This policy explains how and for what purposes we use the personal data collected about you. If you have any queries or comments about the policy or our use of your personal data, please get in touch with us.
We use the information we collect about you for the following purposes:
● Provision of pharmacy services
● Dispensing of medicines
● Administration of pharmacy
● Claiming reimbursement
● HR purposes
Personal data collected
Personal data means any information relating to you which allows us to identify you, such as your name & address and occasionally contact phone number and email address.
Data concerning health is processed for health related purposes only where necessary for the benefit of patients like prescription details, medicines dispensed, allergies, contraindications, vaccinations and information relating to the physical or mental health of condition of a patient.
Consent is informed and meaningful but does not necessarily have to be in writing. Consent can be taken as given where a patient supplies a prescription to the pharmacist to be dispensed. It is clear that the pharmacy has obtained this information fairly.
The following personal data is safely kept
● Patients records
● Staff records
● Account records
How we collect and hold data
We take reasonable steps to protect the data provided via our services. We maintain administrative, technical and physical safeguards designed to protect the personal data you provide. However, no internet or email transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any personal data to us via the internet. We store personal data only for as long as it is necessary for the fulfilment of the purpose for which the personal data was collected, unless otherwise required or authorised by applicable law. We take measures to destroy or permanently de-identify personal information if required by law or if the personal data is no longer required for the purpose for which we collected it.
· Prescriptions, registers and invoices: kept for 2 years
· Vaccinations: 6 years
· Unlicensed medicines: 5 years
· Animal Remedies and veterinary prescriptions: 5 years
Who has access to the personal data?
Only people in our organisation who are engaged to process personal data for the purposes set out above will have access to relevant third party suppliers have access to the information, including personal information that we have collected from you.
To protect patient safety and data security, we use Healthmail to communicate patient information to GPs, Primary Care Teams, Community intervention Teams, Hospital Consultants, HSE, PCRS and other pharmacies.
If our business enters into a joint venture with or is sold to or merged with another business entity we would take appropriate measures to facilitate patients’ access to their records following PSI guidelines. We will not otherwise disclose, sell or distribute your information to any third party without your permission unless we are required to do so by law.
Access to, changing or removing the information we hold
If you want to update your information, change your mind or no longer wish to have your details stored by us, please email us or fill in the data protection form available in the pharmacy. Any changes/removal requests will be actioned within 30 days.
We may employ third-party companies to ensure the best treatment for the patient. These third parties will have access to your personal data only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.
These may include:
● IT systems personnel
We take security seriously and apply adequate technical measures to protect your personal data from loss or theft, as well as unauthorized access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100% secure, and cannot guarantee the absolute security of your data.
These measures are in place to protect the information collected:
- access to computers is restricted to authorised personnel only
- access to computers is password protected
- Anti virus software is in use
- A firewall is used to protect systems connected to the internet
- computer screens are positioned out of public view
- premises are alarmed and secure when not occupied
- Manual/paper are stored securely
- All paper records of patient data are securely shredded before disposal
- access to CCTV is restricted to authorised personnel only
To the extent provided by applicable law, you may have the right to obtain confirmation that we hold personal data or other information about you, request access to and receive information about the personal data we maintain about you, receive copies of the personal data we maintain about you, update and correct inaccuracies in your personal data, object and withdraw your consent to the processing of your personal data and have the information edited, deleted or have processing of this data limited. The right to access personal data may be limited in some circumstances by legal requirements. To exercise these rights, please contact us using the methods listed below. Upon your request, we will take reasonable efforts to delete all of your personal data and non-identifiable information that you have provided to us, though we cannot delete any aggregate or otherwise non-indefinable information derived from your personal data or from your use of our services. If you provide us with any information or material relating to another person(s), you are responsible for making sure that the sharing with us and our further use as described to you from time to time is in line with applicable laws.
Under certain circumstances, by law you have the right to
To invoke your rights you should contact us via the contact details provided.
If you believe it necessary you may also lodge a complaint about the way we have processed your personal data, with the Data Protection Commission, and you can contact them on firstname.lastname@example.org
Email: email@example.com Phone:01 6896300