The Medreport group companies are providers of specialist outsourced services to the legal industry. Your legal representative has asked us to contact you to arrange an independent medical report and/ or to provide treatment or diagnostic services in relation to an injury claim.
This statement explains how we use your personal information in providing our services. Please read it carefully to ensure you understand our views and practices regarding your information, and how we will treat it.
Who we are
The group comprises Medreport Services Limited & Medcare Rehab Services Limited. This Privacy Statement is issued on behalf of the group so when we mention “Medreport Group”, “we”, “us” or “our” we are referring to the relevant company in the Group responsible for processing your data.
Our Data Protection Officers are Jenny Price and Leanne Hector and they can be contacted by emailing;
Lawful Basis for Processing your information
We will process your personal data on the lawful bases of Legitimate Interests.
By this, we mean that we believe that there is a legitimate reason for us to process your personal data and that doing so will not cause any harm to your rights and interests. Your legal representative will have made you aware of our involvement in your injury claim, you will have expected to hear from us, and you will have consented to us receiving and processing your data.
The Purpose for Processing:
We will need to process your personal data to provide our services. This may include:
- Sourcing medical records from healthcare providers
- Arranging for you to attend a medical examination with a medical expert
- Arranging for you to attend treatment and/ or diagnostic investigations (e.g, X-Rays)
- Receiving and quality-checking reports written by medical professional about you
- Providing you and your legal representatives with updates and information about the services we are providing
- Ensuring that we comply with our legal and regulatory obligations
- Defending any legal claim that may be brought against us
Information we collect:
By ‘information,’ we mean personal information about you that we collect, use, share, store and transfer in physical and electronic form including:
- Identity and contact information (your first name, last name, title, date of birth, email address, telephone numbers, addresses, and any other information you provide within your personal information through your solicitor or directly to us.
- Contact History, which means that we keep a record of what you have said to us, for example, over the phone, by email, or by letter.
- Information relating to your injury claim, as supplied to us by your legal representative.
- Information relating to your health, being your medical records if necessary, the independent medical report(s) that we arrange, and reports relating to any treatment or diagnostic tests that we have arranged.
Recipients of your information:
Except as expressly set out here we will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so and we will not transfer your information overseas unless asked to do so by your or your legal representative.
We will share your information with the following providers as an essential part of being able to provide our services to you:
- Companies in the Medreport Group such as Medreport Services Ltd & Medcare Rehab Services may provide services to you.
- Selected companies or third parties that help us fulfil our obligations to you such as medical experts and healthcare providers.
- Companies approved by you, including your legal representatives and the opponent in relation to your injury claim
We may also share your personal information with:
- law enforcement agencies, other governmental agencies or third parties if we are required by law to do so; and
- other business entities should we plan to merge with or be acquired by that business entity, or if we undergo a re-organisation with that entity.
Should we have to share information with third parties outside of the above, we will do so with anonymised information about our clients and, before we do so, we will make sure that it does not identify you.
Retaining your information
We will keep your information for as long as it is needed to be able to provide the services to you and until we are advised that your injury claim has concluded.
If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our contracts, we may also keep hold of some of your information as required, even after you have claim has been settled or treatment has completed or it is no longer needed to provide the services to you.
We are committed to ensuring that your information is secure.
In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect about you. All information is stored on our secure servers, shared only via secure link, email and/or via the post (where necessary) and backed up via a secure line to a data centre at 221 Hagley Road, Hayley Green, Halesowen, West Midlands, B63 1ED
At any time, you have the right:
- to request access to or a copy of any information which we hold about you
- to request rectification of your information, if you consider that it is inaccurate;
- to ask us to delete your information, if you consider that we do not have the right to hold it;
- to restrict processing of your information
- to object to your information being processed (in certain circumstances)
We will endeavour to respond within a reasonable period and in any event within one month in compliance with data protection legislation. We will comply with our legal obligations as regards your rights as a data subject. You may be asked to provide formal identification before we respond to your request.
We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change.
Questions, comments and requests are welcomed and should be addressed to
or
You can also send a letter by mail to:
The Data Protection Officer
Medreport Services Ltd,
1 & 2 Yeo Bank Business Park,
Kenn Road,
Clevedon,
North Somerset,
BS21 6UW
If you have any concerns about our use of your information, you also have the right to make a complaint to the data protection regulator in the UK.
Any changes we make to our Privacy Policy in the future will be posted on our website. This Privacy Policy was last updated on 22/05/2018.
What personal data we collect and why we collect it
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
Who we share your data with
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
Additional information
How we protect your data
What data breach procedures we have in place
What third parties we receive data from
What automated decision making and/or profiling we do with user data
Industry regulatory disclosure requirements