1. WHAT THIS POLICY COVERS
Ouris health – Web Application
Ouris Health – APPs
2. WHAT DATA WE COLLECT ABOUT YOU
- Personal Data - Name, Date of Birth, Address, E-mail, Telephone.
- ID Documents – A valid ID for Registration.
- If you are giving information about another person, you are confirming that you are authorised to do.
- For children’s Registrations – The parent or legal guardians’ details collected as Personal data.
- Special Data – We collect your Gender and Ethnicity data only and do not collect any other special data.
For Health and Care professionals and Organisation
We collect only the data relevant to conduct our legal contract
- Personal – Name, Organisation details, E-mail, and Telephone
- Special Data – Ethnicity and Gender: This is collected to assist with request from your patients. We do not collect your date of birth.
Using our APP and Web Application we collect and process information about your health.
- General Health -Symptoms, Treatments, Advices, Medications
- Health Parameters – Personal health monitoring entries
- Symptom entries and Health data entries, which are shared with your health care professional
- Video and online consultation details and recordings
- Messaging, Chats, Notifications, SMS Texts
The information is from yourself and from your health care professional
Your details are shared with Health care professional with your consent when you sign up with Ouris
We send all your private consultations to your registered health care professional with your consent
We hold details of your conversations with us for support, Technical calls, Chats, Messages and Visit notes
Data from other sources
If you use a third-party device or apps to connect to Ouris health, we ask your permission to receive health data from third party devices.
For Private patients, if you are making a payment to a health care professional using your debit or credit card using our platform, we do not hold any card details and they are processed by a third-party payment provider.
What Technical Data we collect
- Log in date, Time, location, IP
- Browser information of log in
- APP downloaded device, Model and Version
- Your visits to our site and your browsing information in our site (Help, Information and Products)
- We may use your browsing information in our web site to share with analytical partner to improve our user experience and to check our performance
We do not use any health information about you.
3. WHAT WE USE YOUR DATA FOR
This is how we use your data and legal reasons for it
Providing you with a service
We need your personal details for your registration with our product, to enter a contract to deliver services.
The health data and health information provided by you and your health care Provider is shared between both with consent. We allow your health care professional to share clinical information, treatments, Medication details, health parameter details and provide health advice on your condition using online and Video Consultation tools with you and with other health and care professionals involved in your care. (GPs, Hospitals, Community Care, Therapist, Pharmacist)
The information is about
- Legitimate interest with your health (Planning, Advice and Treatment)
- Public Interest – (NHS Obligation)
- Online and Video consultations, Medical details, Prescriptions, Health Parameters and Symptom check list and its severity
- Our Private section of the APP will show services closer to you by using your location to find a chemist or a Healthcare Professional
We do not use any of your health and medical information for analytics. We use your feedbacks to improve our Health information platform.
We collect data from devices when you have an outage using our product to find out the reasons behind the outage.
Marketing and Communication Data
We send you Notifications and text messages about your Appointments and Health promotion messages to assist and to remind you about your appointments. The notifications and text Messages may come from Ouris or from your Health care Professional Organisation using Ouris Health Platform.
We may contact you with marketing messages, product updates, surveys, and information on our product. You can opt in or out by going to settings, privacy controls of your APP and in your account settings when using Web application.
Regulating the quality and safety of our service
We use your health information for Training, Safety, Regulatory and Compliance Purpose.
This means that :
- If we are legally required to, or asked by a regulator, we may need to share your information with regulatory bodies like the General Medical Council, Medicines and Healthcare Products Regulatory Agency or Care Quality Commission
- We may audit how you use our services, for example to review the quality of results provided by our products
To detect and prevent fraud, we may need to share your personal and financial information with banks, financial institutions, and fraud prevention services.
4. HOW WE STORE AND MOVE YOUR DATA
Your data are stored in our secured servers.
Your Personal data
Your Medical and Health Data (Consultations, Chats, Messages, and all about your health)
We do not hold any information locally in your devices (Mobile Devices)
We are committed to keeping your personal and Health information you provide us secure and we will take reasonable precautions to protect your personal information from loss, misuse, or alteration.
We have implemented information security policies, rules, and technical measures to protect the personal information that we have under our control from:
- unauthorised access.
- improper use or disclosure.
- unauthorised modification, and
- unlawful destruction or accidental loss.
All our employees and data processors (i.e., those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of the personal information.
You are responsible for keeping your password and/or authentication method confidential. Please do not share it with anyone.
For making payments to your private practice appointments and for Ouris, we do not store any of your credit card details and they are processed by a third-party provider. They follow strict industry data security standards. These are known as Level 1 Payment Card Industry (PCI) data security standards.
