top of page

Privacy Policy

Mediscan Diagnostic Services Ltd (“we”, “our”, “us”) is committed to protecting the privacy and confidentiality of all our patients and website visitors. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and Care Quality Commission (CQC) standards.
 

1. Who We Are

Mediscan Diagnostic Services Ltd is a private medical ultrasound clinic based in Manchester, providing a range of diagnostic ultrasound services including pregnancy scans, abdominal scans, musculoskeletal scans, and lump assessments.

  • Company Name: Mediscan Diagnostic Services Ltd

  • Address: Tameside Business Park, Windmill Lane, Denton, United Kingdom, M34 3QS

  • Contact Email: mediscan.diagnostic@nhs.net

  • Telephone: 0161 820 1123
     

2. What Information We Collect

We may collect and process the following types of personal data:

  • Personal Identification Data: Name, date of birth, gender, address, contact details.

  • Health Data (Special Category Data): Medical history, referral details, ultrasound scan images, clinical notes, and diagnostic reports.

  • Financial Information: Payment details for services.

  • Technical Data: IP address, browser type, and website usage (for security and website optimisation).
     

3. How We Collect Your Information

We collect information in the following ways:

  • Directly from you when you book an appointment, attend our clinic, or contact us by phone, email, or website.

  • From healthcare professionals (e.g., GPs or consultants) where you have provided consent.

  • Through our website forms when you enquire or register online.
     

4. Why We Process Your Information

We process your information for the following lawful purposes:

  • To provide diagnostic ultrasound and related healthcare services.

  • To create and maintain accurate medical records.

  • To communicate with you about appointments, reports, and results.

  • To comply with our legal and regulatory obligations (CQC, HMRC, ICO).

  • For clinical audit, service improvement, and quality monitoring.

  • For payment processing and invoicing.

  • With your explicit consent, to share medical reports with your GP or other healthcare providers.
     

5. Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Article 6(1)(b): Processing is necessary for the performance of a contract (providing healthcare services).

  • Article 6(1)(c): Processing is necessary for compliance with a legal obligation (CQC, HMRC requirements).

  • Article 6(1)(f): Processing is necessary for our legitimate interests (improving services).

  • Article 9(2)(h): Processing of special category data (health information) is necessary for the provision of healthcare and diagnostic services.
     

6. How We Protect Your Information

  • All patient records are stored securely in encrypted systems.

  • Access is restricted to authorised staff only.

  • Staff receive regular training in data protection, confidentiality, and information governance.

  • We follow NHS Digital’s Data Security & Protection Toolkit standards.

  • Paper records (if any) are locked securely and disposed of using confidential waste processes.
     

7. How We Share Your Information

We may share your personal information with:

  • Consultant Radiologists and Sonographers for reporting and clinical review.

  • Your GP or referring clinician (with your consent).

  • Regulatory bodies (CQC, HMRC, ICO) where legally required.

  • Our IT, payment, and administrative service providers under strict confidentiality agreements.

We do not sell or share personal information with third parties for marketing purposes.
 

8. How Long We Keep Your Information

  • Medical records are retained in accordance with NHS Records Management Code of Practice (currently a minimum of 8 years for adult medical records, longer for maternity/children’s scans).

  • Financial records are retained for 6 years in line with HMRC requirements.

  • After retention periods expire, records are securely destroyed.
     

9. Your Rights

Under UK GDPR, you have the following rights:

  • Right to access your personal data.

  • Right to rectification of inaccurate data.

  • Right to erasure (in certain circumstances).

  • Right to restrict or object to processing.

  • Right to data portability.

  • Right to withdraw consent (where consent is the basis of processing).

  • Right to lodge a complaint with the Information Commissioner’s Office (ICO).

For requests, please contact us at mediscan.diagnostic@nhs.net.
 

10. Cookies & Website Data

Our website may use cookies to enhance user experience and collect anonymised usage data. You can control cookie settings through your browser.
 

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The most recent version will always be available on our website.
 

12. Contact Us

If you have any questions or concerns about how we handle your data, please contact:

Data Protection Officer
Mediscan Diagnostic Services Ltd
Tameside Business Park, Windmill Lane, Denton, United Kingdom, M34 3QS
Email: mediscan.diagnostic@nhs.net
Phone: 0161 820 1123

If you remain dissatisfied, you can contact the ICO: www.ico.org.uk

bottom of page