This service is also known as Apply for proxy access and Manage health services for others.
This minor update is to reflect some small changes to our privacy policy because of content changes in the service.
1. How we use your personal data
This privacy policy explains how we use your personal data when you use the Proxy application service. You can use this online service to apply to give someone access to your health services, for example managing appointments, prescriptions or medical information, or get access to someone else's GP services.
This service is available on the NHS website.
You should read this policy alongside the terms of use for this service.
2. Terms we use in this policy
You may find it helpful to understand these terms when reading this policy.
- Data is "processed" when any action is taken with it. For example, when it is collected or reviewed.
- A "controller" is an organisation or person that decides what data is processed. They also decide how and why this needs to be done. They are legally responsible for that data.
- A controller may appoint a "processor". This is another organisation or person that processes data under the instruction of the controller.
- A processor may also sub-contract some of its data processing activities to another organisation under a written contract. This other organisation is a "sub-processor".
- "Special category data" is personal information that has more legal protection, including data about your health.
You can find out more about these terms on the Information Commissioner's Office website.
3. About the Proxy application service
This service is provided by NHS England.
The Proxy application service can be used by:
- a patient aged 16 or over applying to nominate someone aged 16 or over to have access to their health services
- a patient aged 16 or over applying to request access to the health services of someone else aged 16 or over
- a patient aged 13 or over to apply to request access to the health services of a child they have parental responsibility for
If you are applying to get access for someone aged 11 or over, you should talk to the person you're applying about so that they are aware of the application being made.
Patients aged 11 or over have capacity to consent, unless their GP or a court agrees they do not. Capacity to consent means someone can understand enough to make an informed decision on whether they want you to have access.
The GP surgery will contact the patient to get their consent before giving you access.
If they do not have capacity to consent, because for example they have a condition like dementia or a severe learning disability that affects their understanding, the GP surgery will decide whether your access is in the best interests of the patient. They may contact you for more information, look at medical records or speak to the patient when they are assessing your application.
4. Our role and legal basis
NHS England provides the Proxy application service as a "processor" on behalf of, and under contract to, your GP surgery (the controller). This means that we can only process your personal data according to the instructions given to us by your GP surgery when delivering this service.
Section 270 (1) (d) of the Health and Social Care Act 2012 allows NHS England to provide new services to improve health and care in England. This is our legal basis for providing this service.
NHS England is the "controller" for the following services which are used to provide the Proxy application service:
- the Personal Demographics Service (PDS) which is the national electronic database of NHS patient details such as name, address, date of birth and NHS number (known as demographic information).
- NHS login which provides patients with a simple, secure and re-usable way to access multiple digital health and care services. About NHS login.
You can access the Proxy application service on the NHS website using your NHS login details. When you sign in using NHS login, we will ask your permission to share your NHS login information with our service. This allows us to fill in some personal details for you, such as your NHS number and contact details.
We will not use your NHS login information for any other purposes. You can only share your NHS login information if you have proved your identity to NHS login.
For more information, see the NHS login privacy notice and terms and conditions.
5. What data we collect
To provide the Proxy application service we need to collect or process:
- Proxy application service data: This is the data you provide to the service when you apply to give someone access to your health services or get access to someone else's health services. This may include special categories of data relating to health if you choose to provide this.
- NHS login account information: such as your NHS number, your NHS login identity proofing level and your contact details.
- Proxy application service log/audit data: This is information collected against your session ID when you use the service, such as the time of use, actions you took using the service, and associated technical log events.
- Proxy application service performance data: Your IP address is sent to Adobe (our sub-processor) so that we can improve the service but it is not stored so users cannot be identified from this data.
- Proxy application service metadata: We keep a record of: the date and time you submitted your application; your application reference number; your NHS login identity proofing level; the checks we made to match you and the person you named in your application to your Personal Demographics Service (PDS) records including your NHS numbers, ages and the organisation code for your current GP surgery. We also record the success or failure of your application.
6. How we use your data
6.1 NHS login data
The Proxy application service uses NHS login to prove who you are to the highest level of identity verification. When we send your application to your GP surgery they know the application has come from you. The service also uses your NHS login information to find your patient record on the Personal Demographics Service (PDS) database, and to get your contact details.
6.2 Personal Demographics Service (PDS) data
The Proxy application service finds your patient record on PDS. It checks your name, NHS number, date of birth and your current GP surgery, to check you are eligible to use this service and your GP surgery is taking part in the pilot.
The service checks the information you enter about the person you name in your application. It checks either their name, date of birth, postcode, and current GP surgery, or their NHS number, date of birth and current GP surgery. This is done to check this person is eligible for this service and that you are both registered at the same GP surgery.
The service checks for contact details to include in your application which are sent to your GP surgery, so they can process the application.
Your contact details are also used to send information about your application to you.
The contact details of the person you name in your application are used to send information about your application to them, if they are aged 16 or over.
