We use cookies to help provide you with the best possible online experience.
By using this site, you agree that we may store and access cookies on your device. Cookie policy.
Cookie settings.
Functional Cookies
Functional Cookies are enabled by default at all times so that we can save your preferences for cookie settings and ensure site works and delivers best experience.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Privacy Notice - Patient Call In System
As part of our commitment to improving patient care and population health management, this GP practice uses Engage Patient Call In, a secure patient call in system.
| 1) Controller contact details |
Lee Road Surgery 20 Lee Road London SE3 9RT |
| 2) Data Protection Officer contact details |
John Eni-Uwubame South East London Integrated Care System |
| 3) Purpose of the processing |
The Engage Patient call In System allows practice staff to call patients who have atteneded for a face to face appointment to the clinicians rooms. This is to facilitate easier notification to patients and streamline the arrival/call process. First name/last name” to “clinician name” in “room name”. This is displayed for 10 seconds on the screen. The screen plays a notification sound when calling but will also announce the call message. What data is shared? The clinical system will fetch: Any patient data not used will be discarded in memory, not persistent, not saved in logs. Pseudonymised data may be shared securely with other NHS organisations only for direct care, planning, quality improvement, and assurance purposes, and never for marketing or commercial use. Only anonymised data stored, such as logs. Data processed via Engage AWS servers. Who can access the data? The data is behind the clinical system API. Any data exposed by this API would be data that is already accessible to the member of staff, via RBAC. |
| 4) Lawful basis for processing |
We process this data under UK General Data Protection Regulation (GDPR) Article 6(1)(e), the performance of task carried out in public interest. For health data, the condition is Article 9(2)(h), the provision of health and social care. |
| 5) Rights to object |
Under the UK GDPR, you have the right to object to your data being processed in this way. If you wish to object, please contact the Practice Manager. We will carefully consider your request and assess whether we can reasonably stop processing your data without affecting our ability to deliver safe, effective care or meet our legal obligations. |
| 6) Right to access and correct |
The Data Subjects or their legal representatives have the right to access the data that is being processed or shared and have any inaccuracies corrected. There is no right to have accurate medical records deleted except when ordered by a court of Law. |
| 7) Retention period |
The data will be retained for active use during and thereafter retained in an inactive stored form according to the law and national guidance |
| 8) Right to Complain. |
You have the right to complain to the Information Commissioner’s Office, you can use this link https://ico.org.uk/make-a-complaint/data-protection-complaints/ or calling their helpline Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate) |