Office opening hours: 8.30am to 5.30pm Monday to Friday. Offices closed on Bank Holidays.
Home Menu Search

Wessex LMCs Privacy Policy

We understand how important it is to keep your information safe and secure and we take this very seriously. We have taken steps to make sure your information is looked after in the best possible way and we review this regularly.

Please read this Privacy Notice (‘Privacy Notice’) carefully, as it contains important information about how we use the information we collect, store and use about you.

 

1. WHY WE ARE PROVIDING THIS PRIVACY NOTICE

We are required to provide you with this Privacy Notice by Law. It explains how we use the information we collect, store and hold about you. If you are unclear about how we process or use your information, or you have any questions about this Privacy Notice or any other issue regarding your information, then please contact our LMC Compliance Lead (see below).

The Law says:

2. ABOUT US

We are Wessex Local Medical Committees Ltd, (‘the LMC’) registered office situated at Wessex Local Medical Committees Ltd, Churchill House, 122-124 Hursley Road, Chandler’s Ford, Eastleigh, Hampshire, SO53 1JB, company number 05970383.

Wessex Local Medical Committees (the LMCs) is the statutory representative body for GPs and their    Practices, operating across the counties of Dorset, Hampshire, the Isle of Wight, Bath and North East Somerset, and Wiltshire. We also provide services to the Islands of Jersey and Guernsey. We exist solely to represent, advise, and support GPs and their Practices.

We are the Data Controller of your information.

There may be times where we also process your information.

This means we use it for a particular purpose and, therefore, on those occasions we may also be Data Processors.

The purposes for which we use your information are set out in this Privacy Notice.

3. LMC COMPLIANCE LEAD

The LMC Compliance lead is Lisa Harding, Director of Primary Care.

Email: lisa.harding@wessexlmcs.org.uk.             

Telephone Number: 023 8025 3874.

Contact the LMC Compliance Lead if:

4. WHY WE USE YOUR INFORMATION

To communicate with you as constituent GPs, Committee and Secretariat members, practice managers and other members of the wider practice team in order to gather and disseminate knowledge, advice and bespoke information. This is part of your membership offering by the LMC.

All information collected will only be used for the legitimate purpose of fulfilling the LMCs’ function. This shall include sending you information such as bulletins, newsletters, mailings, elections on behalf of the LMC / CCGs / Federations/PCNs/the BMA (GPC), pastoral care, events/training, bespoke information and guidance be it on a locality, practice or individual level, surveys, DBS checks, levy collections.

5. WHAT INFORMATION WE COLLECT ABOUT YOU

We record your name, contact details (including, emails, addresses, practice address, telephone number), GMC number (if you are a GP), date of birth (if you are a GP), gender/sex, contacts with the LMC office.This may include email correspondence, letters and summaries of telephone conversations. This may relate to mailings sent by the LMC, individual advice /support, and pastoral support. This information is held securely and confidentially.

If you are Committee or Secretariat member we will, in addition to the above information, collect your national insurance number, your financial details including your bank account and your sort code for the purpose of paying you.

6. LEGAL BASIS FOR USING YOUR INFORMATION

The law states that we must collect your information in accordance with a legal basis.  We will only use any information that you provide in accordance with the principles of the Data Protection Act 2018 and Regulation (EU)2016/679 ( General Data Protection Regulation) (GDPR) and any other relevant legislation, regulations or guidance.

The legal basis for using your information is as follows;

a) Under GDPR 6(1)(a) ‘the data subject has given consent to the processing of his or her personal data for one or more specific purposes’

b)  Under GDPR Article 6(1)((c) ‘processing is necessary to comply with a legal obligation to which the controller is subject’

c) Under GDPR Article 6(1)(e) ‘processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority invested in the controller’

d) Under GDPR Article 6.1(f) ‘processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.’

Where you have given your consent for us to use your information you have the right to withdraw your consent at any time.

Committee and Secretariat members

If you are a Committee or Secretariat member the legal basis for processing your information is:

a) Under GDPR Article 6 (1) (b) ‘Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract’.

b) Under GDPR Article 6(1)((c) ‘processing is necessary to comply with a legal obligation to which the controller is subject’

c) Under GDPR Article 6(1)(e) ‘processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority invested in the controller’

Where we process any special category/sensitive information the legal basis is as below.

Special category/sensitive information

The Law provides special protection for certain kinds of information that is particularly sensitive. This is information about your health status, racial or ethnic origin, political views, religious or similar beliefs, sex life or sexual orientation, genetic or biometric identifiers, and trade union membership.