6.3 Securely send your application to your GP surgery
The service uses NHS mail to securely send your application to your GP surgery. This includes NHS login data, PDS data, and data you have entered as part of your application.
6.4 Send an email and text confirmation
6.4.1 When you apply to give someone access to your health services
When you have successfully submitted your application, the service will send you a copy of the application to your email address(es) stored on NHS login and a text message about your application, using the mobile phone number stored on NHS login. This is done using GOV.UK Notify (our sub-processor). Find out more about security on Notify.
You will only see the information you entered as part of your application in the copy you receive. You will not see any information about the person you want to give access to.
The person you want to give access to will also receive an email about the application, and a text message, if they have this contact information stored on PDS. This email will only show your name and what services you've requested to give them access to. They will not see your contact details, or any other data retrieved from NHS login or your PDS record, in the text or email they receive.
6.4.2 When you apply to get access to an adult's health services
When you have successfully submitted your application, the service will send you and the patient a copy of the application, to the email address(es) stored on NHS login or PDS.
If a mobile phone number is found on PDS, the service will send the patient a text message, using gov.uk Notify. Find out more about security on Notify.
The patient will only see your name and the details you entered in the application. They will not see your contact details, or any other data retrieved from NHS login or PDS, in the text or email they receive.
You will only see the information you entered as part of your application in the copy you receive. You will not see any patient information retrieved from NHS login or PDS.
6.4.3 When you apply to get access to a child's health services
When you have successfully submitted your application, the service will send you a copy of the application, to the email address(es) stored on NHS login or PDS.
We do not send any information to the child you are applying about.
6.5 Service improvement, audit and troubleshooting
We look at how the service is being used to help us make it better. We store some of the information you enter, which is not identifiable, to see how people are using the service. This includes information you enter in any free text boxes.
We put small files called "analytic cookies" on to your device. These cookies are optional. The information collected includes: the type of device you used, your browser type, your operating system, the date/time you used the service and how you interacted with the service. For more information, see our cookie policy.
We also store technical log data for audit and troubleshooting (bug/fix) purposes and to make improvements to the service.
The personal data collected by the service will be de-identified and analysed to optimize the service and for policy developments. Information on how many people use the service and its performance will also be used to publish anonymous statistical dashboards. See log/audit data for more information.
7. How long we keep data for
Category of information | How long we keep it for and why |
---|---|
Proxy application service application data - non-identifiable data |
We do not store any identifiable information after your application is sent to your GP surgery. We store non-identifiable information indefinitely to track performance of the service so we can improve it. This includes options you chose in your application, and any free text you entered. We also store calculated age (applicant and named person) to track who is using the service. |
Proxy application service analytics data - non-identifiable data |
We store non-identifiable information about your use of the service indefinitely, to track performance and improve the service. This includes analytics data on the success or failure of the application, timeouts and other service performance data. |
Proxy application service performance data |
12 months |
NHS login account information |
2 years |
Personal Demographics Service data - demographic information (applicant and named person) |
We do not store any identifiable information after your application is sent to your GP surgery. We store calculated age (applicant and named person) and GP surgery information to track who is using the service. |
Proxy application service metadata |
We do not store any identifiable information after your application is sent to your GP surgery. We store non-identifiable information indefinitely to track performance of the service so we can improve it. This includes options you chose in your application, and any free text you entered. We also store calculated age (applicant and named person) to track who is using the service. |
8. Where we store your data
We only store and process your personal data within the UK.
9. Personal data for which NHS England is the controller outside the scope of the Proxy application service
Category of information | How the data is used and handled |
---|---|
NHS login account information |
|
NHS demographic information |
10. Your rights
Data protection law provides you with a number of rights. You can exercise your rights by contacting NHS England's Data Protection Officer at england.contactus@nhs.net.
- Right to be informed – this privacy policy explains how we use your personal data to provide this service.
- Right of access – to get a copy of your data which we hold to provide this service, you can request this by completing a Subject Access Request (SAR).
- Right to rectification – if you want to change or withdraw your application after it is completed, contact your GP surgery.
- Right to restrict processing – if you want to change or withdraw your application after it is completed, contact your GP surgery.
- Right to withdraw consent – you have the right to withdraw consent for analytical cookies to be placed on your device by selecting "Reject analytics cookies". See the NHS website cookie policy.
11. Who to contact with questions about your privacy
For any questions about your application data after you have submitted your application, contact your GP surgery.
Visit NHS login privacy notice for any questions about NHS login data.
12. Complaints
You can contact our Data Protection Officer to make a complaint:
By email
By post
Data Protection Officer
7 and 8 Wellington Place
Leeds
West Yorkshire
LS1 4AP
We ask that you try to resolve any issues with us first, although you have a right to lodge a complaint with the Information Commissioner's Office (ICO) at any time. The ICO is the UK regulator for data protection and upholds information rights.
13. Changes to the privacy policy
We may make changes to this notice. If we do, the version and date on this page will also change. Any changes to this notice will apply immediately from the date of any change.