Page Properties | ||||
---|---|---|---|---|
| ||||
|
...
“You” This means you, the user and the person controlling who can see or share their record record.
“Patients Know Best (PKB) Account” is the online account that shows you your personal health information shared by your care providers and gives you some control over who can see it, including what you may choose to add about yourself yourself.
“Patients Know Best (PKB) Record” is the information about you provided by your care providers and is shared between themselves to provide you with safe care before you create your PKB Account Account.
“Patient Contributed Data” means the information you add to your PKB Account and choose to make visible to professionals providing your care and anyone else you choose choose.
“Provider Contributed Data” means the information professionals have recorded and shared between themselves through the PKB Record and with you in your PKB Account.
“The Service” is the IT platform and software PKB use to provide your online PKB Account and PKB Record Record.
“Carers” are friends, family or anyone you choose to give access to your PKB Account Account.
“Professionals” are the people working for organisations Organisations who have been given access to PKB Records because they help to deliver your care. These people have had their identity and qualifications verified, for example, doctors and nurses, and have been trained in handling confidential patient information information.
“Organisations” are customers of PKB that have information about you and that you can choose to trust to see your records, for example, hospitals or GPs.
“Encryption” is a method of securing your information so that only those with the correct credentials can access it it.
2. Types of PKB Service Users
...
To provide you with important information about the Service, such as updates and notifications (e.g. changes in this privacy notice).
To send you the PKB email newsletter (if you have chosen to receive it).
To identify your age and location to help determine whether you meet the criteria for a PKB Account Account.
PKB may contract companies to provide services on our behalf, such as our support desk or to answer queries about the Service. We give those organisations access only to the minimum personal information to help you with your queries, such as your IP address (your computer’s location) or e-mail address. They are bound by a contract and a duty of confidentiality. These companies cannot access your health information, which is encrypted.
...
PKB does not delete PKB Records unless an Organisation asks, normally 8 years after it was last accessed by the Organisation Organisation.
Where an Organisation ceases the contract with PKB, unregistered PKB Records that have not been accessed by an Organisation will be deleted within 30 days of contract cessation cessation.
Where an Organisation ceases the contract with PKB, registered PKB Records will be retained or deleted at the discretion of the Organisation. Where PKB Records are retained, a retention-only contract will be established.
PKB does not delete your PKB Account unless you ask, and then we can only delete information that you have added that has not been viewed by a Professional Professional.
We explain in more detail below:
...
An organisation may provide a deletion instruction to PKB at any point during their contract. After the Service contract has ceased an Organisation may request the PKB Record to be deleted or retained (in line with the Records Management Code of Practice) within PKB or in a different system. Where the Organisation provides a retention instruction to PKB after the Service contract has ceased, a retention-only contract will be established.
...
To find out the legal bases for an Organisation that provided your information, you should check their privacy notice.
For all UK Organisations, PKB has a Data Processing Contract (DPC) that sets out the responsibilities of each party. PKB is a Processor for all data that forms the PKB Record.
For NHS organisations a Joint Controller Relationship , a joint controller relationship is established for any data you, as a patient (PKB Account), share with the Organisation.
...
PKB's responsibilities in the DPC as a Processor are:
Providing the Service Service.
Providing the security of the Service Service.
Processing on the written instruction of the Controller Controller.
Organisations providing data are responsible for:
The quality of the information uploaded to PKB including ensuring the correct privacy labels are with the associated information information.
Providing access to those in the Organisation who require it it.
Patient-contributed information (PKB Account)
...
Processing under legitimate interests. Processing occurs only after you have voluntarily registered and you have added information to your PKB Account. Your interests, rights and freedoms continue to be protected.
Processing that is necessary for the provision of care. PKB ensures patient information is available to providers, relatives and/or carers to support the delivery of care, as well as assist the patient to access care services services.
For NHS Organisations using PKB, after you share data with them, a Joint Controller relationship will be formed for this data between PKB and the NHS Organisation – the NHS Organisation may retain this data as part of your healthcare record.
...