Where we process any sensitive or special category information belonging to you, the legal basis is:

a) Under GDPR Article 9(2)(b) ‘processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law in so far as it is authorised by Union or member state law or a collective agreement pursuant to member state law providing for appropriate safeguards for the fundamental rights and the interests of the data subject.’

b) Under GDPR Article 9(2)(d) ‘processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a political, philosophical, religious or trade union aim and on condition that the processing relates solely to the members or to former members of the body or to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects;’

Where you have provided us with your explicit consent to use any special category data the legal basis is:

c) Under Article 9(2)(a) ‘the data subject has given explicit consent to the processing of those personal data for one or more specified purposes, except where Union or Member State law provide that the prohibition referred to in paragraph 1 may not be lifted by the data subject.’

7. HOW LONG WE RETAIN YOUR INFORMATION

Your information will be retained in line with current law, national guidance and our current Information Retention and Disposal Policy. However, we do not keep your information any longer than we consider reasonably necessary.

8. WHO WILL YOUR INFORMATION BE SHARED WITH

Where we do ask for your information this is to ensure we provide you with information that we believe is important to your membership of the LMC.

We may pass on your information if we have a legal obligation to do so, otherwise, we will not share your information with other organisations for market research or commercial purposes and we will not pass on your details to other websites.

There may also be occasions where we may provide information about you in an anonymised form. If we do so, then none of the information we provide to any other party will identify you as an individual and cannot be traced back to you.

Your information may be shared with third parties (for example CCGs, Federations) for the following purposes:-

Elections:  The use of email addresses held on the LMC system may be used for locality / CCG / Federation / PCN and BMA (GPC) election purposes or for internal committee elections.
DBS Checks:  The use of application details and proof of ID are shared between the practice and the LMC office in order to complete and forward DBS checks for processing by the Disclosure and Barring Service Government Agency.
Levy Collections:  Practice name and patient population details will be shared between the LMC and CCGs in order to process levy collections be them statutory or voluntary.  Where voluntary, relevant mandates are held by the LMC and shared with the CCG.
Training/Events:  Delegate details will be provided to trainers in order to verify their attendance at an event the delegate has booked on to.
Sponsorship:  Delegate lists (excluding personal information) will be shared with event sponsors.
General Support:  Where we have your explicit consent, on a case by case basis, your details may be shared with GP Supporters, PM Supporters, PM Caretakers and Pastoral Support Agencies.

Honoraria:  If you are a Committee or Secretariat member, your information will be processed via the Sage payroll system in order to pay honoraria and will be provided to HMRC for tax purposes.

Direct Marketing

We will not share your information for marketing purposes unless we have your consent. 

Education / Training

As part of the ongoing service the LMC provides to practices, training and education mailings will be disseminated to relevant contacts on our database from time to time.

9. RIGHT OF ACCESS /RECTIFICATION/ERASURE/RESTRICT PROCESSING/ DATA PORTABILITY

You have the right to access the information we hold about you and have any inaccuracies corrected. You have the right to request your specific information under a Subject Access Request and we will process that request in line with relevant legislation. We will provide the information free of charge, however, we may in some limited and exceptional circumstances have to make an administrative charge for any extra copies if the information requested is excessive, complex or repetitive. We have one month to reply to you and give you the information you require. We would ask, therefore that any requests you make are in writing and it is made clear to us what and how much information you require.

You have the right to ‘be forgotten’ but if you ask us to delete/erase your contact details you may no longer receive any communications or benefits from us.

In certain circumstances you also have the right to restrict the processing of your information. This means that in certain situations you can limit the way we use your information.

You may also in certain situations have the right to data portability. This is the right to request the transfer of any information (you have provided to us) to another party.

10. RIGHT TO OBJECT AND COMPLAIN

You have the right to object to your information being used in some or all of the ways as described in this Privacy Notice. Please contact our LMC Compliance Lead should you have any questions or issues with the use of your information as described here. 

You have the right to complain about the management of your information.  In the first instance please refer your complaint to the LMC Compliance Lead as detailed above.  If you remain dissatisfied with our response you may complain to the ICO  https://ico.org.uk/global/contact-us/ or tel. 0303 1231113 (local rate), or 01625 545745 (national rate).

11. PASTORAL CARE

Part of the LMCs’ function is to provide pastoral care to constituent GPs within Hampshire and the Isle of Wight, Dorset, Wiltshire, Swindon, BaNES and the Channel Islands. We have a dedicated team of experienced GPs who provide this service, led by our Medical Directors.

