Terms & Conditions

 1 General

  1. We will make Healthcode products and services available to you in consideration of the mutual exchange of promises contained herein if you are a user of our basic billing service and for the duration of any Trial Period that we may, in our absolute discretion, grant to you, and if you are a user of a subscribed Service, additionally in consideration of the Fee(s).
  2. You must read these Terms and Conditions carefully before checking the “I accept” box. By checking the “I accept” box you agree to be bound by these Terms and Conditions and to ensure that any of your users of Healthcode products and services comply with them.
  3. We may modify these Terms and Conditions upon 30 days’ notice at any time. The variations may be posted on our website (URL http://www.healthcode.co.uk/) and/or otherwise communicated to you. Continued use of Healthcode products and services 30 days after the date of such posting or communication is conclusive of your acceptance of the Terms and Conditions as modified. If you do not wish to continue to use Healthcode products and services upon the varied terms, then you may terminate in accordance with clause 5(a). Provided that your notice of termination is received prior to the expiry of the 30-day notice period, the terms as drafted prior to the variation shall continue to apply for the 90-day termination period.

2 Grant of rights to use Healthcode products and services

  1. Upon commencement of use of Healthcode products and services, You (and your users) will be able to submit requests for usernames and passwords on-line on our website. We will issue the usernames and passwords (which are validly requested) within a reasonable time following such request. You are responsible for keeping this information confidential and agree to take all necessary steps to ensure that it is kept secure and not disclosed to any unauthorised person.
  2. You must ensure you never leave a terminal logged on and unattended such that any unauthorised person could obtain information about a patient. You will only access Healthcode's system whilst duties necessitate it and advise Healthcode when access to a Healthcode's system is no longer required.
  3. If you believe your or your users’ username(s) or password(s) have been discovered or are being misused, you must tell us immediately and take all steps necessary, or if requested by us, to prevent such use. We may suspend use of Healthcode products and services or change your password and notify you we have done so if we think there is likely to be a misuse of Healthcode products and services or a breach (or threat of breach) to the security and/or integrity of Healthcode products and services and/or our website(s).
  4. You and your users may only use the system for the purposes described in the appendices.
  5. You and your users must not upload or transmit any material that infringes any patent, trademark, trade secret, copyright or other proprietary rights of ours or any other party and you and your users must at all times use Healthcode products and services in a lawful and proper manner and only for the purposes set out in these Terms and Conditions. You and your users shall not sell, resell, reproduce, duplicate, copy or create derivative works of any portion of Healthcode products and services.
  6. You are solely responsible for obtaining all equipment, approvals and paying all charges for connection to the World Wide Web.
  7. You agree to indemnify, defend and hold harmless in full, us from and against all losses, expenses, damages and costs, including solicitors’ fees, resulting from any breach of these Terms and Conditions or negligent or wrongful conduct by you and/or your users or resulting from your or your users’ use of Healthcode products and services in a manner not compatible with the purposes for which it is intended.

3 Our Proprietary Rights

  1. We retain all right, title and interest in Healthcode products and services, including all copyright, trademarks, patents and all other intellectual property rights.

 

4 Term and Payment

  1. Invoice clearing services are provided to healthcare providers.
  2. For Healthcode product and services:

(i) The term is for one year renewing automatically on the anniversary of the Effective Date, unless terminated as set out below.      We will provide you with an invoice prior to the anniversary of the Effective Date. Payment must be made by you prior to the      anniversary of the Effective Date.

(ii) We have the right to increase the Fee annually, but we will notify you of the increase on the invoice, and such increase shall       constitute a variation of the terms subject to the terms of clause 1 (c).

(iii) All invoices issued in relation to Healthcode products and services are due and payable 30 days from the day of the invoice.

