Article sections

    Privacy Statement

    The Rotunda Hospital is a registered Data Controller with the Office of the Data Protection Commissioner, Ireland.  All personal data processed by our Hospital is processed in accordance with the obligations under current Data Protection law.  The Rotunda Hospital collects, stores and uses large amounts of personal data every day, such as medical or health data, which may be paper-based or held electronically.  We take our duty to protect your personal information and confidentiality very seriously and are committed to taking all measures to ensure it is held securely and only accessed by those with a need to do so.

    Information we collect and how we use it

    The doctors, midwives/nurses and the team of healthcare professionals caring for you keep records about your health and any treatment and care you receive.  These records help to ensure that you receive the best possible care and they may be written on paper and/or held on a computer.

    Medical information in relation to your pregnancy/pregnancies and that of your baby/babies will be kept on the Maternity & Newborn Clinical Management System (MN-CMS or electronic chart) on the HSE’s own secure network.

    Collected information may include:

    • Your name, address, date of birth, next of kin, phone number, GP details etc.
    • Contacts we have with, for example, appointments or clinic visits.
    • Notes and reports about your health, treatment and care.
    • Results of x-rays, scans, laboratory investigations and other relevant tests.

    It is essential that we have accurate and up to date information about you so that we can give you the best possible care.  Please check that your personal details are correct whenever you visit us and inform us of any changes.  This minimises the risk of you not receiving important correspondence.

    Information will only be kept on the Maternity & Newborn Clinical Management System for as long as legally required.  The legal retention periods for your information are recorded in the HSE’s Record Retention Policy and a copy of this is published on the HSE website.

    In general terms, your records are used to direct, manage and deliver your care so that:

    • Doctors, midwives/nurses and health and social care professionals involved in your care have accurate and up to date information to assess your health and decide on the most appropriate care for you.
    • Healthcare professionals have the information they need to assess and improve the quality and type of care you receive.
    • Appropriate information is available if you see another doctor, or are referred to a specialist.
    • Your concerns can be properly investigated if a complaint is raised.

    Some of the ways we collect information from/about you include:

    • Referral letter received by us
    • Telephone call from a GP or other party
    • Registration form completed and sent out to our appointment team
    • Attendance at a clinic or the Assessment & Emergency Unit
    • Admission to the hospital
    • Insurance form completed

    We share information about you with others directly involved in your care and we also share more limited information for indirect care purposes; both of these are described below.

    Direct care purposes:

    Unless you object, we will normally share information about you with other healthcare professionals directly involved in your care, so that you may receive the best quality care.  This includes, but is not limited to your GP and public health nurse.

    Indirect care purposes:

    We also use information we hold about you to:

    • Review the care we provide to ensure it is of the highest standard and quality
    • Ensure our services can meet patients’ needs in the future
    • Investigate patients’ queries, complaints and legal claims
    • Ensure the Hospital receives payment for the care you receive, where appropriate
    • Prepare statistics on the Hospital’s performance
    • Audit services
    • Undertake heath research. Anonymised data is used as a basis for research purposes.

    Please note research project are approved by the Rotunda Research Ethics Committee. Anonymised data is also shared with the National Treatment Purchase Fund (NTPF).  For non-anonymised research we can only use your personal data with your consent – you may choose whether or not to be involved.

    There may be other circumstances when we must share information with other agencies.  In these rare circumstances we are not required to seek your consent.

    Examples of this are:

    • General Register Office – for the purpose of birth registration
    • If there is a concern that you are putting:
      • yourself at risk of serious harm
      • another person at risk of serious harm
      • a child at risk of harm
    • If we have been instructed to do so by a court
    • If the information is essential for the investigation of a serious crime
    • If your information falls within a category that needs to be notified for public health or other legal reasons, e.g. certain infectious diseases

    SMS text messaging

    We use your telephone number(s) to remind you of your appointment details via text. Most of our patients appreciate these reminders and we know that it has had a large impact on reducing the number of missed appointments.  If you do not wish to receive these reminders you can ‘opt out’ by contacting the Hospital where you can request your telephone number(s) to be removed from the service.

    Surveillance cameras (CCTV)

    We employ surveillance cameras on and around the Hospital site in order to:

    • protect staff, patients, visitors and Hospital property
    • help provide a safer environment for our staff
    • monitor operational and safety related incidents

    We will only retain surveillance data for a reasonable period or as long as is required by law. In certain circumstances (serious or criminal incidents) we may need to disclose CCTV data for legal reasons.

    Security of information

    We understand how important security and confidentiality of your personal data is to you. Safeguarding personal data is a priority that the Hospital maintains as a principle.  As effective as modern security practices are, no physical or electronic security system is entirely secure.  We cannot guarantee the complete security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted. We will continue to revise policies and implement additional security features as new technologies become available.

    Your rights and data accuracy

    You have the right to request access to, rectification/correction of or erasure of your personal data.  You also have the right to restrict or object to the processing or transfer of your personal data.  If you wish to exercise your right to refuse/withdraw consent to information sharing, we will fully explain the possible consequences of this to you, which could include delays in you receiving appropriate care.  In each case, these rights are subject to restrictions.

    If you think any information we hold about you is inaccurate, please let us know by contacting the Quality and Patient Safety Department by phoning 01 – 817 1751 or email foi@rotunda.ie.

    At corporate level, we have appointed a Data Protection Officer (DPO) who is accountable for the management of our information systems and the data they hold. The DPO also makes sure that any associated risks or incidents are documented and investigated appropriately. The Data Protection Officer’s contact details are as follows: email dpo@rotunda.ie, telephone: 01 – 817 6811.

    If you have any concerns or queries about your privacy or you wish to make a complaint regarding impingement on your privacy, please contact Data Protection Officer.  We will endeavour to respond to your complaint within a reasonable time. However, if you are not satisfied with our response, you can make a complaint to the Office of the Data Protection Officer (www.dataprotection.ie).

    How you can access your records

    You have a right to access the information we hold about you. Requests can be made in writing to the Quality and Patient Safety Department, The Rotunda Hospital, Parnell Square, Dublin 1 or by email foi@rotunda.ie.  Further information and criteria can be obtained here.

    You also have the right under the Freedom of Information Act 2014 to access information held by public bodies. You have the right to request access to any information held by the Hospital, subject to exemptions set out in the Act.  An application form can be downloaded here  or you can send your request by email to foi@rotunda.ie.

    Changes to our Privacy Statement

    We keep our privacy statement under regular review and as a result it may be amended from time to time without notice.  We encourage you to review this privacy statement regularly.  Please review this statement each time you use our website or our services.

    This notice was last updated the 23rd May 2018.

     

    in Freedom of Information Tags: GDPRPrivacyPrivacy Statement

    Related Articles