In accordance with General Data Protection Regulation (GDPR) I am obliged to provide the following information on how I handle your data. The law particularly pertains to electronic data but to provide transparency I have extended this to include all data stored.
- I am totally committed to protecting the personal data of my patients in any way I can.
- I am solely responsible for questions you may have relating to this privacy policy.
- Should we be unable to resolve matters relating to complaint regarding this I will direct you to the Information Commissioners Office.
- Any updates to this policy will take the form of ‘pop-ups’ on my website and as posts on social media.
- I have no control over data you may supply to those organisations for which I provide links on my website.
- Your medical notes are kept in hard copy only, stored in a lockable filing cabinet at my home address.
- I am legally bound to retain your medical notes for a minimum of seven years. After this time should you wish your notes to be destroyed please do let me know.
- Aside from your paper medical notes, there are a number of other ways that data is collected. These are as follows:
- Patients contact me with information prior to engaging in treatment or once it has commenced. Various methods are used including telephone, text message, email and a number of social media platforms. This correspondence may contain personal information and contact details. I will only ever respond to this information, never instigate it.
I will instigate contact if pertaining to appointment scheduling or if I want to transmit a vital piece of information such as an impending period of absence to those receiving regular medicines.
Marketing or promotion of workshops etc will only be undertaken when permission has been given for me to use your data in this way. When permission has been granted clear instructions will be provided about how to withdraw permission, or ‘unsubscribe’.
I post out medicines and buy postage via Royal Mail online. Your name and address is entered into their system, but not stored for future use.
- All electronic devices used are password protected.
- Any platforms I might use that store your data will be GDPR compliant.