This page describes how we manage your health information. For information about how we process training information, click here.
What type of information do we collect?
Precision Health receive, collect and store health information via our data processor, Meddbase. In addition to basic internet information (Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information), we collect your health data. Health data may include personal information about your age, gender, contact details and other demographics. Health data also includes health measurements, survey responses and results processed by our lab partners.
How do we collect information?
During sign-up, you provide your personal details and password. When you attend a health appointment or complete an online questionnaire, we collect additional data. We endeavour to collect only the information that is required to provide the health service.
Why do we collect such personal and sensitive information?
Precision Health offer a health advisory service to you and to your employer. Collecting and processing health data is an essential part of this activity.
How do Precision Health store, use, share and disclose our client's health information?
Your data is processed by Meddbase, who own and operate the software platform. Meddbase is a GDPR-compliant data processor based in the UK (read their data security policy here). Precision Health has a data processing agreement with Meddbase to process your data according to GDPR regulations. You have the all the rights of access, integrity and security that your data would have if processed and stored within the EU.
Precision Health is a Data Controller, registered with the Data Commissioner of Ireland. Precision Health personnel with appropriate access right may access your data for the purpose of processing your appointment, health advisory or other health services. Access control is monitored, recorded and verified.
Does Precision Health share my data with any other parties?
As part of the health advisory service, your data (Name, Date of Birth, Reference Number) may be shared with our lab partner, who will process your pathology sample and pass the result(s) to Precision Health. Any lab partner contracted by Precision Health in this way will be required to process your data in accordance with GDPR regulations.
Precision Health will shared anonymised aggregate data with your employer or insurer to contribute to the planning of health interventions in the workplace. You will not be identifiable in this data.
Precision Health is required to securely maintain your data for a period consistent with the original purpose of the data. At the end fo the retention period, your data will be deleted. Our retention periods are:
Health Screening Data - 2 years (this includes health surveys and measurements without any ongoing doctor-patient relationship)
Health Treatment Data - 7 years (this includes any data gathered as part of a commitment to a doctor-patient relationship or treatment eg. vaccinations, clinical consultations)
Occupational Health Data - for as long as Precision Health maintains a contractual relationship with your employer. In the event our contractual relationship with your employer ends, your data will be passed to the incoming Occupational Health provider, following verification of their commitment to controlling your data according to GDPR regulations.
Questions and contact information
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at firstname.lastname@example.org