Privacy Policy

Diagnostic World Ltd
Last Updated: [03.07.2026]

Who We Are

Diagnostic World Ltd provides diagnostic healthcare services, including ultrasound and echocardiography, on behalf of NHS organisations and other healthcare providers.

We are committed to protecting your personal data and respecting your privacy. This Privacy Notice explains how we collect, use, store, protect, and share your personal information in line with:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • NHS Information Governance requirements

Contact Details

Diagnostic World Ltd
Email: info@diagnosticworld.com
Website: www.diagnosticworld.com

Data Protection Lead

Email: privacy@diagnosticworld.com

How We Receive Your Information

We may receive personal information about you from:

  • GP Practices
  • NHS Trusts
  • Community Diagnostic Centres (CDCs)
  • Integrated Care Boards (ICBs)
  • Hospitals and healthcare providers
  • Referring healthcare professionals
  • Directly from you (e.g. enquiries, website contact forms)

Information We Collect

Personal Information

We may collect:

  • Full name
  • Date of birth
  • NHS Number
  • Address
  • Telephone number
  • Email address
  • GP details

Health Information (Special Category Data)

We may process:

  • Referral information
  • Medical history relevant to your care
  • Diagnostic images (ultrasound, echocardiography)
  • Clinical findings and reports
  • Appointment and attendance records

Website Information

When using our website:

  • IP address
  • Device and browser type
  • Website usage data
  • Cookies and tracking technologies

Why We Use Your Information

We use personal data to:

  • Receive and process referrals
  • Arrange and manage appointments
  • Deliver diagnostic services and clinical reporting
  • Communicate with patients and healthcare professionals
  • Support patient care and clinical decision-making
  • Respond to enquiries, feedback, and complaints
  • Monitor, audit, and improve service quality and safety
  • Meet NHS contractual, legal and regulatory obligations
  • Prevent fraud and maintain system security

Legal Basis for Processing

We process personal data under the following lawful bases:

  • Article 6(1)(e) – Public task (provision of healthcare services)
  • Article 6(1)(c) – Legal obligation
  • Article 9(2)(h) – Health or social care provision (special category data)

Where applicable (e.g. website cookies or marketing), we rely on:

  • Consent (Article 6(1)(a))

Data Protection Principles

We ensure that personal data is:

  • Processed lawfully, fairly and transparently
  • Collected for specified, legitimate purposes
  • Limited to what is necessary (data minimisation)
  • Accurate and kept up to date
  • Retained only as long as necessary
  • Processed securely and confidentially

Who We Share Information With

We may share information where necessary with:

  • NHS Trusts and GP Practices
  • Referring and reporting clinicians
  • Community Diagnostic Centres and ICBs
  • Clinical and IT system providers (e.g. PACS, RIS providers)
  • Regulatory bodies (e.g. CQC)
  • Law enforcement where legally required

We only share the minimum necessary data and ensure all partners meet data protection and security standards.

Diagnostic World Ltd does not sell personal data.

International Transfers

We do not routinely transfer personal data outside the UK.
If this becomes necessary, we will ensure appropriate safeguards are in place in accordance with UK GDPR.

Keeping Your Information Secure

We apply robust technical and organisational security measures, including:

  • Secure NHS-aligned clinical systems
  • Role-based access controls
  • Multi-factor authentication
  • Encryption of data in transit and at rest
  • Staff confidentiality agreements
  • Mandatory Information Governance training
  • Regular audits and monitoring

How Long We Keep Information

We retain records in line with:

  • NHS Records Management Code of Practice
  • Legal and regulatory requirements
  • NHS contractual obligations

Data is securely deleted or destroyed when no longer required.

Your Rights

Under UK GDPR, you have the right to:

  • Be informed about how your data is used
  • Access your personal data
  • Request correction of inaccurate data
  • Request erasure (where applicable)
  • Restrict processing in certain circumstances
  • Object to processing (including certain non-clinical uses)
  • Data portability (where applicable)

Right to Opt Out

You have the right to opt out of your personal data being used for purposes beyond your direct care, including:

  • Service planning and audit (where applicable)
  • Research (unless required by law or anonymised)

You can also register a National Data Opt-Out via the NHS.

Please note:
Your data will still be used where necessary for direct care, legal obligations, or patient safety.

Subject Access Requests (SARs)

You can request a copy of the personal data we hold about you.

Contact:
Email: privacy@diagnosticworld.com

We may require proof of identity before releasing information.
We aim to respond within one month, in line with UK GDPR.

Complaints

We take data protection and confidentiality seriously.

If you have any concerns about how your information is handled, please contact us first:

Diagnostic World Ltd
Email: privacy@diagnosticworld.com

We will:

  • Acknowledge your complaint promptly
  • Investigate fairly and transparently
  • Provide a response within appropriate timeframes

If your concern relates to an NHS service, you may also contact the relevant NHS organisation.

Escalation to the ICO

If you remain dissatisfied, you have the right to complain to:

Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113
Website: https://ico.org.uk

Cookies

Our website uses cookies to:

  • Ensure functionality
  • Improve performance
  • Enhance user experience

You can manage or withdraw cookie consent via your browser settings or cookie banner.

Further details are available in our Cookie Policy.

Changes to This Privacy Notice

We may update this Privacy Notice to reflect:

  • Changes in legislation
  • NHS guidance
  • Service developments

The latest version will always be published on our website.

Commitment to Privacy

Diagnostic World Ltd is committed to maintaining the highest standards of:

  • Data protection
  • Information governance
  • Patient confidentiality