5 Termination and Suspension of Use

  1. Either party may terminate access to Healthcode products and services for any reason by giving the other party 90 days written notice. If we terminate on notice, after you have paid an annual Fee, we will provide you with a pro rata refund of your annual Fee for the period from the date on which termination takes effect to the end of the year for which the Fee has been paid. If you terminate, no refund shall be given.
  2. We reserve the right, in our sole reasonable discretion, to immediately terminate your access to Healthcode products and services without notice and without refund if in our sole discretion we believe you or your user(s) have breached these Terms and Conditions and/or are threatening the security and/or integrity of Healthcode products and services or our website(s). If we terminate due on such grounds, you will not be entitled to any refund or payment.
  3. In the event of non-payment of an overdue invoice by you, we reserve the right to suspend the service immediately until payment is made in full.
  4. You may terminate access to Healthcode products and services by giving us not less than 30 days written notice where we are in material breach of these Terms and Conditions and we do not cure the relevant material breach prior to the expiry of the notice period. Where you terminate for our material breach, we will provide you with a pro rata refund of your annual Fee for the period from the date on which termination takes effect to the end of the year for which the Fee has been paid.
  5. All provisions which by their nature would continue to survive termination or expiry of these Terms and Conditions shall so survive.

6 Data Protection and Confidentiality

  1. In this clause 6, the following definitions apply:

i) Controller: as defined in the applicable Data Protection Legislation.

ii) Data Protection Legislation: up to but excluding 25 May 2018, the Data Protection Act 1998 and thereafter (i) unless and until the GDPR is no longer directly applicable in the UK, the GDPR and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998.

iii) GDPR: General Data Protection Regulation ((EU) 2016/679).

iv) Personal Data: as defined in the applicable Data Protection Legislation.

v) Personal Data Breach: as defined in the applicable Data Protection Legislation.

vi) processing: as defined in the applicable Data Protection Legislation (and related terms such as process have corresponding meanings).

vii) Processor: as defined in the applicable Data Protection Legislation.

viii) Transfer Safeguards: means safeguards that are recognised under the Data Protection Legislation for permitting the transfer of Personal Data outside of the European Economic Area.

  1. You and Healthcode will comply with all applicable requirements of the Data Protection Legislation and all relevant Codes of Practice       and other guidelines issued by the Office of the Information Commissioner in respect of the Personal Data which is processed via, or is caused to be processed by, Healthcode in Healthcode providing its products and services. Our Privacy Notice (available at http://www.healthcode.co.uk/privacy) applies to our processing of Personal Data.  This clause 6 is in addition to, and does not relieve, your or Healthcode’s obligations under the Data Protection Legislation and other guidelines issued by the Office of the Information Commissioner.
  2. To the extent that you provide Healthcode with any Personal Data as part of the Healthcode products and services, you shall ensure that you are legally and properly entitled to pass the Personal Data to Healthcode including by ensuring that you have all necessary notices and consents in place to enable the lawful transfer of the Personal Data to Healthcode and to enable Healthcode to provide you with the Healthcode products and services.
  3. You and Healthcode shall each provide reasonable assistance to each other (at the cost and expense of the requesting party) in assisting the other to comply with all applicable requirements of the Data Protection Legislation.
  4. Without limitation to clause 6(b), it is Healthcode’s policy to follow the Code of Practice for information management systems set out in ISO/ICE 27001.
  5. Healthcode may engage third-party Processors to carry out any processing activities in respect of the Personal Data that it processes as part of providing the Healthcode products and services, and Healthcode shall notify you of any such third-party Processors by posting details on Healthcode’s website and/or by including relevant details in the Privacy Notice. Healthcode confirms that it has entered into or (as the case may be) will enter into with the third-party Processor a written agreement incorporating terms which are substantially similar to those set out in this clause 6.  As between the Healthcode and you, Healthcode shall remain fully liable for all acts or omissions of any third-party Processor appointed by it.
  6. To the extent that Healthcode is ever acting as a Processor in processing the Personal Data as part of the Healthcode products and services on your behalf with you acting as a Controller, Healthcode shall:

