ERS Medical respects your rights to data privacy and data protection when you communicate (online or offline) with us through our website, Contact Centre of Operations and our ambulance and courier staff as they complete their work.
What is a Privacy Notice?
To ensure that we process your personal data fairly and lawfully we are required to inform you:
This information also explains what rights you have to control how we use your information.
The law determines how organisations can use personal information. The key laws are: The Data Protection Act (DPA), the Human Rights Act (HRA), relevant health service legislation, and the common law duty of confidentiality.
ERS Medical is a ‘Data Processor’ and depending on the data a ‘Data Controller’ , for the purposes of the Data Protection Act.
ERS Medical recognises the importance of protecting all personal and confidential information in all that we do, and takes care to meet its legal duties.
This part of the fair processing notice outlines the management of the notice, contact details and other access to information legislation.
How we control data
ERS Medical has a extensive Business Management System (BMS), which has policies, procedures and work instructions, detailing how we provide strict controls on both Data Security and Information Governance. The specific sections of our BMS that covers these areas are:
Complaints About how we Process Your Personal Information
In the first instance, you should contact the ERS Medical Contact Centre of Operations on 0333 240 4999 or by accessing our webpage at:
The ERS Medical Contact Centre of Operations is open 24 hours a day 365 day a year, to receive and handle your call.
What Information Do We Collect?
Find out what types of information ERS Medical will collect about you, what personal data we handle and what we do with that information when we have it.
What Information ERS Medical collects about you.
We only collect and use your information for the lawful purposes of administering the business of NHS England. These purposes include:
What types of personal data does ERS Medical handle?
We process personal information to enable us to support the provision of healthcare services to patients, maintain our own accounts and records, promote our service, and to support and manage our employees. We also process personal information about health care workers that deliver services throughout ERS Medical.
We also use information to support and monitor commissioned health services in England and Scotland to enable us to deliver high quality healthcare. This type of information will usually be provided by and to the NHS in an aggregate or anonymised form, so that we cannot identify an individual.
The types of personal information we use include:
We may also process sensitive classes of information that may include:
This information will generally relate to our staff. In terms of patient information, information may include:
How will ERS Medical use information about you?
Your information is used to run and improve ERS Medical. It may be used to:
We may keep your information in written form or on a computer. Whenever possible all information that identifies you will be removed.
Sharing your information
There are a number of reasons why we share information. This can be due to:
ERS Medical will only retain information for as long as necessary. Records are maintained in line with our internal retention schedule which determines the length of time records should be kept.
Security of your information
We take our duty to protect your personal information and confidentiality seriously. We are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible, whether computerised or on paper.
We have appointed a Senior Information Risk Owner (SIRO) who is accountable for the management of all information assets and any associated risks and incidents, and a ‘Caldicott Guardian’ who is responsible for the management of patient information and patient confidentiality.
All staff are required to undertake annual information governance training.
Under the ERS Medical Handbook and Code of Conduct, all our staff are also required to protect your information, and inform you of how your information will be used. This includes, in most circumstances, allowing you to decide if and how your information can be shared.
Everyone working for ERS Medical is subject to the common law duty of confidentiality. Information provided in confidence will only be used for the purposes advised and consented to by the service user, unless it is required or permitted by the law.
Information for job applicants
ERS Medical will process information provided by applicants for the management of their application and the subsequent selection process. This involves providing details to the short-listing and selection panels. Other details are kept to help fulfil our obligations to monitor equality and diversity within the organisation and in the application process.
For more information about your application and personal data contact our Contact Centre of Operations on 0333 240 4999.
or by accessing our webpage at:
How to Access Your Information
The Data Protection Act and the General Data Protection Regulations (GDPR) gives you the right to see the information that ERS Medical or any organisation holds about you and why.
Right of Access (Subject Access Request)
The Data Protection Act and the General Data Protection Regulations (GDPR) gives you the right to see the information that ERS Medical holds about you and why. These are commonly referred to as Subject Access Requests and these requests must be made in writing to ERS Medical and you will need to provide us with:
Where a fee is applicable under the terms of the Data Protection Act and subsequent legislation, we will inform you in writing. In due course our disbursement scheme (which outlines these fees) will be available.
We aim to comply with requests for access to personal data as quickly as possible. We will endeavour to deal with all requests within 1 month of receipt, unless the request is highly complex, where we may need to extend this period out. If this occurs we will contact the applicant and explain the why the extension is necessary.
We want to make sure that your personal information is accurate and up to date. If you think any information is inaccurate or incorrect then please let us know through or Contact Centre of Operations (CCO) on 0333 240 4999
or by accessing our webpage at: