Introduction To Our Service
Mourne Scan Clinic is a private provider of Ultrasound scans . We provide diagnostic ultrasound scans, obstetric and mucosa-skeletal ultrasounds on request. Our main clinic is situated in Warrenpoint and we also have clinics in Loughbrickland, Dundalk and Ashbourne. Ultrasound scans are provided by fully qualified Diagnostic Radiographers who have varied experience working within the NHS, HSE and private clinics.

The Mourne Scan Clinic recognises the importance of protecting personal and confidential information in all that we do and we take care to meet our legal duties. Key legislation includes:

• The General Data Protection Regulation 2018 (GDPR)
• The Access to Health Records (Northern Ireland) order 1993 (AHR)
• The Freedom of Information Act (2000) FOI
• The Human Rights Act 1998 (HRA)
• The Uk Data Protection Act (DPA) 1998.

As regards use of your personal data, the most recent law is set out in the General Data Protection Act (GDPR)

What is GDPR?
GDPR stands for the General Data Protection Regulation and is the new European Union regulation set to replace the Data Protection Directive (DPD) and the UK Data Protection Act 1998. It involves the protection of personal data and the rights of individuals.

When is GDPR Implemented?
Friday 25th May 2018

Under the Data Protection Act 1998 and the General Data Protection Regulation GDPR (2018) you have the right to identify who holds personal information about you. This person or organisation is called the Data Controller. For this purpose Mourne Scan Clinic is the controller and is responsible for your personal data, in this policy the Mourne Scan Clinic will be referred to as ‘we’, ‘us’ or ‘our’.

Why do we collect information from you?
Under Article 5 (e) of GDPR it states that personal data shall be kept for no longer than is necessary for the purposes for which it is being processed.
In The Mourne Scan Clinic we always aim to provide a high quality of service and provide you with the highest quality of care. In order to this, we must keep records about you and keep them updated regularly.

What type of information do we collect?
When you attend our clinic for the first time we will ask you to complete a patient detail form, this will include identity, contact and personal data set out below:

• Name
• Address
• Date of Birth
• Phone number
• General Practitioner details(g.p)
• E.mail address

During your consultation, medical history deemed to be relevant to your scan will be discussed. We will keep a record of dates that you have attended our clinic as well as reports formulated and images taken.
• We do not collate any Special Categories of Personal Data about you ( e.g. details about race, ethnicity, or political beliefs)

Security of Information.
We have appropriate security measures in place to prevent your personal data being accidentally
lost, used or accessed or altered in an unauthorised way.
Our staff are bound by the common law duty of confidentiality and all patient details are stored securely and maintained accordingly. We are not permitted to discuss any of our patient’s medical history (including complaints on a behalf of a patient) without prior written consent. We endeavour to keep updated about any relevant information governance training which will positively impact the clinic.
When using our website no information is collated as regards IP addresses or operating systems and we have a SSL certificate in place to ensure all data remains private between web servers and browsers.

Keeping records up to date
It is good practice to keep our patients informed about what information we record about you and give you a copy of your report if required.
It is also vitally important that patients keep us updated on any changes to their personal data so as to reduce the risk of data becoming inaccurate, out of date or irrelevant.

How are your records utilised?
Mourne Scan Clinic uses your details when:
• reporting back to health care professionals that have referred you
• liaising with health care professionals that may care for you in the future
• When we need to comply with our regulatory or legal obligations.
These details will never be passed on to any other third party without prior knowledge and your consent. We require all those third parties to respect the security of your personal data and to treat in accordance to the terms set out within GDPR (2018)
We have appropriate security measures in place and there will only ever be a limited number of staff with access to your records. These records will maintained for as long as necessary. In recital 39 of GDPR it states that the period for which the personal data is stored should be limited. In the Mourne Scan Clinic.this will be in line with The Department of Health (DOH) , Good Management Good records (GMGR)- retention and disposal schedule.

Online Booking
From 14th March 2019, we have introduced an online booking facility on our website. This booking facility is through ‘Cliniko’. At present, this application stores patient details as follows:
• Name
• Address
• Date of birth
• G.P
• Contact telephone
• E.mail address
• Next appointment date (if applicable)
We store these details for our information only and this is not shared with any other organisations unless already notified by a patient.
*Any changes to stored information will be updated accordingly*

Cliniko are committed to protecting the privacy of all individuals that provide personal information.
Cliniko is monitored 24hrs a day, 7 days a week , 365 days a year and is hosted in high security data centre facilities .
Cliniko runs completely under HTTPS and all data is encrypted during transfer using a 2048 -bit SSL certificate.

Cookies
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.

We may use both “session” cookies and “persistent” cookies on the website. Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.

We will use the session cookies to: keep track of you whilst you navigate the website; keep track of items in your shopping basket; prevent fraud and increase website security; and other uses. We will use the persistent cookies to: enable our website to recognise you when you visit; keep track of your preferences in relation to your use of our website; and other uses.

We use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. Google’s privacy policy is available at: http://www.google.com/privacypolicy.html.

Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer (version 9) you can refuse all cookies by clicking “Tools”, “Internet options”, “Privacy”, and selecting “Block All Cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites, including this one.

Your rights
You as a patient have rights under the General Data Protection Act (GDPR) and the Data Protection Act( DP).
You have the right to produce a Data Subject Access Request this will allow for a copy of all records about you, however:
• Your request must be made in writing to the organisation holding your information
• You will need to give adequate information e.g name , address D.O.B and provide valid identification.
• We are required to respond within 1 month.

You also have the right to request deletion of personal data if you believe that it no longer being used for the original purpose it was provided.

If you are dissatisfied with how the Mourne Scan Clinic is, or has been processing your personal information, please contact us in writing to:
Lisa Hughes
Data protection Officer
Mourne Scan Clinic
Newry St
Warrenpoint
BT34 3JZ

Or alternatively e.mail: lisa@mournescanclinic.com

If you have any further concerns or queries on how your personal data is being processed, you can contact the Information Commissioners Office (ICO):

3rd floor
14, Cromac Place
Belfast
Bt7 2JB
Email: ni@ico.org.uk
Tel: 0303 123 1113

Changes to the privacy notice.
This privacy notice will be kept under review at regular intervals in line with relevant legislation and will be update accordingly.