FAIL (the browser should render some flash content, not this).


General Data Protection Regulation (GDPR)

What is GDPR?

The General Data Protection Regulation (GDPR) is a new regulation which is intended to strengthen and unify data protection for all individuals.

At CHESTNI, we are committed to ensuring the protection of your personal information. In accordance with GDPR guidelines, our aim is to have safeguards in place to protect your privacy and ensure that you feel confident about the security of the personal data which you provide to us.

Data Protection Privacy Notice

This privacy notice is to let you know how we will look after your personal information.
If we provide you with a medical service, then we will use your personal information in the ways set out in this privacy notice.
Under Data Protection Laws, we can only process your personal information where we have a proper reason for doing so, such as:-
• it is in our legitimate interests to do so – for example a legitimate interest is when we have a reason to use your information to provide treatment or care and order medical tests
• we are required to do so by law i.e. a legal obligation
• you have entered a contract with us for a service
• in the public interest – where this has a clear basis in law
• vital interests – for example protection of life in a medical emergency

What personal data do we collect?

Personal data is any information that is identifiable as belonging to you.

CHESTNI will request personal data from patients attending the clinic for an outpatient or procedure, for the sole purpose of creating a medical file on the individual patient.

Personal data collected may include:-
• Patient’s name
• Title
• Date of birth
• Address
• Health + Care Number
• Contact telephone number
• GP name & address
• Private health insurance company, account number and authorisation code
• Email address

Why do we collect data and who are the recipients of the data?

We collect data for Dr Warke, the Consultant in charge of your care, and to enable him to provide continuing care via your General Practitioner.
Financial and health insurance data is collected for the purposes of payment of your medical bills. There is no cross border transfer of information.

The personal data held on file may be shared with:
The Clinic the patient is attending (Hillsborough Private Clinic).
The patient’s GP (who will already be in possession of the patient’s personal demographic data).
Any health professional who may be involved directly in the patient’s care.
Other private providers who may deliver investigations which could include the Ulster Independent Clinic, Belfast City Hospital and PEI Medical Distributors.
The Medical Insurance Company with whom the patient is insured.

How long will the data be retained?

Data will not be retained for any longer than is required.
We will retain your medical records for 7-10 years, as required by regulations (Access to Health Records Legislation (NI) Order 1993 and Records Management – Good Management Good Records. DHSS revised October 2015). Or in the case of a child, until their 25th birthday (or 26th Birthday if they were 17 years old at last attendance).

Individual Rights under GDPR

You have a number of rights under the Data Protection Laws in relation to the way we process your personal data, which are set out below.

1. Right to be Informed – This is provided through the privacy notice on our website and in the patient information file in the waiting room.
2. Right of Access – You have the right to access your personal data and supplementary information. We will aim to respond to any request received from you within one month from your request, although this may be extended in some circumstances in line with Data Protection Laws. If you wish to obtain access to your file, you must write to us at the address below. Access to your data will usually be provided free of charge, although in certain circumstances we may make a small charge where we are entitled to do so under Data Protection Laws.
3. Right to Rectification – The right to ask us to correct your information if you think the information that we hold about you is wrong or incomplete. We will respond within one month.
4. Right to Erasure – The right to object to our use of your information, or to ask us to delete, remove or stop keeping it if there is no need for us to keep it. This is known as the ‘right to object’, the ‘right to erasure’ or the ‘right to be forgotten’. There may however be legal or regulatory reasons why we need to keep or use your information.
5. Right to Restrict processing – We may sometimes be able to restrict the use of your information so that it is only used for legal claims or to exercise legal rights. In these situations, we would not use or share your information while it is restricted.
6. Right to Data Portability – The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services.
7. Right to Object – Individuals have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority. There is a contractual requirement when patients attend Dr Warke for their personal data to be processed in order to provide medical care and treatment.
8. Right not to be evaluated on the basis of automated processing – Patients who attend Dr Warke will not be evaluated on the basis of automated processing nor is any decision making automated.

Patients will be communicated with only with relevant information to their ongoing health needs. There will be no otherwise unsolicited communications and no details are ever passed on to other third parties that are not directly involved in the patient's care. No personal details are used for any marketing purposes.


We may also collect information from you through the use of cookies. Cookies are small files which are stored on your computer browser. The cookie law is a piece of privacy legislation that requires websites to get consent from visitors to store or retrieve any information on a computer, smartphone or tablet for example, you may have a pop-up message informing you that this site uses cookies in combination with an acceptance/decline box, and it will be your decision whether you wish to accept or decline the use of the cookie.

Links from our website

This website may contain links to other websites. If you provide personal/sensitive data to a website to which we are linked to, we are not responsible for its protection and privacy. This privacy statement only applies to

Contact details

If you wish to exercise any of the above, please write to:-

Dr Warke’s Secretary
Orthoderm Clinic
2 Ballynahinch Road
BT26 6AR

(ICO Registration Number: Z9215476)

May 2018