What we do with your information:

a) If you contact the LMC for support your request will be passed to the Pastoral Care Lead in the first instance, or the Medical Director, with your explicit consent, via a secure email.

b) The Pastoral Care Lead (or Medical Director) will make contact via whatever communication you have requested (mobile/email) to have an initial discussion.

c) It may then be that your case is passed, with your consent, to another member of the Pastoral Care Team (known as Supporters) to support you.

d) There may be occasions when informal notes are taken, but any information is kept confidential and secure and only used for the purpose of assisting you. (Any notes will be kept securely where only the LMC Executive team and designated members of the administration team and the Pastoral Care Lead have access should it be necessary).

e) Information is not shared with a third party, unless with your consent to such services as occupational health, mediation, counselling, subject to GMC guidelines. 

f) Any information will be kept for seven years unless the Pastoral Care team feels the matter is ongoing or other aspects mean we need to keep it for a longer period of time.

12. IF ENGLISH IS NOT YOUR FIRST LANGUAGE

If English is not your first language, you can request a translation of this Privacy Notice. Please contact our LMC Compliance Lead.

13. COOKIES (GOOGLE ANALYTICS)

When visiting the LMC website www.wessexlmcs.org.uk , we have engaged the third party service of Google Analytics to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

If we want to collect personally identifiable information through our website, we will be up front about this and will make it clear when we collect information and, in this instance, will explain what we intend to do with it. We will ask for your consent to do this should we need to collect and do something different with any information where prior consent has not already been obtained.

Search Engine

Our website search facility is powered by FourteenFish. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific information is collected by either the LMC or any third party. 

Hyperlinks

Our website contains hyperlinks to other third party websites. If you go to another website from our website it is important that you read their Privacy Notice on that website to find out what it does with your information and their policies may differ from ours. We take no responsibility legal or otherwise for the content or use of information, personal or otherwise, on other websites.

myLMC Bespoke Software

We use a bespoke software package called myLMC, supplied by a third party, to publish newsletters, send out mailings, process events/payments, elections, DBS Checks and to hold practice records and individual information.  This software is hosted by FourteenFish and held securely on their server.

14. THIRD PARTY ENGAGEMENT / SUPPLIERS

Where we use third parties to process or use your information we ensure that we have a robust agreement in place which makes it clear that they must be compliant with GDPR and other data protection legislation.  We are clear that the information they may receive about you from us is only used in a manner consistent with the aims of the LMC and this Privacy Notice.

15. SECURITY AND STORAGE OF YOUR INFORMATION

We take the security of your information very seriously and we do everything we can to ensure that your information is always protected and secure. We regularly update our processes and systems and we also ensure that our staff are properly trained. We also carry out assessments and audits of the information that we hold about you and make sure that, if we provide any other services, we carry out proper assessments and security reviews.

In most circumstances, we hold your information electronically. It is password protected and held securely on either our internal computer systems or on a third party secure server. In some instances, your information can be accessed by mobile devices which are password protected. 

Where paper records are retained, these are held securely in a locked filing cabinet within the LMC office, accessed by the LMC management and administration team only.

The LMC uses a third party service (FourteenFish) to help maintain the security and performance of the LMC website.

16. CONTACTING YOU

We are obliged to protect any confidential information that we hold about you and we take this very seriously. It is imperative that you let us know immediately if you change any of your contact details so as to ensure that the information we hold about you is up to date and correct.

17. TELEPHONE RECORDINGS

We do not record any telephone calls you make to our offices. If you leave us an answerphone message with your details we will pass on your message to the relevant person as soon as we can. Your answerphone message will be deleted as soon as we have done this.

18. CCTV

Please note that we have a CCTV system in place in 4 locations on the outside of the building, covering all access points and our car park. This is for the safety of our visitors/staff and, in particular, to record and evidence any serious incidents.

We operate this system in accordance with the Law and codes of practice issued by the Information Commissioners Office, as well as other regulatory bodies.

CCTV recordings are kept on a rolling basis according to available memory on the hard drive (4TB). These recordings are kept on average for 4 – 6 weeks. Recordings are kept on the equipment’s hard drive and relevant software is located on six PCs accessed by members of the administrative team within the LMC office.

CCTV is monitored daily and only authorised administrators have access.

The CCTV is intended to provide security for those working in, and accessing, the office and car park. Recordings are not destroyed, they are overridden by rolling use of the equipment’s hard drive memory which has a maximum of 4TB of storage.

The equipment has the ability to save recordings if required to do so but we will not keep images on CCTV for longer than is necessary.

Where recordings are viewed, this is done in a secure environment by the administrators who are authorised to do so.

If you believe your image has been captured on our CCTV, you have a right to see it. Please contact our Compliance Lead, who will be able to assist with your enquiry.

19. CHANGES TO OUR PRIVACY NOTICE

Please note that this Privacy Notice will be regularly reviewed and updated in line with current data protection legislation, regulations and guidance.

 

This Privacy Notice was last updated on 10th November 2020

About this page...

Updated on Tuesday, 10 November 2020 4863 views