The Neurology Advanced Practice

Specialist neurological expertise delivered within your home

Privacy Policy

Effective Date: 25th April 2025

The Neurology Advanced Practice (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

The Neurology Advanced Practice provides community healthcare services to individuals in Hertfordshire and are registered with the Information Commissioner’s Office (ICO). Please contact us via email on: neurologyadvancedpractice@outlook.com to gain our unique reference number.

2. What Information We Collect

We collect and process personal data relevant to your care and interaction with our services, including:

  • Personal Details: Name, date of birth, Address, NHS number, contact details, occupation, financial information for invoice purposes
  • Health Information: Medical records, medical history, medication schedule, referrals, test results, prescriptions
  • Emergency/NOK Contact Information, other healthcare provider contacts information
  • Appointment and care history including any complaints received
  • Website/Portal Usage Data (e.g. cookies, IP address, device type – if you use our digital tools)

3. Legal Basis for Processing

We process your data under the following lawful bases:

  • Provision of Health or Social Care (Article 9(2)(h), UK GDPR)
  • Legal obligation
  • Vital interests (e.g. emergency care)
  • Consent

4. How We Use Your Information

We use your information to:

  • Deliver healthcare services
  • Maintain accurate and complete medical records
  • Refer you to other medical/social care providers or charities when necessary
  • Manage appointments and patient communications
  • Submit referrals or communicate with the NHS, social care, private healthcare providers and private insurers
  • Monitor service quality and patient safety
  • Comply with legal and regulatory obligations

5. Sharing Your Information

We may share your information with:

  • Other healthcare professionals involved in your care (e.g. GPs, hospitals, pharmacists)
  • NHS EnglandICBs (Integrated Care Boards), Social Care or similar authorities
  • Third-party providers who support our services (e.g. IT systems, lab services) under strict data protection agreements
  • Regulatory bodies, when required by law
  • Next of kin or emergency contacts, only when appropriate

We will never sell your data or use it for unrelated purposes without your explicit consent.

We may request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

6. Data Security and Retention

We protect your data using:

  • Secure storage on IT systems with password protection. Paper notes are uploaded onto the secure IT system and physical copies are stored in a locked cupboard or destroyed.
  • Access controls and staff training
  • Security audits and updates

We retain health records in accordance with NHS retention guidelines (typically 8 years for adults from the date of last contact). We only retain personal data for as long as is necessary to fulfil the purposes for which it was collected.

We have commercially reasonable and appropriate security measures in place to prevent your personal information from being lost, used or accessed in an unauthorised manner. In addition, we limit access to your personal information to those who have a business to know. We have put in place procedures to deal with any suspected security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

7. Your Rights

You have the right to:

  • Access your personal data
  • Request corrections to inaccurate information
  • Object to or restrict certain types of processing
  • Withdraw consent (where applicable)
  • Request deletion (subject to legal requirements)
  • Complain to the ICO: www.ico.org.uk

8. Website and Cookies

If you use our website or patient portal, we may use cookies to:

  • Enhance usability
  • Track anonymous site usage (e.g. via Google Analytics)

You can manage cookies through your browser settings.

9. Changes to This Policy

We may occasionally update this policy. If we make significant changes, we’ll notify you via our website or direct communication.

10. Contact Us

If you have any questions or concerns about how we handle your information, contact:

The Neurology Advanced Practice
Email: neurologyadvancedpractice@outlook.com 
Phone: 07783453574