Privacy, GDPR and your data

Updated 13th Jul 2020

As you already know, Healthera is your local repeat medicine NHS pharmacy app. It is not as simple as that though as we need data to be able to complete requests. This data is heavily regulated (and rightly so). We want to be completely transparent about why we store and how we use data.

Here's the background

On 14 April 2016, The European Parliament approved EU General Data Protection Regulation (GDPR) into legislation.GDPR replaced the existing Data Protection Act of 1998. It took about five years of debate, voting and planning with the outcome that the new law would come into force on 25 May 2018. There are heavy fines for companies that are in blatant breach of the rules.The news was greeted with mixed reactions cross-industry. A tenth of the world's population reside in Europe and as such, a tenth of the personal information will include European data.

GDPR is designed to:

  • Standardise data privacy laws across Europe
  • Protect and empower EU user data privacy
  • Reshape the way EU organisations approach data privacy

Any organisation that collects data must ensure that they have watertight consent management processes in place.Understandably, Healthera, by our nature of business as an online NHS medicine reminder and repeat prescription app, controls data.Customers give us their personal and prescribing information where we pass it onto your GP and Pharmacy. That's about it. We are the data controller and we've taken every step to comply with, and exceed, Data Protection '98 and the more recent GDPR regulations.

Who is the data controller?

Healthera is the data controller for data that patients enter into the system. We don’t hold any patient data that sits on the spine. By law, we are required to safeguard the data as controller in order to connect both existing and new patients to you. We obtain all the patient consent for sharing data with you, so that you can provide them with prescription and other services.


Does the pharmacist own the patient data?

Patients own their own data that they put onto the app, and they consent to sharing their data with you so you have authority to use the data they enter to provide them with services.


What are your intentions to patient data?

We are very clear in our privacy policy that we process patient data in order to provide them with medical compliance, repeat prescription ordering, and pharmacy communication services. We use aggregated and anonymised data to study and optimise user experience.


Are you ever going to market directly to my patients?

We don’t market to patients. We occasionally send patients emails when new features come out on Healthera. If we did market anything, it would be something that your pharmacy offers so that it increases your revenue. You could opt-in or opt-out of any of our future plans when they are ready.


Are you going to become an online pharmacy? or are you owned by an online pharmacy?

No, because it is not in our best interest. It undermines the pharmacy platform model that we have invested heavily in building. Should the Healthera service ever differ substantially to what you've signed up for, you have the right to cancel your contract.


What is going to happen if I decide not continue using Healthera?

We will keep your pharmacy listed on a very basic free service, so that your patients can still use the app.


If you're keen to know more about data privacy and GDPR compliance, please check out our substantial privacy and cookie policies that can be found by clicking on the links or at the bottom of each and every page on this website.

For more detailed enquiries, please email our DPO using dpo@healthera.co.uk.

Recommend to Family & Friends: