Data Protection Policy
This policy endeavours to explain clearly the details of the information collected about you, how it is used and protected, and your data rights.
Data Protection Law
The Data Protection Act 2018 sets out the framework for data protection law in the UK and it came into effect on May 25th 2018, this includes the General Data Protection Regulations (GDPR) under EU law. All organisations or individuals involved in the holding and processing of sensitive data must be registered with the Information Commissioner’s Office (ICO). Louisa is registered with the ICO.
Why collect data?
Physiotherapists are required by their regulatory and governing bodies; the Health & Care Professions Council (HCPC) and the Chartered Society of Physiotherapists (CSP), to record, maintain and process medical records to provide safe and effective care.
What data is collected?
Personal data collected includes;
- Names, date of birth, addresses, telephone numbers and email addresses.
- Bank details in relation to payment (these will not be stored).
- Contact details of next of kin.
Sensitive data collected includes;
- Information about an individual’s mental and physical health.
How is data collected?
- Face to face
- Electronic communications i.e. secure email
Sharing of Data
- Clients will be asked whether they consent to communication with doctors, other healthcare workers and family members.
How is my data protected?
- Health professionals are trained in the appropriate handling of confidential information.
- Cliniko is the digital Allied Health Practice Management System used for clinical notes. It is compliant with data protection laws and has preventative measures to ensure your data is not lost.
- Digital information is password protected.
- Egress allows email correspondence to be encrypted.
What are my data rights?
- You have the right to be informed about how we collect and use your personal data.
- Sensitive Personal Data will only be processed with the explicit consent of the appropriate individual, or as otherwise permitted by the Act.
- By law medical records must be retained and stored for eight years.
- You have the right to request that any inaccurate information is corrected subject to certain exemptions and limitations under the Act.
- You have the right to request access to your information. This is known as a Subject Access Request (SAR). This is subject to certain exemptions and limitations set out in the Act. Any such written requests will be responded to as soon as is reasonably practicable and within statutory time limits.
Changes to this Privacy and Data Protection Policy
This Privacy and Data Protection Policy may be updated, modified or changed at any time, in accordance with the law. Any changes will be detailed here. If you continue to use this service after implementation of these changes you consent to be bound by any such changes.
The information contained in this website is for general information purposes. Every effort will be made to keep the information up to date and correct. However, no warranties are made about the completeness and availability of the website or the information, services and related graphics contained on the website.
Through this website you are able to link to other websites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. These are external sites so there is no control over the confidentiality or availability of them.
No responsibility or liability is taken for any event beyond our reasonable control such as viruses or other malicious technologically harmful software. You should ensure that you use appropriate virus checking software and firewalls.
Necessary cookies: These enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.
Analytics cookies: Analytics cookies help to improve the website by collecting information on the number of visitors to the website and the most popular content. The cookies collect information in an anonymous form. These cookies will not be used unless you enable them.