the person responsibility for confidentiality and data management.
  • Paper records are kept secure and away from access by the public.

How we use and process the information we hold

To discharge our legal and contractual duties:

  • If you have a sight test you will be given a copy of your spectacle prescription as soon as your sight test is completed.
  • If you have a sight test and you are referred to a doctor, we will offer you a copy of the referral letter.  If we cannot give this to you straight away we will give you a written statement that you are being referred, with the reason for the referral (e.g. “cataract”) written on the GOS2 or similar private form. 
  • If you are fitted with contact lenses you will be given a copy of your contact lens specification when the fitting process has been completed.
  • We make sure that staff who help in the provision of GOS are appropriately trained and supervised for the tasks that they undertake.

We may also use the information we hold about you to remind you when you are due for check-ups.  If you do not want us to do this please let us know.

How we transfer personal data

  • We always transfer personal information (data) securely.
  • We adhere to the guidelines of the College of Optometrists and the Data Protection Act and will not pass any of your personal information to a third party without your consent unless there is a clear public interest duty to do so.  You will need to provide us with your consent if you wish us to pass your information to another optometrist.
  • If you are an NHS patient, we are obliged to provide the portion of your record that relates to NHS services to authorised persons within the NHS (who are in turn subject to a duty of confidentiality) if they request this. This is usually to confirm that we have provided the NHS services that we have been paid for, and to improve quality of care. It is also possible that the NHS may contact you to ask if you have received services (such as a sight test or spectacles) as part of this monitoring.
  • We may also not ask your permission if we are ordered by law to transfer the information.  This may be if a court asks us for the information. 
  • Within the practice we may use the information to analyse trends, or to audit our performance. This enables us to monitor and improve the quality of care that we offer you. Wherever possible (i.e. if we do not need to know who an individual patient is) we will only analyse trends from anonymised information.

 

For more information about record keeping see the tables below.

If you have any queries about our policy please contact us and we will be happy to help.

Categories of personal data and data subject

 

Legal basis for processing personal data

Who these personal data are shared with

Time limits for erasure

Security measures to ensure level of security appropriate to risks

 

Patient records-

including retinal

photographs, referral letters etc.

 

Legitimate interest and for the purposes of health care

 

Practice staff and health professionals

 

College of Optometrists guidance is that records to be kept for 10years. Children under 18 will have their records kept until their 25th birthday due to NHS specifications

 

Only practice staff have access to the complete record card. All practice staff have a confidentially clause within their contracts.

Paper records are kept securely. Electronic data is password protected. There is a back-up system so data can be restored. All anti-virus and other software are kept up to date

Customer records- eg. Direct debit/payment details

Legitimate interest

The data subject’s bank

Kept for tax purposes and future claims/information

Paper records are kept securely. Electronic data is password protected. There is a back-up system so data can be restored. All anti-virus and other software are kept up to date

Staff records-includes bank details, NI number and other personal information

Performance of a contract with a member of staff or to take steps to enter into a contract. The processing is necessary for carrying out obligations as an employer

HMRC including payroll

Kept for tax purposes and future claims/information

Paper records are kept securely. Electronic data is password protected. There is a back-up system so data can be restored. All anti-virus and other software are kept up to date

About Wade's of Ely

As a local and Independent Opticians, we have been looking after the needs of the people in Ely and surrounding area since 1928.

 

Company Number 09892915 (Registered in England and Wales). VAT GB 268 0261 05.

Contact us

Phone: 01353 662674
Fax: 01353 665006
Email: info@wadesofely.co.uk


2 High Street, Ely, Cambridgeshire, CB7 4JU

Opening times

Monday 9am - 5.15pm
Tuesday 9am - 5.15pm
Wednesday 9am - 5.15pm
Thursday 9am - 5.15pm
Friday 9am - 5.15pm
Saturday 9am - 4.00pm

Closed - Sundays and Bank holidays

Book an Appointment