Privacy policy


At LycaHealth Limited (“LycaHealth”), we look after your Personal Data carefully.

We adhere strictly to the requirements of the UK Data Protection Act 1998 (the “Act”) and other data privacy and data retention regulations.

This Privacy Policy describes how we generate, collect, use, process and store the Personal Data that you provide to us or that is generated or collected when you use our services.

Please take a moment to read our Privacy Policy so you know what choices you have about your Personal Data.

This Privacy Policy may change occasionally so it’s a good idea to come back and read through it again, from time to time.

For the purpose of the Act, the data controller is LycaHealth Limited (Company Number 08519935)

Information we may collect from you

Your Doctor, nurse and the team of health & care professionals caring for you keep records about your treatment and care both on paper and electronically.

These include:

  • Personal details such as name, address, date of birth, ID number and next of kin.
  • Contact we have with you e.g. Outpatients/clinic appointments.
  • Notes and reports by health and care professionals about your health, GP details etc.
  • Details and records about your treatment and care.
  • Results of X-rays, MRI, CT, Ultrasound scans, ECG, laboratory and any other tests.
  • Relevant information about people that care for you and know you well.
  • If you contact our Enquiries Department, we may keep a record of that correspondence, including copies of e-mails and your e-mail address.
  • We may also monitor or record any telephone calls made to our Enquiries Department for quality assurance.
  • Information that you provide by filling in forms on our website or requesting further information, products or services.
  • Details of your visits to our website including, but not limited to the resources that you access.
  • We may also ask you to complete surveys that we use for market research purposes, although you do not have to respond to them.
  • Other data, from time to time, to help us provide you with improved products and services. For example, now and again we might ask you to fill in a questionnaire, just so you can let us know how we’re doing.

Uses made of the personal data

  • To provide you with care and treatment, both now and in the future, ensuring that appropriate information is available to all those who treat you medically and care for you professionally.
  • To ensure your care is safe and effective.
  • To support you in managing your own care and work with health and care professionals who support you with this.
  • To help staff review the care they provide e.g. clinical audit.
  • Investigate any complaints or legal claims.
  • The administration of any payments from you by our Accounts Department.
  • The prevention or detection of fraud.
  • Complying with applicable laws and regulations.
  • To help improve our services by asking you to leave a review or take a survey.

IP addresses and cookies

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about a user’s browsing actions and patterns, and does not identify any individual.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our website and to deliver a better and more personalised service. Cookies enable us:

  • To estimate our audience size and usage pattern.
  • To store information about your preferences, and so allow us to customise our website according to your individual interests.
  • To speed up your searches.
  • To recognize you when you return to our website.

You may refuse to accept Cookies by activating the setting on your browser which allows you to refuse the setting of Cookies. However, if you select this setting you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse Cookies, our system will issue Cookies when you log on to our website.

Where we store your personal data

Any information sent to us via our website is encrypted (scrambled) using SecureSocket Layer (SSL) technology. This is industry standard encryption technology that protects your Personal Data whilst being sent over the internet from being intercepted and misused by third parties.

When it reaches us, we then store it on a secure server so that it can only be read by authorised personnel. Although we make every effort to create a secure environment for your Personal Data, LycaHealth cannot guarantee the safety of any personal information that you transmit to LycaHealth by non-secure email.

How we protect your information

Your personal information is safeguarded by the Data Protection Act 1998 (and from 25 May also by the General Data Protection Regulations (GDPR)) and our internal policies.

The sensitivity of patient information is well understood within LycaHealth (all staff are given training on their duty of confidentiality to you). We keep paper and electronic records securely to prevent unauthorised access in line with current legislation.

Managing the Data

We need to be able to move electronic information between the separate systems that provide information to support your care and the care processes. Data is also extracted and processed to support the operation of the services and monitoring the delivery and management of the services.

When information may be shared and who with

We will only ever share your information if it is in the best interests for your care. We will not disclose any information that identifies you to anyone outside your direct care team without your express permission, unless there are exceptional circumstances such as when there is serious risk of harm to yourself or others or where the law requires it.

Who we may share your information with:

Where the information to be shared is relevant and appropriate to your ongoing direct care with the following:

  • Other Hospitals
  • GPs
  • Other Clinicians
  • Social care
  • Medical Service Providers, Insurance Companies and their designated partners

None of your identifiable information will be shared with non-care organisations except with your explicit consent and this will then be subject to strict agreement about how it will be used.

