Conditions of use for the myCareCentric PHR
These conditions of use (Conditions) govern your use of the myCareCentric PHR application (Application). By using this Application you agree to these Conditions. If you do not agree, then do not use the Application. Please read these Conditions carefully. The Application manufacturer reserves the right, at its sole discretion, to change, modify, add or remove portions of these Conditions of Use, at any time. It is your responsibility to check these Conditions of Use periodically for changes.
Ownership, licence and data controller details
The Application is the property of Graphnet Health Ltd and Shearwater Systems Ltd. On acceptance of these Conditions you will have a limited non-exclusive, non-transferable right to access and use the Application and accessible content for your own personal use only. Your Healthcare Provider which is identified in the Application is the data controller of the personal data processed by the Application (the Data Controller) and any issues should be raised directly with them.
How your identity will be confirmed and your access to the Application authorised
You login to verify your identity using the Microsoft™ Azure Active Directory B2C via an email or social media account (such as Facebook, Google, Microsoft or other Open ID compatible service provider).
No data is shared with your social media provider and the Application does not access any of your personal data held by your service provider.
There is then a two stage identity verification and authorisation process:
· you will receive an email to your account, a link or a login linked to your social media identity; and
· once you respond, your identity will be verified manually by the Data Controller in accordance with its information governance policies. Once your identity is confirmed the Data Controller will also require the unique code which will be sent to you via email and will enable activation of the full service.
What the Application will allow you and the Data Controller to do
You will be able to:
The Data Controller will be able to:
Where your personal data is held and for what purpose it will be used
The personal data that you add to your patient record will be held in the United Kingdom alongside your health record under the Data Controller’s control. It will be used for your personal care by health and social care professionals only as authorised by you.
If you have consented to your data being used, in a pseudonymised form for research purposes, then your data may be used for that purpose and could enable researchers to identify particular risks that could affect you and then notify those responsible for your care (insights).
Can I withdraw my consents and how may I do this?
Where the data you add is included in your health record then it may form part of the information available for use by those treating you and caring for you, and may constitute their necessary record supporting their professional decisions; such necessary data may not be erased.
You can stop providing your personal data at any time and you can delete the Application from your mobile device.
If you have consented to your data being used for research, you are able to withdraw this consent by contacting your Healthcare Provider as identified in the Application. This would not mean that the data already provided would be removed but it would be fully anonymised and it would longer be identifiable as your data. This would also mean that you would not be able to benefit from any insights but your previous data may still be of assistance in enabling researchers to find better treatments.