This Privacy Notice conforms to the guidelines issued by the Information Commissioner's Office ('ICO').
Name of Organisation:
Healthcare Knowledge Ltd, also trading as SpecialistInfo.
DPO Contact Details, where applicable:
We do not employ a DPO (Data Protection Officer) as an individual, as we do not meet the following conditions that make it compulsory, i.e. we:
Whether the data will be used for direct marketing:
We use the names and email addresses of business registrants to inform them of our products from time to time. On registration, all registrants agree that we may send them information that we believe they may find useful. We inform Doctors who have indicated to us that they undertake medico-legal work of the medico-legal training courses that we hold. Third party users (who will be healthcare related organisations) may undertake direct marketing but are responsible for their own compliance.
Categories of personal data:
For registrants, we hold name, organisation (where applicable), occupation (self-selected from Registrar / Specialty Doctor / SAS, Doctor - Foundation Year 1/2, Medical Secretary to Hospital Consultant, GP Practice Manager, GP / Secretary / GP Nurse, Clinical Commissioning Group, Other NHS Staff, Healthcare Organisation (non-NHS), Charity or Support Group, Potential Patient / Relative / Friend, Government, Universities and Academic, Public Library, Media / Publishing, Pharmaceutical Company, Medical Device Company, Marketing / Communications / PR, Recruitment and Locum Agencies, Biotechnology, Clinical Research, Site Management, Financial / IFA, Insurance / Healthcare Insurance Company, Solicitor / Barrister / Law Firm, Medico-Legal Agency), email address and a password for logging in to SpecialistInfo. For doctors in the directory, we hold name, qualification details, specialty (where applicable), special interests (as provided to us) and professional contact details. For customers, the minimum of data necessary for accounting and service purposes. No sensitive personal data is retained.
Purposes of the processing:
For registrants, to enable them to access doctors' professional contact details and areas of expertise in a Directory. For doctors, to provide to interested parties their contact details and areas of expertise including, where applicable, their medico-legal practice details and clinical trials and research experience in the form of a Diectory.
Categories of recipients of the data (who will get to see it):
Doctors' data in the Directory is provided to registrants and healthcare customers. Registrants and customer accounting data is only used internally.
What legal ground the organisation is relying on:
Legitimate Interests Assessment.
Third parties the data will be shared with (this might be specifically named third parties or sectors - the ICO will publish formal guidance):
Potential patients, and healthcare and insurance/legal professionals only.
Countries outside the EU where personal data might be stored or processed:
Potentially worldwide. Our servers are located in the UK.
How long the personal data will be kept:
Indefinitely. Where applicable, out of date data is retained but marked as deleted in accordance with recommended good practice. No sensitive personal data is retained.
Inform people of their rights and how they would exercise them:
Registrants will be informed of their right to be erased on registration. Registrant objection will be treated as a request for erasure and the registrant concerned will be deleted (not retained with a deletion marker). Doctors in the Directory are regularly asked to update the details held. Objections and requests for erasure are dealt with on an individual basis taking account of the circumstances in any specific case.
A reminder that people can withdraw consent:
Registrants can request erasure and this is actioned promptly. Doctors data is processed on a Legitimate Interests basis and not on consent. The data in the Directory is provided by doctors themselves or is publicly available elsewhere.
Inform people that they can complain to the ICO:
Information about automated decision-making, including profiling:
We do not undertake automated decision-making or profiling.