Privacy Notice for new and existing patients under the GDPR
When you supply your personal details to this practitioner/clinic they are stored and processed for 4 reasons:
- We need to collect personal information about your health in order to provide you with the best possible treatment. Your requesting treatment and our agreement to provide that care constitutes a contract. You can, of course, refuse to provide the information, but if you were to do that we would not be able to provide treatment.
- We have a “Legitimate Interest” in collecting that information, because without it we couldn’t do our job effectively and safely.
- We also think that it is important that we can contact you in order to confirm your appointments with us or to update you on matters related to your medical care. This again constitutes “Legitimate Interest”, but this time it is your legitimate interest.
- Provided we have your consent, we may occasionally send you general health information in the form of articles, advice or newsletters. You may withdraw this consent at any time – just let us know by any convenient method.
We have a legal obligation to retain your records for 7 years after your most recent appointment, but after this period you can ask us to delete your records if you wish. Otherwise, we will retain your records indefinitely in order that we can provide you with the best possible care should you need to see us at some future date.
Your records are stored:
- On paper, in locked filing cabinets, in my home office, which has restricted access.
- Electronically (“in the cloud”), using a specialist medical records service. This provider has given us their assurances that they are fully compliant with the General Data Protection Regulations. Access to this data is password protected, and the passwords are changed regularly.
- On my office computers. These are password-protected, backed up regularly, and stored securely outside of working hours.
We will never share your data with anyone who does not need access without your written consent. Only the following people/agencies will have routine access to your data:
- The medical records service who store and process our files
- Your practitioner(s) in order that they can provide you with treatment
- Our reception staff, because they organise our practitioners’ diaries, and coordinate appointments and reminders (but they do not have access to your medical history or sensitive personal information)
- Other administrative staff, such as our bookkeeper. Again, administrative staff will not have access to your medical notes, just your essential contact details.
Privacy Notice For Website visitors:
Louise Collyer Acupuncture is committed to protecting the personal information of all visitors to this web site. The obligation to keep personal information secure is recognised and it is important for you to know how we treat information about you.
Users of this website can visit the site without revealing their identity or providing information about themselves.
We collect information directly from users when they voluntarily submit their personal information to us. At certain parts of our website, we may (now or in the future) provide the opportunity for users to register for an event or order goods, join a mailing list, request information or book something.
When this sort of information is collected we will provide the reason for collection and how the information will be used. We reserve the right to add to this list of opportunities available to our users to interact with us. It is completely up to users to provide us with their personal information.
Use of collected information
Generally, visitors are informed of the use of their personal information at the time of collection. Normally, personal information provided or collected is used to respond to inquiries or to process requests.
Security of collected information
Louise Collyer Acupuncture maintains strict physical, electronic and administrative safeguards to protect user’s personal information from unauthorised or inappropriate access. Workers, affiliates and business partners who misuse a user’s personal information are subject to legal or disciplinary actions.
Rights of website users
Users of our website may review and update any personal information that is provided to us or collected through this website and actually stored by us.
Louise Collyer Acupuncture will respond appropriately to users request to correct inaccurate personal
information and all complaints relating to the collection, storage, use and disclosure of personal information will be dealt with promptly in a confidential manner.