The Healthcare Financial Management Association ("HFMA") or ("we") believe it is important to protect your privacy and we are committed to giving you a service that meets your needs in a way that also protects your privacy. This policy explains how we may collect information about you and then use it to meet your needs.
HFMA recognises The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) adopted 27 April 2016, the two-year transition period and the application date of 25 May 2018 and is actively working towards compliance with that directive.
HFMA shall, so far as is reasonably practicable comply with the Data Protection Principles laid out in legislation.
1. Collecting information
- We may collect personal information from a number of sources, including the following:
- from you when you agree to take a service or product from us, in which case this may include your contact details, date of birth, how you will pay for the product or service and your bank details
- from you when you contact us with an enquiry or in response to a communication from us, in which case this may tell us something about how you use our services.
2. Using personal information
2.1 HFMA will use personal information for the following purposes:
- to identify you when you contact us;
- to help identify products or services which you could have from us or selected partners from time to time. We may do this by automatic means using a scoring system, which uses the information you have provided, any information we hold about you and information from third party agencies (including credit reference agencies);
- to help administer, and contact you about improved administration of, any accounts or services we have provided before, or provide now or in the future;
- to carry out marketing analysis, conduct research, including creating statistical and testing information;
- to help to prevent and detect fraud or loss;
- To contact you in any way (including mail, email, telephone, text or multimedia messages) about services offered by us and/or selected partners unless you have previously asked us not to do so;
- To offer the benefits of HFMA Affiliate membership, such as copies of the member magazine, e-newsletter and HFMA webinars.
2.2 We may allow other people and organisations to use information we hold about you, if we have been legitimately asked to provide information for legal or regulatory purposes or as part of legal proceedings or prospective legal proceedings.
2.3 We may monitor and record communications with you (including phone conversations and emails) for quality assurance and compliance reasons.
2.4 In connection with this contract we may carry out credit and fraud prevention checks with one or more licensed credit reference and fraud prevention agencies. We and they may keep a record of the search. If you provide false or inaccurate information and we suspect fraud, we will record this. Information held about you by these agencies may be linked to records relating to other people living at the same address with whom you are financially linked. These records will also be taken into account in credit and fraud prevention checks. Information from your application and payment details of your account will be recorded with one or more of these agencies and may be shared with other organisations to help make credit and insurance decisions about you and members of your household with whom you are financially linked and for debt collection and fraud prevention. This includes those who have moved house and who have missed payments. If you provide false or inaccurate information to us and we suspect fraud, we will record this and may share it with other people and organisations.
2.5 If you need details of those credit agencies and fraud prevention agencies from which we may obtain and with which we may record information please write to our Data Protection Controller at HFMA, 1 Temple Way, Bristol, BS2 0BU.
3. The internet
3.1 If you communicate with us using the Internet, we may occasionally email you about our services, including but not limited to the benefits associated with Affiliate Membership, as set out in 2.1(g) above. When we first contact you in this way, we will give you the opportunity to say whether you would prefer us not to keep you informed of other products and services by email. Alternatively, you can always send us an email (at the address set out below) at any time if you change your mind.
3.2 Please remember that communications over the Internet, such as email and webmail (messages sent through a website), are not secure unless they have been encrypted. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
5. Further information
This policy applies to personal information we hold about individuals. It does not apply to information we hold about companies and other organisations.
6. Review and monitoring
This policy is subject to review and any complaints or queries about this policy should be directed to the Chief Executive. This policy will be reviewed every three years and approved by the Board of Trustees.
Approved by Board of Trustees: January 2018
Review Date: January 2021