We are committed to ensuring that your information is secure.
In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safe guard and secure the information we collect.
We only collect data that is relevant to your treatment / management and is necessary for us to deliver the best possible service.
We will ensure that all members of our team take the necessary steps to protect the personal data they hold against accidental loss or unauthorised access.
Collection of personal information:
In addition to your basic contact information (name, date of birth, telephone numbers and address), we will collect other relevant details including your current and past medical history, medication, your GP, the findings from our assessment, your treatment records and your goals for the future.
We will also collect your payment details.
We may also store associated, relevant information that we receive from other healthcare professionals, as part of your ongoing care.
We process the data because it is in our legitimate interests as expert clinicians to do so.
We also process personal data pursuant to our legitimate interests in running our business such as:
- Invoices and receipts
- Accounts, VAT and tax returns
- Personal details, including bank details of our associates
- CVs of prospective candidates
How we use this information:
The information we collect is used to ensure that we provide you with the best and most appropriate treatment / management.
We use your contact information to get in touch with you and to send you invoices.
From time to time, we will need to liaise with other professionals involved with your care, such as your GP, hospital consultant, orthotist or other members of the multidisciplinary team.
We will only do this with your consent and when it is necessary to your physiotherapy treatment / management.
The Rights of an Individual
Under the Regulations an individual has the following rights with regard to those who are processing their data:
- Confidential health data cannot be held without the individual’s consent (however, the consequences of not holding it can be explained and a service withheld)
- Data cannot be used for the purposes of direct marketing of any goods or services if the client has declined their consent to do so.
- Individuals have a right to have their data erased and to prevent processing in specific circumstances:
- Where data is no longer necessary in relation to the purpose for which it was originally collected
- When an individual withdraws consent
- When an individual objects to the processing and there is no overriding legitimate interest for continuing the processing
- Personal data was unlawfully processed
- An individual has a right to restrict processing
- Clients can ask, in writing to the data controller, to see all personal data held on them, including e-mails and computer or paper files. The data controller must comply with such requests within 30 days of receipt of the written request.
For further more detailed information please refer to our Data Protection Policy.