Healix ConneX Privacy Notice
Who are we?
Healix Health Services Limited is a provider of medical healthcare packages including flexible corporate healthcare trusts plans designed to meet the different needs of employees. Healix Health Services Limited (Healix) has a registered address at Healix House, Esher, KT10 8AB, UK and registration number 3945478.
Healix will process your personal data for the purpose of providing and improving the Healix ConneX services.
As a Healix ConneX member you will have access to the following benefits:
- Musculoskeletal (MSK) Triage Service provided by EQL Limited via a digital triage tool called Phio. EQL Limited has a registered address at Speed Medical House, Matrix Park, Chorley, Lancashire, England, PR7 7NA, company registration number 11806513
- Mental Health Triage Service provided by MindRight Limited via a digital triage tool called Limbic. MindRight Limited has a registered address at Speed Medical House, Matrix Park, Chorley, Lancashire, United Kingdom, PR7 7NA, company registration number is 12880185.
- Virtual GP Service provided by Teladoc Health UK Ltd HealthHero Solutions Ltd has a registered address at Aspect House Floor 5, 84-87 Queens Road, Brighton, England, BN1 3XE, company registration number is 05739281.
- Perci Health Limited with a registered address at 1 Vincent Square, London SW1P 2PN, UK, company registration number is 12402935.
- Digital wellbeing platform and App provided by Champion Health Ltd. Champion Health has a registered address at Physitrack PLC, 6th Floor 125 London Wall, London, United Kingdom, EC2Y 5AS, company registration number is 11456257
- MyGymDiscounts provided by Incorpore Limited, 40 Folders Lane, Burgess Hill, West Sussex, RH15 0DR, company registration number is 03997432.
Healix will share your membership data (name, address, email, phone number and date of birth) with EQL, MindRight and Champion Health to facilitate a seamless customer journey.
What is Healix ConneX?
Healix ConneX is a low-cost healthcare service aimed at employees that chose not to or may not be eligible for private cover under an existing company scheme, or to replace/supplement an existing EAP service. It is self-managed access healthcare services including Virtual GP, MSK and Mental Health triage services and supporting services (depending on your plan).
Healix ConneX is provided via the MyHealix App where you register and log in or log in using Single Sign On. You will then have access to a dashboard with different tiles dependent on your membership benefits.:
- Access to a virtual GP service available 24/7 365 days a year.
- Access to mental health assessments powered by conversational AI.
- Access to musculoskeletal assessments to triage injuries and guide recovery through digital assessment.
- Access to a wellbeing platform to improve general health, sleep and manage stress.
- Access to a digital cancer care platform for support from specialist cancer nurses by phone or message functionality.
- Access to in-person physio and mental health consultations with assigned professionals arranged to best meet individual needs depending on the level you have signed u
Clicking the tile will take you to the service. Where the service is provided outside of the Healix domain, you will be presented with a new service specific Privacy Notice.
You will have access to the MyHealix App and the service offerings 24/7 from any location.
How we collect personal information
For the purpose of setting up this scheme your employer will provide us with all the relevant information we need to be able to identify you as a member.
When you use the services, we will collect usage information and if you make a claim, we will collect information directly from you to ensure we have all the relevant information for the purpose of helping you and providing the best service. We may need to collect additional information from your treating medical professionals in order to process your claim. If this is necessary, we will require additional consent from you.
We rely on the following legal basis for processing your personal and sensitive personal data for the purpose of providing Healix ConneX Services:
- For the purpose of management of health systems and services;
- Where processing is necessary for the purpose of the legitimate interests pursued by Healix;
- Where processing is necessary for the establishment, exercise or defence of legal claims;
- Processing data may be required in the public interest, such as detection and prevention of fraud.
Healix rely on your consent to:
- Initially open a claim and start specific processing activities (i.e. assess cover);
- Obtain additional medical records from your treating medical professional;
- Share your personal data with the employer;
- Discuss your case with a family member or friend.
You should know that consent can be withdrawn at any time by sending an email containing the relevant information to the Healix Claims Team. We will endeavour to stop the processing activity, but you should be aware that where a claim has been opened or where information has been disclosed the processing activity cannot be reversed or stopped. We will retain a copy of your data for evidence and compliance with applicable legal obligations.
What Information, Purpose and Disclosure
The following table lists the types of personal information collected by us, the purposes for which it is used and who it is disclosed to.
What it is used for (Purpose)
|Who is it disclosed to
|Contact information such as name, address, email address, telephone number, date of birth, reference numbers, other contact or identification information.
To positively identify and communicate with you to provide and improve the service requested.
Health information as shared by the providers if required for service provision.
|To enable us to provide the requested service and to confirm applicable cover where required.
|Details of treating medical professionals, any associated reports or information.
|To enable us to provide the requested service and to confirm applicable cover where required.
|Costs associated with medical treatment.
|To enable us to provide the requested service, confirm eligibility of services or applicable cover where required.
Healix may furthermore disclose limited personal data to:
- Public authorities in order to comply with legal and regulatory obligations such as public health, fraud and money laundering prevention.
- Organisations involved in maintaining, reviewing and developing our business systems, procedures and infrastructure including maintaining or upgrading our computer systems. Access is always limited by organisational and technical access controls.
Sharing personal information
We will only share personal information with third parties for the purposes described in the table above. We will not disclose medical information about you or your dependants to your employer without your consent. Only in exceptional circumstances where there is a legal requirement will we disclose medical information to third parties or family members without explicit consent.
We will not transfer your data outside of the UK.
How we store data
Personal information is held on our secure servers in the UK and AWS UK.
We always aim to minimise the amount of data processed and in particular sensitive personal data. We have strict organisational and technical measures in place to protect your data at all times in compliance with our ISO27001 Certification, best practice information security, the UK GDPR and Medical Confidentiality Guidelines.
You have the right to:
- Request access to a copy of the personal information held by us.
- Request the correction of the information if it is factually inaccurate.
- Request the completion or clarification of the information if it is incomplete or equivocal.
- Request the erasure of your personal data if it has been collected in breach of the Principles of the Data Protection or if it is irrelevant or excessive.
- Complain if you consider Healix has breached its privacy obligations.
Subject Access Right
You have the right to access Personal Information held about you. To do so you must provide a written request to us including as much information as possible (reference number, dates, specific issue etc.) to enable us to comply with your request as quickly as possible. Please see contact details below.
How to Make a Complaint
If you have any concerns or a complaint regarding our collection and use of your personal data, or a possible breach of your privacy, please send them to: firstname.lastname@example.org or write to us at the address listed below.
We will treat your requests or complaints confidentially and contact you within a reasonable time after receipt of your request to address your concerns and outline options regarding how they may be resolved. We will aim to ensure that your request is resolved in a timely and appropriate manner.
If you do not believe your request is managed appropriately you have the right to escalate the request to the Data Protection Authority. In the UK you can make a complaint to the Information Commissioner, the UK independent regulator at email@example.com
Please contact the Data Protection Officer using the Contact Details below if you require any further information regarding your rights.
Any questions, comments or requests regarding this notice should be addressed to the Data Protection Officer at: firstname.lastname@example.org
Or by mail:
Group Data Protection Officer
Healix, Healix House, Esher Green, Esher, Surrey, KT10 8AB, UK
You can also find the regulatory information on the Healix Group of Companies at http://healix.com/regulatoryinfo.