“Personal Information” means any information/data that is capable of identifying you.
“We” means Shoreham Physiotherapy Clinic Ltd (Data Controllers).
We collect and process data because we have a legal obligation to do so. Ensuring it is up to date, relevant and held securely for the amount of time necessary has always been and will remain our top priority.
What information we collect and when
We collect and process information when you phone the clinic to make an enquiry or appointment, when you email us and when you attend the clinic in person. We also receive communications from multidisciplinary professionals involved in your care.
At the point of enquiry or booking we may ask you for:
- Your name
- Your date of birth
- Your address
- Contact numbers; landline, mobile or both
- Your email address
When you attend the clinic for your initial appointment, we will ask you to complete or update a registration form.
At assessment and subsequent treatment we will also ask you for “sensitive data”, which will include
- Your current health
- Your previous health
- Information regarding the condition you are seeking advice about
- Activities you undertake
- Your employment
- Any medications you take
This information will be recorded alongside the findings of a physical examination.
- Pass information, with your permission to other medical professionals who may be involved in your care. This may include GP’s, Consultants, Occupational Health departments, insurance companies or other Health and Care Professionals.
- Use your information for quality feedback purposes.
- Use your information for audit purposes.
We do not pass on your information for commercial purposes and we take all reasonable steps to ensure that our information is kept up to date and rectified if necessary. It is also your responsibility to inform us of any personal information changes.
How long we keep your information
We have a legal obligation to retain your clinical paper records for 8 years after the conclusion of treatment. If the record relates to a child or young person the records must be kept until that patient’s 25th birthday or eight years after death.
We may retain electronic records indefinitely for use if you return for another episode of care and for analytical purposes.
How we protect your information
We take appropriate organisation and technical security measure to protect the information against unauthorised disclosure or unlawful processing.
You are entitled to a copy of the personal information we hold about you and to have any discrepancies rectified within the recommended time scales (excepting those of a valid medical opinion). You can do this by written request to the clinic address.
Disclosure of your information
- We may pass information, with your permission, to other medical professionals or third parties who may be involved in your care. This may include GP’s, Consultants, Occupational Health departments, insurance companies or other Health and Care Professionals. This information may be passed on in the form or a written letter given to you. If this is the case, the letter becomes your responsibility and the protection of its contents becomes your responsibility. If the information is transmitted by email we will take all reasonable precautions to transmit the information securely.
This policy is subject to changes and all changes will be notified on our website. By using our services you are agreeing to be bound by this policy.
Any questions regarding this policy and our privacy practises should be sent by email to firstname.lastname@example.org or via other methods on our website www.shorehamphysio.co.uk
Updated June 2018 to comply with Data Protection Act 1998 and replacement legislation, General Data Protection Regulations (EU) GDPR 25.05.2018