i) process that Personal Data only on your written instructions (and you hereby instruct Healthcode to process the Personal Data you supply in order to provide you with the Healthcode products and services) unless Healthcode is otherwise required by the laws of any member of the European Union or by the laws of the European Union applicable to Healthcode to process Personal Data (Applicable Laws). Where the Healthcode is relying on Applicable Laws as the basis for processing the Personal Data, Healthcode shall notify you of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit Healthcode from so notifying you;

ii) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of the Personal Data and against accidental loss or destruction of, or damage to, the Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting the Personal Data, ensuring confidentiality, integrity, availability and resilience of systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted);

iii) ensure that all of Healthcode’s personnel who have access to and/or process the Personal Data are obliged to keep the Personal Data confidential;

iv) only transfer the Personal Data to any country outside the European Economic Area if Transfer Safeguards are in place for such transfer (to the extent required by Data Protection Legislation);

v) notify you without undue delay on becoming aware of a Personal Data Breach;

vi) at your written direction, delete or return the Personal Data and copies thereof to you on termination of these Terms and Conditions unless Healthcode is required by Applicable Law to store the Personal Data, but Healthcode shall not be required under this clause to delete Personal Data (including from backup copies), which has been stored in accordance with any retention periods set out in Healthcode’s retention policy, where to do so would not be technically reasonable having regard to all the circumstances; and

vii) maintain, in accordance with Data Protection Legislation binding on Healthcode, written records of all categories of processing activities carried out by Healthcode on your behalf.

  1. All information shared between the parties, or otherwise accessed, in relation to these Terms and Conditions shall be held confidential by the other party.

7 Force Majeure and Viruses

  1. Neither party shall be liable for any delay or failure to perform any of its obligations under these Terms and Conditions if such delay or failure is due to any cause beyond the party’s reasonable control including, without limitation, interruption of Internet services.
  2. Healthcode shall take all reasonable steps in accordance with computing industry practice to prevent viruses or other malicious code infecting Healthcode products and services, including the use of industry standard anti-virus software. You acknowledge that, to the extent any virus or malicious code is not known to or detected by such anti-virus software, Healthcode shall have no liability in relation to the same.
  3. You agree to ensure that any computing equipment from which you access Healthcode products and services is running industry standard anti-virus software which has fully up to date virus definitions and that such computing equipment is regularly scanned for, and cleared of, viruses, worms, trojans, ‘spy-ware’, ‘ad-ware’ or other malicious code.

