Health Call VirtualCare Privacy Policy 

This notice explains how your personal data is processed for the provision of the Health Call VirtualCare Platform.

References in this Privacy Policy to “we” and “us” are to Health Call Solutions Ltd (company number 10218146).

It is important that you take time to read it carefully. This Privacy Policy sets out the basis on which any personal data we collect from you or that you provide to us will be processed by us. By using the Health Call VirtualCare Platform you are agreeing to its terms.

When you use our VirtualCare Platform, you trust us with some information, this can be personal and also non-personal. In legal terms we are described as the “data processor” of the personal data you provide to us.  This is a legal term used to de-scribe the person or organisation which processes personal data under the controller’s instructions. The data controller for the service provided through Health Call is your hospital.

Health Call Platforms and Applications will be referred to as ‘VirtualCare’ ‘Applications,’ ‘Services’ or ‘our Services’ throughout this document.


Heath Call Solutions Ltd are a unique NHS-owned digital health company. We were set up to share digital health expertise and resources to drive down the costs of health and care provision – whilst also improving outcomes for the population. You can find out more about us on our website by clicking here.

The Heath Call VirtualCare platform provides services to multiple trusts and pro-cesses data on their behalf. The data controller for this appointment is your hospital. To find the relevant privacy policy, search for the name of hospital online where you have your appointment or see the list below.


The information stored on the VirtualCare Platform includes:

  • Date of Birth
  • NHS No
  • Mobile Number
  • Email address
  • Sex
  • Local Patient Identifier

Source of information: NHS organisation


You have the right to object to our use of your personal data or ask your NHS organisation (Data Controller) to remove, delete or stop using your personal information. You may ask your NHS organisation (Data Controller) to restrict the use of your data if the data is not accurate or your personal information is no longer relevant.

If you want to restrict how we use your data or ask us to delete it or restrict how we use it, please contact your NHS organisation (Data Controller) where your data is located.

All rights requests will be managed and responded to under the instruction of the data controller. The data controller is your NHS organisation.


The information we receive reaches us electronically originating from your NHS organisation.  Where it is within our control, we will put measures in place to ensure that “in-flight” data is secure.  However, we use appropriate procedures and technical security measures to safeguard your information across all our computer networks. Unfortunately, the transmission of information via the internet is never completely secure and we cannot guarantee the absolute security of information transmitted to us.

Detailed below are other data processors which could be involved in the delivery of the service:

  • AWS are a data sub-processor for the data centre hosting services that they provide to us
  • Servita are a data sub-processor completing development on the Virtual Ward platform and live support services.
  • MongoDB Atlas are a data sub-processor for the storage of information relating to a Virtual Ward

We have Data Processor Agreements in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us or further sub-processors who must comply with our Data Processor Agreement. They will hold your personal data securely and retain it for the period we instruct.


We understand the importance of taking extra precautions to protect the privacy and safety of children using the internet. If you are aged 13-15 you cannot access The Health Call Virtual Ward Platform.  If you are 16 or 17 you may not be able to view or manage your Virtual Ward; This is because some NHS organisations require you to be aged 18 or over to access this service.


We never disclose personal data to third parties without the consent of the individual concerned or other reasonable justification.

It may be necessary − by law, legal process, litigation, and/or requests from govern-mental authorities within or outside your country of residence or the hospital (Data Controller) – for Health Call to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. We will inform the NHS organisation (Data Controller) of any legal requirements to disclose your information unless the law prohibits us from doing so.


We may need to update this Policy from time to time as our business changes.  We will endeavour to tell you in advance by sending a service message to you if we hold your email address.  Otherwise please look out for the flags on our application which indicate that we have changed this policy.  If you continue to use our Services after we have changed our Policy, you will be deemed to have accepted the changes.


If you have any questions or concerns about this Privacy Policy or data processing or if you would like to make a complaint about a possible breach of local privacy laws, please contact the NHS organisation (the Data Controller) where your appointment is located.


You are welcome to get in touch with us to discuss your information at any time at [email protected]

Last updated: 5th June 2024.