PrimaryPoint uses the information collected by the NHS Midlands and Lancashire Commissioning Support Unit (MLCSU) to operate, maintain, and provide the features and functionality of the website and customer portal.
PrimaryPoint is an online portal which provides access to a range of MLCSU services developed for primary care organisations. It consists of the PrimaryPoint website where MLCSU promote its primary care-related services to non-customers, as well as a log-in point for customers into the PrimaryPoint portal to access specific services. Customer organisations, with an active account, can access to a suite of policies, procedures, information, toolkits, and guidance for primary care across a wide range of services.
When you sign up to our PrimaryPoint services as a customer, an organisation account is set up by MLCSU using your key commercial information such as: name of organisation, address, postcode, telephone number, email address, website address and the name of key contact individuals within your organisation.. This is all information that would be readily available within the public domain.
Each customer organisation is allocated a unique authorisation code, which only enables access to users from that specific organisation, with the code deemed invalid if utilised by another organisation. The code is a unique identifier and can only be supplied by MLCSU staff with system administrator access. The code alone will not identify which organisation it relates to.
To create an account, staff from customer organisations can self-register by completing the required form on the PrimaryPoint portal, which requires full name and valid work email address (this will be the username). No other personal information is stored or retained by the portal.
We will collect all personal data, within a work context, to the extent that it is required for the specific purpose made clear to you at the time. If you contact us via the portal, we will keep a record of that contact including your contact details, which can only be accessed by MLCSU staff with system administrator access rights. In addition to your access details, we will log details of your interactions with us including via the portal and this is to help us to audit our systems and processes all in line with contractual obligations.
The legal basis for processing this data for the purposes of portal account creation forms part of contractual obligation and is defined under Article 6 (1) (b) of the General Data Protection Regulation (GDPR) and implemented into the Data Protection Act 2018 and is summarised as “ processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.”
We may use your personal data in order to:
We will not use your personal data or make it available to any third party without your prior consent except that:
We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction. We will not transfer your personal data outside the EU.
You have the following rights under the Data Protection Act 2018 in respect of your personal data held by MLCSU
For any concerns relating to the way we use to provide customers with access to this portal, or queries relating to this privacy notice, please contact the Data Protection Officer for the MLCSU:
Hayley Gidman, Head of Information Governance, MLCSU, Heron House, 120 Grove Road, Fenton, Stoke-on-Trent ST4 4LX
Tel: 01782 872648
You have the right to take any complaints about how we use your personal data to the Information Commissioner:
Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9
Tel: 0303 123 1113
We reserve the right to amend this Privacy Statement from time to time without prior notice. You are advised to check the Site regularly for any amendments (but NB amendments will not be made retrospectively).