8 Disclaimer and Limitation of Liability

  1. We process messages on an automatic basis. We are not responsible for the contents of a message or its accuracy.
  2. THE HEALTHCODE PRODUCTS AND SERVICES ARE PROVIDED ON AN AS-IS BASIS AND, OTHER THAN STATED ABOVE, USE OF HEALTHCODE PRODUCTS AND SERVICES IS DONE ENTIRELY AT YOUR OWN RISK. WE EXCLUDE ALL REPRESENTATIONS AND WARRANTIES ABOUT THE ACCURACY, RELIABILITY, COMPLETENESS OR TIMELINESS OF ANY INFORMATION IN HEALTHCODE PRODUCTS AND SERVICES TO THE MAXIMUM EXTENT ALLOWED BY LAW.
  3. WE WILL NOT BE LIABLE FOR ANY LOSSES, COSTS, CLAIMS, DEMANDS, DAMAGES AND EXPENSES (EACH WHETHER DIRECT OR INDIRECT) RESULTING FROM ANY UNAVAILABILITY OF HEALTHCODE PRODUCTS AND SERVICES OR ANY CORRUPTION (INCLUDING, WITHOUT LIMITATION, INFECTION, VIRUSES, WORMS, TROJAN HORSES OR OTHER CODE THAT MANIFEST CONTAMINATING OR DESTRUCTIVE PROPERTIES) OR LOSS OF DATA YOU MAY SUFFER. YOU ARE RESPONSIBLE FOR IMPLEMENTING SUFFICIENT PROCEDURES AND CHECKPOINTS TO SATISFY YOUR PARTICULAR REQUIREMENTS FOR ACCURACY OF DATA INPUT AND OUTPUT, AND FOR MAINTAINING A MEANS EXTERNAL TO HEALTHCODE PRODUCTS AND SERVICES FOR THE RECONSTRUCTION OF ANY LOST DATA.
  4. WE DO NOT MAKE ANY REPRESENTATIONS OR GIVE ANY WARRANTY IN RESPECT OF THE SPEED OR ACCURACY WITH WHICH YOUR CLAIMS MESSAGE IS READ, PROCESSED OR ACTIONED BY THE INTENDED RECIPIENT.
  5. IN NO EVENT WILL WE BE LIABLE FOR LOSS OF PROFITS (DIRECT OR INDIRECT), INCIDENTAL, CONSEQUENTIAL, OR SPECIAL LOSSES OR DAMAGES (INCLUDING BUT NOT LIMITED TO, DIRECT OR INDIRECT LOSSES AND DAMAGES FOR ANTICIPATED SAVINGS, GOODWILL, BUSINESS INTERRUPTION, LOSS OF PROGRAMS OR DATA).
  6. ALL AND ANY TERMS, CONDITIONS AND WARRANTIES IMPLIED INTO THESE TERMS AND CONDITIONS ARE EXCLUDED TO THE FULLEST EXTENT PERMISSIBLE BY LAW.
  7. EXCEPT IN RELATION TO LIABILITY FOR DEATH OR PERSONAL INJURY CAUSED BY OUR NEGLIGENCE OR OUR FRAUDULENT MISREPRESENTATION, OUR TOTAL AGGREGATE LIABILITY TO YOU UNDER THESE TERMS AND CONDITIONS SHALL BE LIMITED TO FIVE HUNDRED POUNDS STERLING (£500).

9 Agreement and Severability

  1. These Terms and Conditions contain the entire agreement between us in relation to the use of Healthcode products and services. No other written or oral representations made will be incorporated into these Terms and Conditions or have any legal effect, and we shall not have any liability for such (except for fraudulent misrepresentation).
  2. If at any time any part of these Terms and Conditions is held to be or becomes void or otherwise unenforceable for any reason under any applicable law, the same shall be deemed omitted from these Terms and Conditions and the validity and/or enforceability of the remaining provisions of these Terms and Conditions shall not in any way be affected or impaired as a result of that omission.

10 Assignment and Rights of Third Parties

  1. These Terms and Conditions are personal to you and you shall not assign, sub-contract or otherwise transfer, any of your rights and responsibilities under these Terms and Conditions. The Contracts (Rights of Third Parties) Act 1999 shall not apply to these Terms and Conditions. The parties to these Terms and Conditions shall have the right to vary or cancel them in accordance with its provisions without requiring the consent of any third party.

 

 11 Warranties and Undertakings

  1. You warrant, represent and undertake that:

i) you have the power and authority to agree to and perform these Terms and Conditions and that agreement and performance of these Terms and Conditions has been duly authorised by all necessary actions; and

ii) if and to the extent that you are the appointed representative acting on behalf of a Practitioner, you shall facilitate for us direct contact with the medical specialist or consultant so that we can obtain authorisation directly to process patient data and confidential data on behalf of that medical specialist or consultant.

