Canary Wharf:0207 132 1440
Orpington:01689 490 111
Call us on
We would love to keep you up to date with all of our news, just give us your email address below.
At LycaHealth Limited (“LycaHealth”), we look after your Personal Data carefully.
We adhere strictly to the requirements of the UK Data Protection Act 1998 (the “Act”) and other data privacy and data retention regulations.
For the purpose of the Act, the data controller is LycaHealth Limited (Company Number 08519935)
Information we may collect from you
Your Doctor, nurse and the team of health & care professionals caring for you keep records about your treatment and care both on paper and electronically.
Uses made of the personal data
Ip addresses and cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about a user’s browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our website and to deliver a better and more personalised service. Cookies enable us:
Where we store your personal data
When it reaches us, we then store it on a secure server so that it can only be read by authorised personnel. Although we make every effort to create a secure environment for your Personal Data, LycaHealth cannot guarantee the safety of any personal information that you transmit to LycaHealth by non-secure email.
How we protect your information
Your personal information is safeguarded by the Data Protection Act 1998 (and from 25 May also by the General Data Protection Regulations (GDPR)) and our internal policies.
The sensitivity of patient information is well understood within LycaHealth (all staff are given training on their duty of confidentiality to you). We keep paper and electronic records securely to prevent unauthorised access in line with current legislation.
Managing the Data
We need to be able to move electronic information between the separate systems that provide information to support your care and the care processes. Data is also extracted and processed to support the operation of the services and monitoring the delivery and management of the services.
When information may be shared and who with
We will only ever share your information if it is in the best interests for your care. We will not disclose any information that identifies you to anyone outside your direct care team without your express permission, unless there are exceptional circumstances such as when there is serious risk of harm to yourself or others or where the law requires it.
Who we may share your information with:
Where the information to be shared is relevant and appropriate to your ongoing direct care with the following:
None of your identifiable information will be shared with non-care organisations except with your explicit consent and this will then be subject to strict agreement about how it will be used.
There may be circumstances where the reasons for disclosure are so important that they override the obligation of confidentiality (e.g. to prevent someone from being seriously harmed). Disclosure may also be required by Court Order or under an Act of Parliament, i.e. there is a statutory or other legal basis for the disclosure. The advice of specialist staff e.g. Caldicott Guardians are also sought prior to making disclosures in the public interest, or where a Court Order or statutory basis is provided as justification.
Disclosures may be permitted under section 251 of the NHS Act 2006. This allows the Secretary of State for Health to set aside the common law duty of confidentiality in special circumstances. However even in such special circumstances, rigorous assessment will be undertaken to determine whether there is sufficient justification to allow access to the requested confidential patient information and no such disclosure will be made unless it is deemed entirely justifiable.
Accessing your information
You have the right of access to your own records as defined in the Data Protection Act 1998 which, with some exceptions, entitles individuals to a copy of information held about them.
If you would like a copy of the information which we hold about you, please contact our Operational Manager.
It will help us if you can state which Clinic(s) you attended and the approximate dates and type of treatment for which you want to see the record. You must apply in writing, giving your name, address, date of birth and, if you have it, your ID number. Say that you are applying for access to your health records. Please allow up to 40 days for us to process your application.
For providing copies of your medical (paper) records, or x-ray films you may be charged a fee, depending on the work involved.
Keeping information up to date
If you consider that any part of the information held in your record is inaccurate, you can apply to have this corrected. If we agree that the information is incorrect, the alteration will be made. If we are not satisfied that the information is incorrect, a note will be made of the information you consider is inaccurate.
You will be given a copy of either the correction or the note.
You can have a say in how LycaHealth uses information about you. If you do not wish personal data to be used or shared in the way that is described, please discuss the matter with us. You have the right to request that your confidential information is not used beyond your own care and treatment and to have your objections considered, and, where your wishes cannot be followed, to be told the reasons, including the legal basis. Where permitted by the applicable laws and regulations, LycaHealth will delete Personal Data upon your written request.
Links from our website to other websites
Please be aware that our website provides access to other websites by linking to them. We are only responsible for the privacy, content or security of the LycaHealth website.
Mobile Phone Numbers
We record mobile telephone numbers to enable us to contact you if an appointment has to be rearranged. Some services also provide a text reminder service so that you can be reminded of your appointment. If you prefer not to be contacted in this way, please tell us so we can remove your number from the system.
Making a complaint
Making a complaint about the provisioning of Personal Information by LycaHealth:
If you wish to make a complaint about the service you received when requesting access to your personal information, you can make a complaint to LycaHealth and the Information Commissioner.
LycaHealth is obligated to investigate any legitimate complaints it receives.
If you are not satisfied with LycaHealth’s response to the complaint, or do not want to approach LycaHealth with a complaint directly, you are able to request an assessment of LycaHealth with the Information Commissioner. The Commissioner investigates complaints at their own discretion, and usually expects the complainant to exhaust LycaHealth’s own complaints procedure first.
If you remain dissatisfied at the conclusion of any review, you may complain to the Information Commissioner’s Office, whose address is:
Information Commissioner’s Office
Wycliffe House Water Lane
Cheshire SK9 5AF
Tel: 0303 123 1113
Fax: 01625 524 510
Disability and alternative formats
If you need an interpreter, information for blind or deaf patients or those with learning difficulties or if you need any assistance with this, please contact us.
If you have any comments or queries concerning our website, please contact us. For queries regarding LycaHealth’s products or services, please call our Enquiries Department on 7132 1440.
You may also e-mail the Enquiries Department at firstname.lastname@example.org
If you have any questions or concerns about our use of your Personal Data you should write to the Operational Manager at Lycahealth at the address below:
1 Westferry Circus
Information Commissioner’s Office
Data Protection Act
General Data Protection Regulation (GDPR)
National Health Service Act 2006