‘Personal information’ means any information that is capable of identifying you.
‘We’ means Medstead Physio
We collect and process data because we have a legal obligation to do so and it is adequate, relevant and limited to what is necessary.
What information we collect and when
We collect and process information when you telephone the clinic to make an enquiry or appointment, when you email us, when you access our online booking system via our website or if you visit the clinic in person.
At the point of enquiry or booking we may ask you for: Your name, your date of birth, your address your telephone number, either landline or mobile or both and/or your e-mail address. At your appointment at the clinic, we will ask for information regarding your general health, your previous health and information regarding the condition you are seeking advice about.
We will also ask for information regarding any activities you undertake, your employment and any medication you take.
We will also record the findings of a physical examination.
How we use this information
We use an electronic database that is hosted by a third party (Rushcliff Ltd) All information is kept electronically in a file that directly relates to your episode of care. Our paper notes are kept securely in a locked cupboard in a locked office in a secure GP practice.
We use this information;
1. To provide a legal record of any treatment or advice we provide
2. To ensure continuity of care
3. To contact you in regard to your ongoing treatment.
4. To contact you if new information or treatments become available that may be of benefit to you.
5. We may pass information with your permission to other medical professionals who may be involved in your care; this may include GPs, consultants, occupational health departments, other Health and Care Professions and/or your health insurance company.
6. We may use your information for quality feedback purposes.
7. We may use your information for audit purposes.
We do not pass on your information for commercial purposes.
We take all reasonable steps to ensure that our information is kept up to date and rectified if necessary. It is also your responsibility to inform us if any personal information changes.
How long we keep personal information
We have a legal obligation to retain records for 8 years after the conclusion of treatment.
If the record relates to a child or young person, the records must be kept until the patient’s 25th birthday or 8 years after death.
We may retain electronic records indefinitely for use if you return for another episode of care and for analytical purposes.
How we protect your information
We take organisational and technical security measures to protect the information against unauthorised disclosure or unlawful processing.
You are entitled to a copy of the personal information we hold about you and to have any discrepancies rectified. You can do this by written request to the address at the end of the policy.
Disclosure of your information
We may pass information with your permission to other medical professionals who may be involved in your care; this may include GPs, consultants, occupational health departments, other Health and Care Professions and/or your health insurance company.
This information may be passed on in the form of a written letter which is given to you. If this is the case, the letter becomes your responsibility and the protection of its contents is your responsibility.
If the information is passed electronically by email, it will be password protected and we will take all reasonable precautions to transmit the information securely.
All changes will be notified on our website