 

12 Medical Specialists and Consultants

 a. In the event that you are acting on behalf of a medical specialist or consultant:

(i)  we may set up certain ‘micro’ or ‘child’ sites for that medical specialist or consultant, which will contain confidential information of the medical specialist or consultant and/or personal data for which they are a data controller (“Child Site”);

       (ii)  in the event that you are informed by the medical specialist or consultant that they no longer wish you to be acting on their behalf, you:

      1. shall promptly notify us of the same; and
      2. shall facilitate for us direct contact with the medical specialist or consultant so that we can obtain confirmation directly from the medical specialist or consultant that they no longer wish you to be acting on their behalf and so we can obtain other information from them including in relation to how their arrangements with us will be dealt with in the future (whether via a replacement entity to you or directly between us and the medical specialist or consultant); and
      3. acknowledge and agree that, subject to any confidential information belonging to you which you shall identify to us in writing in the necessary detail for us to locate and identify it within the Child Site, the Consultant is the data controller of personal data and the data owner of other information within the Child Site and, as such, we may freely allow the replacement entity or the medical specialist or consultant access to the Child Site.

                 (iii)  in the event that we exercise the rights set out in clause 12(a)(ii)(c), you may still need to have access to certain elements of the Child Site (for a certain limited period, generally not more than 6 months, but to be determined by the medical specialist of consultant) to enable you to fulfil any continuing obligations you may have to the medical specialist or consultant (such as processing old invoices) and, in this situation, you will only access the Child Site as strictly necessary to fulfil these obligations and you will keep confidential any information that you access or process as part of this limited access to the Child Site.

 

13 Governing law and jurisdiction

  1. These Terms and Conditions shall be governed by, and construed in accordance with, the laws of England.
  2. All disputes or claims or matter relating to these Terms and Conditions shall be subject to the exclusive jurisdiction of the English Courts to which both parties irrevocably submit.


 14 Products and Services

These terms and conditions apply to the following products and services:

  • ePractice biller
  • ePractice biller Plus
  • ePractice manager
  • HC VEDA® bill clearing and validation services
  • Bill clearing and validation services
  • Electronic remittances
  • Pre-authorisation services
  • Secure Messaging service
  • Clinical Coding Toolkit
  • The Private Practice Register
  • The GDPR Toolkit

A full description of each product and/or service can be found in the appendices.

APPENDIX A : ePractice biller

Healthcode ePractice biller is a secure online billing application for Specialists, Medical Secretaries, and Group Practices. The service allows registered users to key billing information directly to the Healthcode secure online system. Features are listed below:

  • Patient Database
  • GP Database
  • Diagnosis (ICD) Procedure (CCSD) and Industry Standard Charge Codes (Healthcode ISC ©) look up tools.
  • Production of paper invoices (fixed format) for self pay and non electronic billing Insurers
  • Pre-submission validation of electronic invoices
  • Validation of invoices for Insurers accepting electronic invoices against the insurer validation rules
  • Data export facility

 

 

APPENDIX B : ePractice biller Plus

Healthcode ePractice biller Plus is a secure online billing and payment tracking application for Specialists, Medical Secretaries, and Group Practices. We charge an annual fee (as described in the Terms and Conditions) for access to ePractice biller Plus. The service allows subscribing customers and authorised registered users to:

  • Key billing information directly to the Healthcode secure web system and/or
  • Access details of the insured work they have carried out in Private Hospitals and certain Private Patient Units within the NHS (from participating Insurers). It delivers to the desktop key information required by Insurers to pay the bill.

Features are listed below:

  • Patient Database
  • GP Database
  • Diagnosis (ICD) Procedure (CCSD) and Industry Standard Charge Code (Healthcode ISC ©) look up tools.
  • Production of paper invoices (fixed format) for self pay and non electronic billing Insurers
  • Pre-submission validation of electronic invoices
  • Validation of invoices for Insurers accepting invoices against the insurer validation rules
  • Invoice Auto-population (available for electronic bills)
  • Track patient and insurer accounts and record payments, including allocation of bulk payments.
  • Integrated Membership Enquiry - ability to verify and confirm a patient’s insurance policy number and demographics securely on line.
  • Guideline Pricing – ability to set fees insurer-by-insurer basis
  • Invoicing and Payment reports
  • Data export facility

