top of page
PRIVACY POLICY

Data Protection
 

This Privacy Policy below describes the way in which cb-dermatology.com deals with patient-related information and data.  We will process any personal information provided to us or otherwise held by us relating to you in the manner set out in this Privacy Policy. Information may be provided in person, by telephone or by any other means.

 

Who we are
 

cb-dermatology.com is representing Nanidis Medical services LTD incorporated in England and Wales (company number 13489706) The Registered address is the accountant’s office: C/O Andrew Steale PO BOX 7800, Mayfair, London, England, W1A 4GA.Nanidis Medical Services Ltd is the company through which Catherine Borysiewicz private practice is run. Catherine Borysiewicz is a registered data controller (registered with the Information Commissioners Office).  Data is stored and used within the terms of the registration for a Healthcare provider.

 

Contacting us

 

If you have any concerns, or would like more detail about how we process your Personal Data, you can contact us using hello@cb-dermatology.com

  

Protecting Your Personal Data

 

Your Personal Data isn’t just protected by the quality, commitment and high standards of cb-dermatology.com, it’s also protected by law. The law states that cb-dermatology.com can only process your Personal Data when there is a genuine reason to do so and it must be one of the following;

 

• To fulfil any contract that we have with you

• Where we have a legal obligation

• Where you have consented to the processing

• When it is in our legitimate interest

• When it is in the public interest

• When it is in your vital interests

 

Data Transfer Outside the EEA

 

cb-dermatology.com will not transfer your Personal Data outside of the EEA.

 

Your rights over your Personal Data

 

cb-dermatology.com will assist you if you choose to exercise any of your rights over your Personal Data, including:

 

• Access to your Personal Data that we hold or process

• Correction of any Personal Data that is incorrect or out of date

• Erasure of Personal Data that we process

• Restrict processing of your Personal Data in certain circumstances

• Lodging a complaint with any relevant Data Protection Authority

• Asking us to provide you or another company you nominate with certain aspects of your Personal Data, often referred to as ‘the right to portability’

• The ability to object to any processing data where we are doing it for our legitimate interests

 

For more information on these rights you can contact hello@cb-dermatology.com

 

Changes to our Privacy Statement

 

cb-dermatology.com may update this policy.  The most up to date version will be published on this website.

 


 

NANIDIS MEDICAL SERVICES LTD PRIVACY POLICY

 

What data held

Clinic letters, correspondence  with patients and correspondence with other clinicians regarding specific patients

Contact details for patients and next of kin where provided.
 

Billing information

Clinical notes are primarily kept by the hospital where patients are seen or treated.  Copies of relevant clinical notes are however made when patient’s care is transferred between hospitals. Referral letters +/- scans went sent to us by GPs or opticians rather than to the hospital direct.
 

Where is data stored

As of 2020 all data apart from email correspondence is stored on a secure electronic database that is GPDR compliant (Carebit).  Data is kept within the EU and encrypted.  Only our employees have access to this data using dual encryption. Non-secure emails are stored on the providers server; non-secure emails will only be used for patient information with their permission. Data from prior to 2020 is stored on a separate encrypted and secured server within the EU.
 

How long is data stored for

Clinical records are ordinarily kept for at least 7 years after the last clinical episode.
 

What is the data used for

Data is used for clinical and billing purposes only.  We do not send marketing material direct to individuals.
 

Who is data shared with

Billing information is shared with a specialised UK-based billing company who are also GDPR compliant.  The minimum required information is passed to them (ie. Contact details, insurance details where applicable, and what procedures performed if any, but no additional clinical information). Clinical data held by the company is accessible by company employees and contractors only. Insurers intermittently ask for clinical information for selected patients who care they are paying for.  This is shared with the company if it has been established that the patient’s permission has been sought (usually by the insurer)
 

Emails

Emails of personal data between Catherine Borysiewicz and patients, or to hospitals, or the billing company are performed using secure email services. For convenience, we are happy to email  patients by non-secure means where express permission for this has beengranted.

END

bottom of page