Where we store your Data
Your Data is stored locally with in UK and not processed outside UK and we operate in line with Data Protection guidelines.
Sharing your Data
We share your Personal Data with Healthcare Organisations involved in your care and with organisations (NHS) using Ouris as a solution. We may share your personal data with private organisations to assist with support and chat. These companies can only use your data on our instructions, and they have contractual terms, and they have to act in line with data protection laws.
If you use our services through our partner Organisation (Health Insurer), we may share some of your information with them. We do not share your Medical and Health Information.
We share the below information.
Name, Date of Birth, E-Mail, Telephone, Address and Policy Number
Health Care Organisation
We will share your details with Health and Care Organisations involved in your care.
- Your NHS GP
- Social Enterprise Organisations involved in your care
- Care and Nursing Homes
- Community Care
- Emergency Services (Urgent Care, Accident and Emergency)
- Other Health and Care Organisations
By law, we may need to share information with these services to safeguard either you or others or conduct a public task (in the case of our NHS services). We may need your consent, or to rely on our legitimate interests to provide you with healthcare before we can share this information.
We may use your health data to protect the public.
Your data could be vital to help research, monitor, track and manage public health emergencies, like pandemics.
In a public health emergency, your information may be shared in a way that is appropriate and lawful with organisations such as:
- NHS Digital
- NHS England and Improvement
- Public Health England
- Local authorities
- Health organisations
We will limit the use or sharing of data to the period of the emergency and will only share data to the extent necessary.
We also collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity.
Our NHS services
We share your data across NHS organisations involved in your care if you choose to use our NHS solution. The organisations include GPs, Hospitals, Pharmacies, Urgent care, Accident and Emergencies and Ambulance services.
Our solution is integrated with existing NHS solution and we share your data for identification and to share medical and health details.
If you are a resident in a nursing and care home, we share your data with your resident care organisation for identification and to share health information with your NHS care provider.
Summary Care Records
These records are patient information records received from your GP and NHS records. These are viewed only by authorised staff involved in your direct health care. If you do not wish to share you can opt own by contacting your GP or NHS Organisation or remove the link from your linked practices and to fill an opt out form at your GP practice.
We may keep or share information about you if we need to :
- Comply with a law, regulation, legal process, or government request
- State our legal rights or defend against legal claims
- Stop, find, or investigate illegal activity, fraud, abuse, breaking our terms, or threats to the security of our services or the physical safety of anyone
5. HOW LONG WE KEEP YOUR DATA
We will only retain your personal data in line with the UK Electronic Health data guidelines, for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.
How long we keep it (its 'retention period')
Health Records – NHS and Private Records- This includes medical records, consultations with GPs and Health Diary interactions
We keep your NHS and Private medical records for 10 years after your death or after you have permanently left the country.
Video and Online consultations
If we keep your video and online consultations (Messaging, chats, Notifications and SMS), they are kept in the same way as your NHS and private records
Voice (or audio) consultations
We keep your voice consultations in the same way as your NHS and private records (although that period could change if our product changes).
We keep your entries with our Health Diary in the same way as your NHS and Private records.
Communications with support teams, including phone calls, emails, and live chats
1 year after you leave Ouris Health service.
Maternity records If used as part of NHS
We keep your records for 25 years after the birth of your last child.
Records on any treatment for a mental disorder (as described in mental health legislation)
We keep your records for 20 years after the date of your last consultation. Or 10 years after your death if that is sooner.
You are in control of your personal information. Under data protection law, you have the right to:
- Remove or change your consent at any time, if we are using your data in a certain way based on it. You can do this by :
- Going to APP, Setting, Change Privacy settings
- Ask for a copy of the personal data we hold about you. Your data is stored in line with our legal and medical obligations. See : how long we keep your data).
- Ask us to correct information that is wrong, delete it, or ask that we only use it for certain purposes. There might be times when we are not able to help, like if the law or our medical obligations say we cannot.
- Ask for your data to be provided in a portable format that allows you to move, copy or transfer it. Or ask us to send it in this format to someone else.
To do any of these things, please contact us at :
Data Protection Officer,
Suite 201, Cheadle Royal Business Park,
Or mail to DPO@ourishealth.com
We will ask you for a proof of identity. Data protection laws give us one month to get back to you.
We are regulated by the Information Commissioner's Office (ICO). If you are not happy with any aspect of our data handling, you can complain to the ICO directly.
You can contact them at :
Information Commissioner's Office
Phone : 0303 123 1113
6. THIRD PARTY LINKS
This website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
If you do not agree to the changes, then you can stop using our services at any time.
Last updated December 2020