When you ask us to consult with (and treat) you regarding your health, it forms a Contract. As such you grant us permission to use your personal data and health history so that we can provide those services to you: without this data we cannot help you.
In order to provide the highest quality of care we may also contact you regarding things of legitimate interest to you (or, occasionally, us): this includes information about things like appointments, exercises, advice, hints and tips directly related to you/your treatment.
At ChiroPractical we keep your information on paper (hard-copy) patient cards. Out of hours, these are kept locked in a cabinet, in a locked room, in a locked building.
We may also use some of your data for Clinic Auditing and for statistical purposes. We ensure that no individual can be identified in these circumstances. Such records are held on a password protected computer and each document is also password protected.
We will never share your information with anyone who does not need access to it without your written permission.
Those who have access to your data in the clinic are under legal obligation to keep that data confidential. That includes
- your practitioner/s so they can provide treatment, and
- the welcome team (receptionists) and/or admin team, who have access to your non-medical data, so they can book you in, take payments, send receipts etc.
- On the very rare occasion we use outside consultants who need access to your data, we will ensure they are fully aware of the confidential nature of this information, are GDPR compliant, and sign a non-disclosure agreement.
If you have signed up to our Newsletter “The Back Page” then MailChimp also keeps your name and e-mail address. To receive such items you will need to consent, and you may take back that consent (or unsubscribe) at any time.
As a healthcare provider we have a legal obligation to retain your records for 8 years after your most recent appointment (or until you’re 25 years of age, if this is longer). After this time, you can request that your records are deleted.
You may still request to correct, see or have a copy of the data we hold at any time. To do this, or to complain about the handling of your data please contact the Data Controller at ChiroPractical, Dr Sarah McNeil, firstname.lastname@example.org, 35a High Street, Billingshurst, West Sussex, RH14 9PP, 01403 786448. If you are not satisfied by our response, you may then contact the Information Commissioner’s Office.
This is lawful basis under which we collect and process your data.
The person requesting your personal data on behave of ChiroPractical.
This is any information you give us about your health.
As a healthcare provider we are legally bound to retain your medical records for a minimum of 8 years after your most recent visit. This overrides your “right to be forgotten”.
This is lawful basis under which we may process your data; such as sending you information relevant to your treatment.
Any data that may identify you; or others may use to their own advantage (when in the wrong hands)
We do update this Policy from time to time so please do review this Policy regularly.
In running and maintaining our website we may collect and process the following data about you, including information:
- about your use of our site; including details of which pages you viewed; resources your accessed; traffic data; location data and other communication data.
- you provided voluntarily e.g. when you register for information or make a purchase.
- that you provide when you communicate with us, by any means.
Cookies provide information about the computer used by a visitor. These cookies may gather information about your computer in order to assist us in improving our website.
We may gather information about your general internet use by using the cookie. Where used, these cookies are downloaded to your computer and stored on the computer’s hard drive. Such information will not identify you personally. It is statistical data, which does not include any personal details whatsoever.
You can adjust the settings on your computer to decline any cookies if you wish. This can easily be done by activating the reject cookies setting on your computer.
Use of Your Information
We use the information that we collect from you to provide our services to you.
Where your consent has been provided in advance we may allow selected third parties to use your data to enable them to provide you with information regarding unrelated goods and services which we believe may interest you. Where such consent has been provided it can be withdrawn by you at any time.
Storing Your Personal Data
In operating our website it may become necessary to transfer data that we collect from you to locations outside of the European Union for processing and storing. By providing your personal data to us, you agree to this transfer, storing or processing. We do our upmost to ensure that all reasonable steps are taken to make sure that your data is treated stored securely.
Unfortunately, the sending of information via the internet is not totally secure and on occasion such information can be intercepted. We cannot guarantee the security of data that you choose to send us electronically, Sending such information is entirely at your own risk.
Disclosing Your Information
We will not disclose your personal information to any other party other than in accordance with these Privacy Policies and in the circumstances detailed below:
- in the event that we sell any or all of our business to the buyer.
- where we are legally required by law to disclose your personal information.
- to further fraud protection and reduce the risk of fraud.
Third Party Links
Access to Information
In accordance with the Data Protection Act 1998 you have the right to access any information that we hold relating to you.