|
Vitalpulse Ltd is registered with the Information Commissioner’s Office under the Data Protection Act 1998. Registration number Z8596598.
“Data controllers” are required to register (notify) under the Data Protection Act 1998. Vitalpulse Ltd is not a Data Controller and therefore exempt from notification under the Act. However, to convey to our clients our total commitment to patient confidentiality and to consolidate our statutory legal responsibilities from which we are not exempt, we have registered voluntarily under the category of “software developers”.
- Access to confidential subject data is required for the purposes of:
a) maintenance and repair of databases and automated data collection processes;
b) reporting of treatment data to authorised National Registries, and for which subjects have given explicit consent in the manner agreed;
c) development and installation of data collection software from laboratories and treatment equipment.
- Reporting to National Registries is governed by subjects giving explicit consent, as agreed with the Caldicott Guardian.
- Only a selected, relevant dataset is accessed and, where required, downloaded from the clinical database maintained by the Trust.
- Where it is necessary for data files to be held temporarily, they are held only until they have been processed and safely delivered to the relevant Registry. They are then deleted.
- All patient records held temporarily by Vitalpulse Ltd are stored in encrypted disc volumes or files to RFC4880 standards. File transmissions are fully encrypted.
. |
