i5 Health Privacy Policy
At i5 Health, we are committed to safeguarding and preserving the privacy of our visitors, staff and clients. We never give your details to third parties to use for marketing or sales activity. This notice explains i5 Health’s privacy policy and what happens to any personal data provided to us, or that we collect from you whilst you visit our site and how we use cookies on this website.
We take your privacy seriously and will only use your personal information to administer your account and to provide the products and services you have requested from us. We will never sell your data to third parties.
This policy was last updated on 21th June 2023. i5 Health updates this Privacy Policy from time to time so please do review this Policy regularly.
SCOPE
This privacy notice covers the operations of i5 Health Ltd a UK registered company.
REGISTRATION
i5 Health Ltd is registered with the Information Commissioners Office in England and complies with:
(i) national laws implementing the EU Data Protection Directive (95/46/EC) and the EU Privacy and Electronic Communications Directive (2002/58/EC),
(ii) the General Data Protection Regulation (EU) 2016/679 (GDPR), and
(iii) all other applicable international, regional, and/or national data protection laws and regulations (“Data Protection Laws”).
DISCLOSING YOUR INFORMATION
i5 Health will not disclose your personal information to any other party other than in accordance with this Privacy Policy and in the circumstances detailed below:
• In the event that we sell any or all of our business to a buyer.
• Where we are required by law to disclose your personal information.
• To further fraud protection and reduce the risk of fraud.
DATA PROCESSING OPERATIONS
i5 Health acts as the data processor and data controller. We often process data following instructions as specified by our NHS clients.
For concerns regarding data processed by i5 Health on behalf of other organisations please contact the relevant organisation directly.
Please note i5 Health cannot deal directly with subject access requests and freedom of information requests related to data they process on behalf of other data controllers which is received pseudonymised or de-identified.
NHS HEALTH DATA
i5 Health holds personal data in the form of pseudonymised Secondary Uses Services (SUS), Hospital Episode Statistics (HES) and Community Services Data Set (CSDS) data, provided under agreement with NHS England. The data is obtained from NHS hospital trusts and community services and is in a form where identifiable data has been removed. This means that individuals cannot be readily or easily identified. The data is retained under a data sharing agreement with NHS England and will be destroyed on termination of this agreement.
i5 Health uses historic SUS and HES data to develop algorithm tools that can be applied to NHS Data to produce reports used for decision making for the fulfilment of a positive health outcome and advanced health and social care data orchestration. We also use this data for building predictive tools to identify patients with a high risk of undiagnosed conditions to support early discovery of diseases and to slow down disease progression.
One of i5 Health’s key focuses is identifying service gaps in healthcare, particularly in deprived areas or where insufficient choice exists. Service gaps include designing new out-of-hospital services, social prescribing, community nursing support, remote monitoring, screening programs, COVID-19 shielding programs and others. We also identify procedures that have undesired outcomes to support the development of guidance for NICE.
The data is processed on the basis of legitimate interest as patients would reasonably expect information about hospital treatment to be used to improve care. The risks of using pseudonymised data are considered to be proportionate to the benefits – ultimately saving lives and reducing harm.
The data is held for a specific period of time (retention period) and purpose of processing SUS, HES and CSDS as indicated in the Data Sharing Agreement with NHS England. Up to date information can be found in the Data Uses Register
i5 Health holds pseudonymised data for the purpose of statistical processing and algorithm development under Article 9 of the GDPR and have exemption under Article 11 from processing subject access requests, see GDPR Guidance
INTERNAL USE OF DATA
WEB SITE
In running and maintaining our website we may collect and process the following data about you:
• Information about your use of our site including details of your visits such as pages viewed and the resources that you access. Such information includes traffic data, location data and other communication data.
• Information provided voluntarily by you. For example, when you register for information or our free AI prediction tools.
• Information that you provide when you communicate with us by any other means
USE OF COOKIES
Cookies provide information regarding the computer used by a visitor – and are used to remember preferences and settings. i5 Health may also use cookies where appropriate to gather information about your computer in order to assist us in improving our website.
You can adjust the settings on your computer to decline any cookies if you wish. This can be done within the “settings” section of your computer. For more information please read the advice at AboutCookies.org.
EMPLOYEE RECORDS
i5 Health holds employee records as required for the correct and legal operation of the business. These are not shared with other organisations unless consent is given – or there is a statutory requirement.
BUSINESS RECORDS
i5 Health holds data about its clients as required to perform normal business operations. These include records of business letters and other communications. These records are not shared with other organizations unless consent is provided, statutory requirement, to fulfil obligations to the client.
We also hold details of organisations and contacts with which they have entered into meaningful discussions or negotiations. These are not shared with other organisations.
SECURITY, MANAGEMENT AND STORAGE OF INFORMATION
i5 Health policies, procedures, information governance and information security management system has been audited by NHS England and can be accessed here: NHS England Data Sharing Remote Audit: i5 Health Limited - NHS England
REQUESTING ACCESS TO PERSONAL DATA
Under data protection legislation, you have the right to make a ‘subject access request’ to gain access to personal data about You that we hold. If You make a subject access request, and if we hold personal data about You, we will:
• Tell You what it is
• Tell You why we are holding and processing it, and how long we will keep it for
• Tell You who it has been, or will be, shared with
• Let You know whether any automated decision-making is being applied to the data, and any consequences of this
• Give You a copy of the information in an intelligible form
If You would like to make a request, please contact dataprotection@i5health.com.
COMPLAINTS
You also have the right to:
• Object to processing of personal data that is likely to cause, or is causing, damage or distress
• Prevent processing for the purpose of direct marketing
• Object to decisions being taken by automated means
• In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed
• Claim compensation for damages caused by a breach of the Data Protection regulations
To exercise any of these rights, please raise this, in the first instance, with the Data Protection Officer who can be contacted at support@i5health.com or by mail at the registered office address. Alternatively, you can make a complaint to the Information Commissioner’s Office:
• Report a concern online at ICO
• Call 0303 123 1113
• Or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
DATA PROTECTION OFFICER
i5 Health have appointed Harald Braun as the data protection officer: dataprotection@i5health.com