There may be circumstances where the reasons for disclosure are so important that they override the obligation of confidentiality (e.g. to prevent someone from being seriously harmed). Disclosure may also be required by Court Order or under an Act of Parliament, i.e. there is a statutory or other legal basis for the disclosure. The advice of specialist staff e.g. Caldicott Guardians are also sought prior to making disclosures in the public interest, or where a Court Order or statutory basis is provided as justification.

Section 251

Disclosures may be permitted under section 251 of the NHS Act 2006. This allows the Secretary of State for Health to set aside the common law duty of confidentiality in special circumstances. However even in such special circumstances, rigorous assessment will be undertaken to determine whether there is sufficient justification to allow access to the requested confidential patient information and no such disclosure will be made unless it is deemed entirely justifiable.

Accessing your information

You have the right of access to your own records as defined in the Data Protection Act 1998 which, with some exceptions, entitles individuals to a copy of information held about them.

If you would like a copy of the information which we hold about you, please contact our Operational Manager.

It will help us if you can state which Clinic(s) you attended and the approximate dates and type of treatment for which you want to see the record. You must apply in writing, giving your name, address, date of birth and, if you have it, your ID number. Say that you are applying for access to your health records. Please allow up to 40 days for us to process your application.

For providing copies of your medical (paper) records, or x-ray films you may be charged a fee, depending on the work involved.

Keeping information up to date

If you consider that any part of the information held in your record is inaccurate, you can apply to have this corrected. If we agree that the information is incorrect, the alteration will be made. If we are not satisfied that the information is incorrect, a note will be made of the information you consider is inaccurate. You will be given a copy of either the correction or the note.

Your rights

You can have a say in how LycaHealth uses information about you. If you do not wish personal data to be used or shared in the way that is described, please discuss the matter with us. You have the right to request that your confidential information is not used beyond your own care and treatment and to have your objections considered, and, where your wishes cannot be followed, to be told the reasons, including the legal basis. Where permitted by the applicable laws and regulations, LycaHealth will delete Personal Data upon your written request.

Changes to our privacy policy

Any changes we may make to our Privacy Policy in the future will be posted on this page

Links from our website to other websites

Please be aware that our website provides access to other websites by linking to them. We are only responsible for the privacy, content or security of the LycaHealth website.

Mobile Phone Numbers

We record mobile telephone numbers to enable us to contact you if an appointment has to be rearranged. Some services also provide a text reminder service so that you can be reminded of your appointment. If you prefer not to be contacted in this way, please tell us so we can remove your number from the system.

Making a complaint

Making a complaint about the provisioning of Personal Information by LycaHealth:

If you wish to make a complaint about the service you received when requesting access to your personal information, you can make a complaint to LycaHealth and the Information Commissioner.

LycaHealth is obligated to investigate any legitimate complaints it receives.

If you are not satisfied with LycaHealth’s response to the complaint, or do not want to approach LycaHealth with a complaint directly, you are able to request an assessment of LycaHealth with the Information Commissioner. The Commissioner investigates complaints at their own discretion, and usually expects the complainant to exhaust LycaHealth’s own complaints procedure first.

If you remain dissatisfied at the conclusion of any review, you may complain to the Information Commissioner’s Office, whose address is:

Information Commissioner’s Office
Wycliffe House Water Lane
Cheshire SK9 5AF
Tel: 0303 123 1113
Fax: 01625 524 510

Disability and alternative formats

If you need an interpreter, information for blind or deaf patients or those with learning difficulties or if you need any assistance with this, please contact us.

Contacting us

If you have any comments or queries concerning our website, please contact us. For queries regarding LycaHealth’s products or services, please call our Enquiries Department on 7132 1440.

You may also e-mail the Enquiries Department at

If you have any questions or concerns about our use of your Personal Data you should write to the Operational Manager at Lycahealth at the address below:

Operational Manager
Lycahealth Limited
1 Westferry Circus
Canary Wharf
E14 4HD

Useful links:

Information Commissioner’s Office

Data Protection Act

General Data Protection Regulation (GDPR)

National Health Service Act 2006

Book appointment