We are committed to protecting and respecting your privacy. The following Privacy Statement applies to Healthlocker in its entirety, and sets out how your personal data is handled by us. We strongly recommend that you take some time to read this policy carefully to understand how we treat your personal data.
What information do we collect?
Information you provide
We collect information directly from you in a number of ways. You have a choice about the data we collect. When you are asked to provide data, you may decline. However, some information will need to be provided in order to have a Healthlocker account. This will include your email and password.
Data may be collected when you enter information as part of your Healthlocker Personal Record. When this data is collected, we will notify you as to why we are asking you for this information, and how this information will be used. It is completely up to you whether or not you provide it, and if you do not feel comfortable providing this information, you are under no obligation to do so. Healthlocker uses a temporary session cookie to reference the active server session. The cookie is in-memory only and is not active after the browser session is closed.
Networks and Devices
When you access Healthlocker, we use technology to collect information indirectly, such as your internet address (IP Address), which is then kept in our internet logs. This is collected for aggregate information purposes and represents statistical data about our users’ browsing actions and patterns. This data does not identify any individual in any way and is anonymised.
How do we use this information?
Communication with you
We use your information to send you communications about our service or to let you know about any changes to our terms of service or privacy statement. We also use your information to respond to you if you contact us.
We use the information you have provided to verify your account and to promote safety and security by investigating suspicious activity or violations to our terms of service.
Improvement and development
From time to time we may conduct surveys to better understand how to improve features.
How is your information shared?
South London and Maudsley NHS Foundation Trust will not share your data with other organisations without your consent, unless the law permits us to do so. We share data only with our authorised Data Processors, who must act at all times on our instructions as the Data Controller under the Data Protection Act 1998. Before you submit any information, it will be made clear to you why we are asking for specific information, and it is up to you whether you provide it. The trust do not and will never sell any data.
Is your information safe?
The files transmitted between Healthlocker, powered by the trust and the Electronic Patient Journey System (ePJS, the trust’s electronic record system) is a secure data flow which sits within the Azure data centre. Any data transferred is treated with due care in accordance with Confidentiality: NHS Code of Practice by the Department of Health.
How do we respond to legal requests?
We may have to share your information if there is a legal basis in which to do so (like a court order).
How will we notify you of changes to this policy?
We will notify you when we make any changes to this policy and invite you to review and consent before continuing to use the service.
How to contact us with questions or concerns
If you have any additional questions regarding this policy, please feel free to contact us at:Healthlocker@slam.nhs.uk
South London and Maudsley NHS Foundation Trust