Privacy Statement

Last modified: 26/9/2017

At HealthUnlocked we believe in the potential of shared experiences to transform lives and uncover understanding in health. Because this may involve you sharing sensitive information about your health and treatment we also believe in the importance of clear and transparent privacy guidelines. As a user it’s important you know how we use and share your data and how you can control what happens to information you share in HealthUnlocked.

Here’s a simple guide:

1. Sharing and Controlling Information

Who are you?

HealthUnlocked is owned and operated by Everything Unlocked Limited registered in England and Wales under company number 6596274. Its registered office address is: First Floor, Clover House, 147-149 Farringdon Road, London EC1R 3HN, United Kingdom

Who can see my personal identifiable information?

None of your personally identifiable information (i.e. email address, postcode/zipcode, date of birth) is ever visible to other users or third parties without your explicit consent. We encourage you to choose a non-identifiable username as this is visible to other users.

Who can see the blogs and questions I write?

You always choose which groups of users can see the posts and questions you publish. You can either restrict your post/question to users of the particular HealthUnlocked community on which you are posting, or share it for others on the web. If there is anything which you are not comfortable sharing with the HealthUnlocked community, you should not include it in your posts, questions, comments, or answers.

Who can see my non-personally identifiable information?

HealthUnlocked may anonymize and aggregate information collected through the site (e.g. polls, symptom surveys, etc). This information may then be published as a study or shared with our research partners. You can always control whether your information is used in this way by following the instructions below.

How can I control who sees my information?

You always control who can see your information and how it is shared. At any time you can change your data sharing settings to stop sharing information you submit with our research partners. You will still able to use our site.

Will I be contacted for research purposes?

We may contact you for research purposes, such as taking part in surveys or clinical trial recruitment. In this case it will always be HealthUnlocked that contacts you, not a research partner directly as we never share your email address with third parties. You can opt out of being contacted for research purposes at any time.

2. Who can access information and how

Patient Organizations and other Affiliates

Health organizations and other affiliates of HealthUnlocked can access and export anonymized and aggregated data reports from users within their HealthUnlocked community who have chosen to share their data. An affiliate refers to any non-profit health organization, patient group, individual, hospital, or medical professional with which HealthUnlocked is in partnership and who has agreed to and filled out the Terms of Engagement for Affiliates.

Doctors and other Healthcare Professionals

HealthUnlocked welcomes Healthcare Professionals (HCPs) using both the HealthUnlocked Communities® and the HealthUnlocked In Clinic® systems. When Doctors and Healthcare Professionals use HealthUnlocked to manage their patients online, information will not be made available to them unless a patient chooses to share this information with them. If patients consent, this information can also be used and aggregated for research and audit by the doctors in their academic studies.

Institutions and Industry

Health Institutions (e.g. NHS or Department of Health) and Companies (Pharmaceuticals or Medical Devices) use HealthUnlocked Discovery® and other services to research the experience of patients. This may be analysis of data submitted by users of the HealthUnlocked service, or through more structured studies alongside doctors and patients. This only happens where users give their consent to share information and users can opt out at any time as set out above.

3. Clinical Information

Do you store clinical information?

We offer a system that has an ultra-secure database for clinical data storage (compliant with regulations) and a separate database to allow patients to control their own data. This satisfies the ethical and legal requirements of safety of clinical data whilst providing the flexibility needed to offer secondary data services.

Is HealthUnlocked integrated with hospital systems?

Only for HealthUnlocked In Clinic® premium services. However, we do offer to all our UK based doctors users a system that is connected with the N3. Where we store clinical data this is usually under a contract with a NHS body under which the NHS body retains responsibility for how the data is used. You should read their privacy policy for more information about how they use your personal data.

4. The HealthUnlocked business model

The HealthUnlocked basic services are free for users and affiliates (e.g. non-profit health organizations). In addition to our licensed software such as HU In Clinic®, Communities® or Discovery® we work with research partners allowing them to access anonymized and aggregated data from HealthUnlocked services.

This only happens where users give their consent to share information and users can opt out at any time as set out above.

5. Privacy and Security

HealthUnlocked provides industry standard security across all of our platform and comply with health IT standards. In addition, we have secure connections (HTTPS) with 128 bit encryption certificates across all the areas where personal details are used and stored. All passwords assigned during the signup processes are protected using salted cryptographic hashing, and cannot be decrypted.

Our patients store is hosted in a protected environments with secure backups performed regularly and compliant with ISO 27001 and HIPAA. We update our security system regularly and perform ongoing research on new practices and technologies that can improve our services.

Our clinical store is hosted in a protected environment with secure backups performed regularly, compliant with ISO 27001 and connected to the NHS N3.

HealthUnlocked has also Department of Health Information Governance Toolkit 14 certification. This has been independently audited by TIAA.

Our service is hosted on third party servers. We have contracts in place with our third party service providers which require them to implement security measures to protect the data they hold and the current security provisions in place are described above.

Does HealthUnlocked use cookies or other tracker technologies?

HealthUnlocked uses cookies to provide basic site functionality and to improve the performance and user experience throughout the site. We may also store encrypted information about you using cookies which we can access when you visit our site in the future.

Learn more about HealthUnlocked, cookies and how you can control which cookies are used here.

6. Policy Towards Minors

Children under the age of 16 are prohibited from creating an account and becoming a member of HealthUnlocked. In registering as a member you are acknowledging that you are aged 16 or above. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we take steps to remove such information and will delete the child’s account.

7. Communications With You

By becoming an account holder, you agree that we may provide you with information about Our Site (whether by email or any other medium) that we consider appropriate. You may opt-out of receiving these materials and notifications in the "Settings" area of your account or by writing to or emailing us to inform us that you wish to be removed from our contact list.

8. If you need more information

How do I make a subject access request?

Please put your request in writing and send it to HealthUnlocked, First Floor, Clover House, 147-149 Farringdon Road, London EC1R 3HN, United Kingdom. We reserve the right to charge a fee of £10.

Have additional questions?

Please contact us at