Cherish-UK Ultrasound Scans Limited
Privacy & Data Protection Policy
Data Protection and Privacy Policy
Introduction
This healthcare privacy policy ensures patient data is kept safe, secure, and confidential in compliance with UK GDPR and data protection laws (Data Protection Act 2018). Personal information is used solely for providing care, managing medical records, and is only shared with authorised healthcare staff or relevant parties (e.g., hospitals and pharmacists).
Patients have the right to view their records, correct mistakes, and object to data sharing. This document provides guidance regarding how patient data is processed.
Policy Statement
The organisation aims to design and implement policies and procedures that meet the needs of our service and workforce, in accordance with the Equality Act 2010.
Key Points
- Information Collected: Name, contact details, medical history and treatment notes.
- How We Use Information: To provide treatment, process appointments, and for legal or safety reasons if necessary.
- Data Sharing: Information is only shared with authorised healthcare providers such as patient clinics, GPs, and hospital staff.
- Security: Records are kept secure using encrypted systems, passwords, and locked storage.
- Your Rights: You may request access to your records, correct inaccurate information, or opt out of data sharing for research purposes.
- Complaints: If you are unhappy, you can contact the Director or the Information Commissioner’s Office (ICO).
Compliance
UK GDPR
This organisation ensures that any personal data is processed in accordance with Article 5 of the UK GDPR. If requested, information about how this is done will be provided to patients in a format compliant with Article 12 of the UK GDPR.
Communicating Privacy Information
Cherish-UK displays a privacy notice on its website.
Further information is available from the Information Commissioner’s Office (ICO): https://ico.org.uk/
What Data Will Be Collected?
- Patient details (name, date of birth, address, email address and mobile number)
- Medical notes (paper and electronic)
- Details of treatment and care
- Results of tests (ultrasound scans, blood tests, semen analysis)
- Any other relevant clinical information
- Data used for planning and research
Cherish-UK may also share data for research and other purposes when required by law.
Privacy Notice
| Question | Answer |
|---|---|
| What is a privacy notice? | A privacy notice explains how Cherish-UK uses the information it holds about you, such as your name, address, date of birth and clinical records written by healthcare professionals. |
| Why do we need one? | By law, this practice must provide a privacy notice as part of the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). |
| What is the UK GDPR? | The UK GDPR is a law requiring that personal information about you remains secure. All staff must follow these rules to keep your information safe. |
| How can I learn more? | Cherish-UK provides information on our website explaining how your data is used. You may also ask a member of staff if you have questions about your information. |
Information Included in the Privacy Notice
- What information we hold about you
- How we keep this information safe and secure
- How we use your information
- Who we share your information with
- Your rights regarding your data
- When the law allows us to use your information
What Information Do We Collect About You?
Personal information is anything that identifies you as an individual. This may include:
- Your name
- Your address
- Mobile or home telephone numbers
- Appointment records
- Treatments you have received
- Results of medical tests
How Do We Use Your Information?
Your information is used to help us provide healthcare services. We may share information with other medical teams in the UK or abroad with your permission when necessary for your treatment.
In some circumstances we may be legally required to share information with organisations such as the police, courts, social services or solicitors. We always ensure there is a lawful basis before doing so.
Because health information is highly sensitive, the law requires us to have a valid legal reason (“lawful basis”) before processing it and to ensure it falls within a protected category of data.
If you would like more information, please ask to speak with our Director, who also acts as our Data Protection Officer (DPO).
How Do We Keep Your Information Safe?
We follow the rules set out in the Data Protection Act and UK GDPR to keep your information secure. We use secure computer systems and ensure written records are stored safely. Staff are trained to handle patient information responsibly and confidentially.
Who Else Will See My Information?
Usually only staff at Cherish-UK will access your records. If hospital treatment is required, we may share relevant information with hospital staff to support your care.
In certain circumstances, organisations such as the police, courts or social services may have a legal right to access information.
Opting Out of Data Sharing
You have the right to ask us not to share your information. If you wish to discuss this, please speak to a member of staff at Cherish-UK.
How to Access My Records
You have the right to access the information we hold about you. To request this, please email the Directors at:
Email: admin@cherish-uk.com
Correcting Errors
If you believe there is an error in your record, you may request that it be corrected.
Removing Information
Legally we cannot remove information from your records because they form part of a legal document.
Questions About Your Data
If you have any questions you can:
- Speak to a member of staff
- Request to speak to one of the Directors (Data Controller)
- Write to: Cherish-UK, 24 High Street, Sutton Coldfield B72 1UX
- Email: admin@cherish-uk.com
Making a Complaint
If you are unhappy with how your information is handled, please contact the Directors first. If your concerns are not resolved, you have the right to complain to the Information Commissioner’s Office (ICO).
ICO Contact Details:
- Website: https://ico.org.uk
- Telephone: 0303 123 1113 (Monday to Friday, 9am–5pm)
The ICO regulates data protection and provides independent advice regarding personal data and your rights.
This privacy notice will be regularly reviewed.
D. Ham – 03/2026