Privacy notice

This policy was last updated on 30th Nov 2023. The updates included:

• Increasing visibility around data usage when resources are rated.

1. Background

This privacy notice is for the 'explain medical letters' service (also known as 'explain.health'). If you have discovered this service while browsing the internet, you should not use it. This service exists as part of a research study and is not intended for use by the public.

We understand that your privacy is important to you, especially for medical information. This policy sets out what information we collect, how we and our associated parties process that information, and why we process information.

If you have any questions about this policy, you should contact the research team using the details on your participant information sheet.

2. What are your rights?

Personal data is defined in law as any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly. This means, for example, that the medical letters you might upload to this service would be personal data.

Under the GDPR, which lays out regulations around personal data, you, as an individual, have 8 key rights [external link]. This application is designed to respect these rights.

3. What information do we collect?

3.1. When you browse the website as a visitor

We collect:

• The IP address of your network.
  • This is an identifier of your computer or network when it is online. We store this data in a way which is designed to make it harder to directly identify you. To do this, the final octet of the IP address is removed. For example, if your IP address were 192.168.1.49, it would be masked to 192.168.1.XXX.
  • Our lawful basis for processing this data is our 'legitimate interest' to understand whether the site is being used, and to manage traffic and security accordingly.
• Details of whether you have entered the correct password to log into the site.
  • This is carried out using a cookie - a small text file which is stored on your computer and contains the password you used to access the site.
  • Our lawful basis for processing this data is your 'consent'. When you enter a password to access this website, you will be asked to consent to the required cookie being stored.
• Information about your computer
  • We collect information about which operating system and web browser you are using. We might link this to your administration account credentials, if you are logged in.
  • Our lawful basis for processing this data is our 'legitimate interest' to understand whether errors experienced while browsing the site are linked to how users are accessing the site.

3.2. When you upload a medical letter

In addition to section 3.1, we collect:

• Your name, diagnosis, and any other medical data contained within your letter.
  • We use this information to search our database for resources to show to you. We don't store this data for longer than is necessary, but this data may appear in system usage logs from time to time. In these logs, we take appropriate measures to ensure that it is difficult to link back to your identity.
  • Our lawful basis for processing this data is your 'consent'.

3.3. When you rate or report resources

When you click to give us feedback on a resource ('Helpful', 'Not helpful', or 'Not relevant'), in addition to section 3.1 and 3.2, we may collect and associate together:

• The IP address of your network.
  • This is an identifier of your computer or network when it is online. We store this data in a way which is designed to make it harder to directly identify you. To do this, the final octet of the IP address is removed. For example, if your IP address were 192.168.1.49, it would be masked to 192.168.1.XXX.
  • Our lawful basis for processing this data is our 'legitimate interests' to monitor for abuse or manipulation of our rating system.
• The details of the medical term found within your letter, the feedback category you selected, and the details of the resource you are rating or reporting.
  • This data allows us to understand which resource is affected, and why the resource was shown to you.
  • Our lawful basis for processing this data is your 'consent'. By rating a resource, you are offering consent for us to store and use that rating to adjust our current content and plan future content.

3.4. When you browse the website as a administrator

In addition to section 3.1, we collect:

• Your email address and your chosen username for the site
  • We use this to allow you to reset your password, if you forget it.
  • Our lawful basis for processing this data is your 'consent'.
• Details of your interactions with the site
  • We collect information about your actions within the administrator panel, in order to provide an audit log.
  • Our lawful basis for processing this data is our 'legitimate interest' to understand and monitor for acceptable use of the administrator panel.

4. Who we share information with

4.1. Microsoft Azure

We use Microsoft cloud services to deliver this application. This means that we share your personal information with Microsoft in order to deliver essential features of the application. When you upload a medical letter, for example, it is temporarily processed on a Microsoft server in order to allow us to deliver an explanation. You can read more about how Microsoft process your data in their Data Protection Addendum.

The use of Microsoft services is essential to the functionality of this application, and it is not possible to opt out of data sharing with them unless you cease to use the application.

4.2. Microsoft Azure OpenAI

From time-to-time, we may deliver additional information using services provided by Microsoft Azure, as part of their OpenAI features. If this feature is currently active, it will be indicated to you before you upload a letter. When this feature is active, we may share the contents of your medical letter with Microsoft Azure OpenAI for the purposes of providing aspects of the explanation which you receive. When this feature is active, your letter may be retained for up to 30 days by Microsoft for moderation purposes. You can read about how Microsoft process your data on their AI Services Privacy Page.

4.3. Informatics Solutions

Informatics Solutions Limited provide technical and logistical support with the operations of this website.

Under normal circumstances, they will not access any of the personal information you upload to this service. From time-to-time, and with explicit permission, Informatics Solutions may access personal data for the purposes of troubleshooting and development. This will be organised outside of this agreement.

4.4. Sentry

We use a cloud-based service called Sentry to track errors in our system, so that we can identify and resolve them quickly. When an error is logged, Sentry process and store information about the error, the web browser, operating system, and account (if logged in) inline with their Data Processing Addendum.

4.5. UserWay

To help give people more options to use view our site in a way that works for them, we use a system called UserWay to provide an interactive menu on our site. When you load any pages, or interact with this menu, UserWay process data about your connection. You can read more details in their Privacy Notice.

5. Where will we transfer your information?

We store the majority of information that we process in the UK or the European Economic Area. This means that similar data protection law applies to all the data we store. Some systems we use may transfer your data outside of this region. In those cases, we use data protection agreements with the companies processing data, to ensure that similar standards of data protection are adhered to.

6. How long will we keep your information?

The most sensitive personal information that we process is the medical letters that you upload. We retain uploaded medical letters for no longer than is required to process them and deliver a result to you. This typically means that they are stored for under 5 minutes.

Other, less sensitive, but still personal, categories of data, such as website visitor information, are stored for longer durations. Information on our data retention practices is available upon request.

7. What if you are unhappy or have questions?

The Data Protection Officer for this service will be listed on the Participant Information Sheet which you were been provided with before you agreed to take part in the study. You may contact them at any time to ask questions, raise concerns, or give feedback.