Diagnostic World Ltd
Last Updated: [03.07.2026]
Who We Are
Diagnostic World Ltd provides diagnostic healthcare services, including ultrasound and echocardiography, on behalf of NHS organisations and other healthcare providers.
We are committed to protecting your personal data and respecting your privacy. This Privacy Notice explains how we collect, use, store, protect, and share your personal information in line with:
- UK General Data Protection Regulation (UK GDPR)
- Data Protection Act 2018
- NHS Information Governance requirements
Contact Details
Diagnostic World Ltd
Email: info@diagnosticworld.com
Website: www.diagnosticworld.com
Data Protection Lead
Email: privacy@diagnosticworld.com
How We Receive Your Information
We may receive personal information about you from:
- GP Practices
- NHS Trusts
- Community Diagnostic Centres (CDCs)
- Integrated Care Boards (ICBs)
- Hospitals and healthcare providers
- Referring healthcare professionals
- Directly from you (e.g. enquiries, website contact forms)
Information We Collect
Personal Information
We may collect:
- Full name
- Date of birth
- NHS Number
- Address
- Telephone number
- Email address
- GP details
Health Information (Special Category Data)
We may process:
- Referral information
- Medical history relevant to your care
- Diagnostic images (ultrasound, echocardiography)
- Clinical findings and reports
- Appointment and attendance records
Website Information
When using our website:
- IP address
- Device and browser type
- Website usage data
- Cookies and tracking technologies
Why We Use Your Information
We use personal data to:
- Receive and process referrals
- Arrange and manage appointments
- Deliver diagnostic services and clinical reporting
- Communicate with patients and healthcare professionals
- Support patient care and clinical decision-making
- Respond to enquiries, feedback, and complaints
- Monitor, audit, and improve service quality and safety
- Meet NHS contractual, legal and regulatory obligations
- Prevent fraud and maintain system security
Legal Basis for Processing
We process personal data under the following lawful bases:
- Article 6(1)(e) – Public task (provision of healthcare services)
- Article 6(1)(c) – Legal obligation
- Article 9(2)(h) – Health or social care provision (special category data)
Where applicable (e.g. website cookies or marketing), we rely on:
- Consent (Article 6(1)(a))
Data Protection Principles
We ensure that personal data is:
- Processed lawfully, fairly and transparently
- Collected for specified, legitimate purposes
- Limited to what is necessary (data minimisation)
- Accurate and kept up to date
- Retained only as long as necessary
- Processed securely and confidentially
Who We Share Information With
We may share information where necessary with:
- NHS Trusts and GP Practices
- Referring and reporting clinicians
- Community Diagnostic Centres and ICBs
- Clinical and IT system providers (e.g. PACS, RIS providers)
- Regulatory bodies (e.g. CQC)
- Law enforcement where legally required
We only share the minimum necessary data and ensure all partners meet data protection and security standards.
Diagnostic World Ltd does not sell personal data.
International Transfers
We do not routinely transfer personal data outside the UK.
If this becomes necessary, we will ensure appropriate safeguards are in place in accordance with UK GDPR.
Keeping Your Information Secure
We apply robust technical and organisational security measures, including:
- Secure NHS-aligned clinical systems
- Role-based access controls
- Multi-factor authentication
- Encryption of data in transit and at rest
- Staff confidentiality agreements
- Mandatory Information Governance training
- Regular audits and monitoring
How Long We Keep Information
We retain records in line with:
- NHS Records Management Code of Practice
- Legal and regulatory requirements
- NHS contractual obligations
Data is securely deleted or destroyed when no longer required.
Your Rights
Under UK GDPR, you have the right to:
- Be informed about how your data is used
- Access your personal data
- Request correction of inaccurate data
- Request erasure (where applicable)
- Restrict processing in certain circumstances
- Object to processing (including certain non-clinical uses)
- Data portability (where applicable)
Right to Opt Out
You have the right to opt out of your personal data being used for purposes beyond your direct care, including:
- Service planning and audit (where applicable)
- Research (unless required by law or anonymised)
You can also register a National Data Opt-Out via the NHS.
Please note:
Your data will still be used where necessary for direct care, legal obligations, or patient safety.
Subject Access Requests (SARs)
You can request a copy of the personal data we hold about you.
Contact:
Email: privacy@diagnosticworld.com
We may require proof of identity before releasing information.
We aim to respond within one month, in line with UK GDPR.
Complaints
We take data protection and confidentiality seriously.
If you have any concerns about how your information is handled, please contact us first:
Diagnostic World Ltd
Email: privacy@diagnosticworld.com
We will:
- Acknowledge your complaint promptly
- Investigate fairly and transparently
- Provide a response within appropriate timeframes
If your concern relates to an NHS service, you may also contact the relevant NHS organisation.
Escalation to the ICO
If you remain dissatisfied, you have the right to complain to:
Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
Website: https://ico.org.uk
Cookies
Our website uses cookies to:
- Ensure functionality
- Improve performance
- Enhance user experience
You can manage or withdraw cookie consent via your browser settings or cookie banner.
Further details are available in our Cookie Policy.
Changes to This Privacy Notice
We may update this Privacy Notice to reflect:
- Changes in legislation
- NHS guidance
- Service developments
The latest version will always be published on our website.
Commitment to Privacy
Diagnostic World Ltd is committed to maintaining the highest standards of:
- Data protection
- Information governance
- Patient confidentiality