APPENDIX C : ePractice manager

ePractice manager is a comprehensive secure online management system for private practices, helping Specialists, Medical Secretaries and Group Practices to manage every aspect of their practice. The service allows subscribing customers and authorised registered users to:

  • Create and maintain a patient database with contacts, GP information, notes and alerts.
  • Manage appointments and schedules for the practice for individuals and groups of specialists with a facility to hold waiting lists.
  • Track patient and insurer accounts and record payments, including allocation of bulk payments.
  • Run various statements and financial reports.
  • Manage patient correspondence using letter templates and online document storage. Appointment confirmation, shortfall and reminder letters with batch document processing.
  • Manage the practice contact book in one central location.

We charge an annual fee (as described in the Terms and Conditions) for access to ePractice manager. The table below illustrates the features included in ePractice manager as standard.

Feature

ePractice manager

Patient management

·   Patient information

·   Notes and alerts

·   Appointment history

·   Patient billing and account management

·   Patient contacts book

·   Correspondence history

Diary management

·   Flexible diary views

·   Clinic and Theatre session creation and management

·   Search function

·   Waiting list and earlier appointment requests

·   Appointment confirmation

·   Appointment by status

·   Listing by appointment type

·   Appointment reports

Patient billing

·   Includes all features listed within ePractice biller Plus

Practice accounting and reporting

·   Reconciliation

·   Statements

·   End of day banking list

·   Aged debt analysis reports

·   Financial summary reports

·   Account summary reports

·   Invoicing reports

·   Payment reports

·   Debtor reports

Document Management

·   Appointment letters

·   Shortfall letters

·   Reminder letters by debt band

·   Statements

·   Invoice and receipts

 


 

APPENDIX D: HC VEDA® System and associated bill validation and clearing Services

Healthcode's HC VEDA® and associated bill validation and clearing services is used in conjunction with Third Party software. Third party software is used to manage the practice and create insurer bills. Patient billing records captured on the Hospital Patient Administration System (PAS) or the Specialist Practice Management System are submitted to HC VEDA®.  For Hospital bills, internal charge codes are mapped to Healthcode's proprietary Industry Standard Codes (ISCs). The files containing the validated bills are held on Healthcode's servers until insurers collect them for processing. The system generates a receipt for each bill collected. 

While all Healthcode secure services are subject to username and password access controls, a number of third party software vendors will integrate these into their practice management system. Where this occurs, Acceptance of these Terms and Conditions will constitute authorisation for Healthcode to issue your third party software vendor with the necessary password to activate electronic billing.

APPENDIX E: The Private Practice Register (The PPR)

The Private Practice Register provides a service that allows specialists, consultants and health professionals to interact with Private Medical Insurers as part of their specialist recognition process.

The Private Practice Register provides a secure central online facility, which enables specialists, consultants and health professions to submit information to Private Medical Insurers in support of new application for recognition; or update information for insurers with whom they are already recognised.  

The service allows Practitioners, Organisations and registered users subject to either the Specialist or Organisations authorisation to:

  • Submit new recognition applications securely to insurers
  • Store their private practice documents securely online
  • Maintain practice capabilities and keep their practice rights up to date in one system including:
    • Personal Profile
    • Private and NHS Practice information
    • Fitness to Practice information
    • Specialty and Qualifications
    • Medical Secretary Details
    • Publications
    • Bank Details
    • Medical Indemnity
    • Recognition status for insurer(s)
  • Build and maintain their private practice profile
  • Complimentary access to ePractice biller
  • Complimentary access to Secure Messaging

Only subscribing insurers to The PPR will receive all the information you provide, you may need to supply further information to non-subscribing insurers as part of your recognition application.

As part of The PPR, Healthcode undertakes that the following information will be “non-publishable” (meaning not made publicly available, unless you otherwise provide Healthcode with express permission to the contrary) by Healthcode and/or the third party recipient of that information:

  • Date of Birth
  • Email Address
  • Contact Number
  • Mobile Number
  • Bank Details
  • NHS Contact Details

 To ensure your profile is up to date Healthcode may receive updates to your bank details directly from Insurers you have a relationship with as advised by your bank.

 

APPENDIX F: Service Packages

Service

Brief description

Electronic Remittances

Most insurers also issue electronic remittance advises which in turn can be downloaded into the provider system for automatic account reconciliation.

Pre-authorisation services

Healthcode’s Membership Enquiry and Verification service allows healthcare providers to confirm a patient’s insurance details online. Using Healthcode’s secure, encrypted network, providers can validate your patient’s insurance and demographic details quickly and securely. Long, time-consuming phone calls to insurers are eliminated.

Secure Messaging

Healthcode's Secure Messaging service uses encryption to internet banking standards.  The system allows the efficient transmission of confidential information between key healthcare professionals.

Clinical Coding

With Healthcode’s Clinical Coding Toolkit, providers such as private hospitals and NHS Private Patient Units treating NHS patients have the ability to determine HRG tariffs in order to accurately prepare NHS submissions to Secondary Uses Service (SUS) in support of Payment by Results (PbR) tariff and Hospital Episode Statistics (HES) contracted obligations.

Healthcode’s Clinical Coding Toolkit offers a broad range of benefits to healthcare providers, including clinicians and administrative staff, to support healthcare professionals in their administrative and reporting duties. It also enables a clinical coder to work with the independent sector code sets which they’re familiar with and allows them to translate codes to NHS standards.

APPENDIX G: GDPR Toolkit 

Healthcode’s GDPR Toolkit consists of the following to assist practitioners and practices become compliant with the GDPR:

GDPR Guide:  full access to the GDPR guide which is tailored to private practitioners.  The guide gives an introduction into the GDPR, key changes and information to be aware of in order to prepare for compliance. Practitioners and practices will learn how the regulation will affect them and practical steps to take into the path to compliance.   The guide explains GDPR terminology, outline the likely legal basis to process patient data, discuss increased individual rights and provide practical hints and tips related to private practice.

Templates: full access to templates which are recommended to be in place under GDPR:

  • Privacy policy:  this will guide you to include essential information as required under GDPR
  • Breach notification procedure: a practical procedure outlined which can be followed when a breach occurs within your practice, providing helpful pointers on what to do and things to remember under GDPR.
  • Subject Access Request Procedure: a helpful document which outlines the steps to take when a subject access request is received by your organisation.
  • Subject Access Request Form: a form which can be provided to your patients to capture information in order to fulfil a request and also keep as formal document for your records.
  • Subject Access Request Register: good practice document which acts as a log of the subject access requests you receive. This is vital for accurate record keeping in one place.
  • Information Asset Register: ICO recommended ensuring data assets within your practice are accounted for and the risk is documented for each.  This template is easy to edit and implement, it is important to keep it up to date for accuracy and will assist with dealing with patients whom exercise their rights under the GDPR.

Subject Access Export: give you the ability to extract vital information held within ePractice on a single patient through this export feature.  This will assist in dealing with subject access requests submitted by your patients.  Easily compile information to submit within the one month mandatory deadline under GDPR.

Disclaimer: The Toolkit is provided by Heatlhcode to you for own internal business purposes only.  Healthcode makes no representations or warranties to you of any kind, express or implied, as to the Toolkit, templates or the information, content or materials included therein.  Your use of the Toolkit is governed by these terms and conditions.  The Toolkit may include examples, forms and other general information; however, any information or sample templates provided as part of the Toolkit are for example purposes only, may not be suitable to your circumstances and should not be considered to be a substitute for the advice of your own lawyer or other appropriately qualified professional.  Healthcode is not responsible for any loss, damage or cost resulting from any decisions that are made in reliance on the Toolkit, including legal, compliance and/or risk management decisions.  You agree that your use of the Toolkit is at your own risk in these respects.