Privacy Policy for Patients
In accordance with the General Data ProtectionRegulation (GDPR) May 2018, I ( Sue Pearson) have implemented this privacy policy to inform you, my patients, of the types of data I process about you. I also include within this policy the reasons for processing your data, the lawful basis that permits me to process it , how long I keep your data for and your rights regarding your data.
Sue Pearson Physiotherapy Practice is committed to ensuring your privacy is protected.
This policy is effective from 1/05/2018.
Security of your personal information
Sue Pearson is the Data Controller ( i.e. the person who is responsible for and controls the pro-cessing of your data) at Sue Pearson Sports Injuries and Physiotherapy Practice,10 Chetwynd Road, Edgmond, Newport, Shropshire, TF10 8HJ. Tel: 01952 825897
We will take all reasonable and appropriate precautions to prevent the loss, misuse or alteration of your personal information.
Personal Data we may collect about you
We keep personal data in order to carry out effective and efficient care and to fulfil the needs of you registering for your treatment. We keep this data in the form of patients notes and on my practice management system TM3 ( Blue Zinc). Your notes are stored securely in a locked filing cabinet and within the TM3 who also adhere to GDPR regulations.
The data held consists of :
a) personal details such as: name, gender, address, email address, home and mobile tele-phone numbers
b) Medical history & medications
c) Date of birth
d) GP details
e) Consent forms
Reasons for processing your data
- To identify you
- Administration
- To send you statements, invoices & receipts
- In reply to email enquiries from you
- Statistical analysis
- Improving our services such as clinical improvement for Data for Impact with Physio First.
- For Medico legal claims as requested by yourself, solicitor or case manager. In each case writ-ten consent will be required by yourself before any information or personal data is forwarded
- Lawful basis for processing your personal data is part of my legal obligation to hold special category data when providing health care treatment (Article 9 (2) GDPR guidelines.
Other people who may have access to your data
The only other people who may have access to your personal data are TM3 ( Blue Zinc) the practice management system I use, who keep all data secure and my accountant. Both individu-ally have responsibility to keep your data secure.
How long will data be retained
All adult clinical records must be retained for 8 years after the conclusion of treatment or death.
For children and young adults ,the clinical records must be retained until the patients 25th Birth-day or 26th birthday if the young person was 17 at the conclusion of treatment. These are the recommendations of The Chartered Society of Physiotherapy and HCPC our professional govern-ing bodies.
Paper patient records are stored in lockable filing cabinets for the required 8 years and destroyed by shredding after this time. New patient electronic notes are stored on the secure practice man-agement system.
Your rights regarding your data
You may instruct us to provide you with any personal information we hold about you. This request should be made in writing to Sue Pearson Physiotherapy. Provision of such information will be subject to:
The supply of appropriate evidence of your identity.For this purpose we will usually accept a certi-fied photocopy of your passport and an original copy of a utility bill showing your current address.
We do not use your personal data for marketing purposes and will not share your data with any third party organisations.
Updating Information
Please let us know if the personal information which we hold about you needs to be corrected or updated.
I you have any queries about this privacy policy please contact Sue Pearson in writing at the above address.